Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/3h9AhrduvQy6-JZtguDPvJXsDmU.roa
File: 3h9AhrduvQy6-JZtguDPvJXsDmU.roa (raw, json)
Hash identifier: my8eD21PjxwbVTBgmaxfryfhQQe3ZAldo6n/XNPUnhc=
Subject key identifier: DE:1F:40:86:B7:6E:BD:0C:BA:F8:96:6D:82:E0:CF:BC:95:EC:0E:65
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0D60
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/3h9AhrduvQy6-JZtguDPvJXsDmU.roa
Signing time: Mon 10 Feb 2025 14:12:18 +0000
ROA not before: Mon 10 Feb 2025 14:12:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 124.109.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3424 (0xd60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Feb 10 14:12:18 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DE1F4086B76EBD0CBAF8966D82E0CFBC95EC0E65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6b:95:d3:20:f4:68:8c:aa:a4:bf:88:f1:10:
15:74:3e:89:c4:63:f5:63:41:a9:0d:0e:28:8e:f1:
07:09:01:4f:55:ef:8b:d4:0c:56:e6:5d:86:fb:6f:
c8:4e:50:0a:a1:b4:8e:2d:df:db:32:40:26:4d:29:
06:4a:5f:ac:85:0a:62:66:10:b5:8f:3c:79:55:52:
1c:34:a6:80:6c:2e:b8:0d:9b:74:ef:6c:88:d3:07:
8f:d1:56:04:c9:09:c4:7f:5e:5b:62:20:84:23:75:
b0:de:13:4f:a5:4b:5a:66:ca:0c:c9:26:fb:14:8e:
88:38:66:da:69:60:86:73:92:43:53:99:5a:a4:45:
82:fc:46:89:6c:c3:15:ab:7c:86:3c:21:f6:33:ee:
88:94:01:0c:f6:03:e8:9a:c3:00:df:37:58:61:94:
25:31:e3:16:cd:c0:c9:00:f4:dd:87:cc:db:0f:f6:
ca:72:e5:06:fd:fd:80:f1:21:17:6f:24:91:a6:a7:
10:75:af:64:3f:2d:ac:43:6a:10:26:74:df:e1:56:
b1:7a:e3:88:6d:8b:7d:82:88:4e:8c:59:3f:78:c8:
e3:16:62:05:42:d4:1e:3a:fd:08:43:27:2d:61:fa:
09:9d:81:19:a9:2b:2a:6c:6d:e2:6f:d6:7d:89:0b:
8f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:1F:40:86:B7:6E:BD:0C:BA:F8:96:6D:82:E0:CF:BC:95:EC:0E:65
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/3h9AhrduvQy6-JZtguDPvJXsDmU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.109.112.0/20
Signature Algorithm: sha256WithRSAEncryption
51:85:ed:fa:39:41:01:13:eb:77:53:de:0c:47:ca:eb:0c:61:
ac:58:6b:14:50:89:7b:7a:de:3f:5d:29:9b:a2:f7:ad:81:6e:
a4:86:ca:72:a4:fa:f2:f4:cb:5a:da:89:4b:8d:ec:b4:d0:d4:
e3:9d:00:33:40:d4:10:cc:c6:85:a5:c9:fc:1b:f5:54:35:90:
e3:8d:d7:96:f3:89:84:1b:99:79:e9:3d:33:71:2e:da:44:40:
5e:a0:07:d7:3a:fa:5a:61:60:93:8e:04:96:68:a5:11:cc:65:
a2:73:cd:29:1e:ae:12:fb:c7:90:3a:86:00:a6:2e:8c:43:d1:
42:9f:99:99:ab:55:f0:51:fa:cb:8d:92:f5:5e:1d:2b:fb:22:
ea:40:ba:2d:f7:6e:d3:b4:a8:56:f6:5e:66:9d:55:db:2e:bf:
9a:d5:1a:99:a0:e2:34:7e:fc:c1:99:31:6e:73:ac:bb:f6:a3:
2c:25:29:ab:22:81:7d:64:69:9a:66:16:1f:71:72:20:5d:7e:
29:00:b9:bb:d9:e4:df:33:70:8c:fb:90:f2:30:c9:37:72:39:
e2:1c:89:5a:c6:a2:57:0d:57:5d:7c:6c:36:56:a9:22:84:bd:
86:64:dd:80:aa:39:7f:ab:37:99:bc:75:26:d9:da:8d:f0:98:
21:b5:1a:c4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDWAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx
NDEyMThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERFMUY0MDg2Qjc2RUJE
MENCQUY4OTY2RDgyRTBDRkJDOTVFQzBFNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsa5XTIPRojKqkv4jxEBV0PonEY/VjQakNDiiO8QcJAU9V74vU
DFbmXYb7b8hOUAqhtI4t39syQCZNKQZKX6yFCmJmELWPPHlVUhw0poBsLrgNm3Tv
bIjTB4/RVgTJCcR/XltiIIQjdbDeE0+lS1pmygzJJvsUjog4ZtppYIZzkkNTmVqk
RYL8RolswxWrfIY8IfYz7oiUAQz2A+iawwDfN1hhlCUx4xbNwMkA9N2HzNsP9spy
5Qb9/YDxIRdvJJGmpxB1r2Q/LaxDahAmdN/hVrF644hti32CiE6MWT94yOMWYgVC
1B46/QhDJy1h+gmdgRmpKypsbeJv1n2JC48ZAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3h9AhrduvQy6+JZtguDPvJXsDmUwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS8zaDlBaHJkdXZReTYtSlp0Z3VE
UHZKWHNEbVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEfG1w
MA0GCSqGSIb3DQEBCwUAA4IBAQBRhe36OUEBE+t3U94MR8rrDGGsWGsUUIl7et4/
XSmbovetgW6khspypPry9Mta2olLjey00NTjnQAzQNQQzMaFpcn8G/VUNZDjjdeW
84mEG5l56T0zcS7aREBeoAfXOvpaYWCTjgSWaKURzGWic80pHq4S+8eQOoYApi6M
Q9FCn5mZq1XwUfrLjZL1Xh0r+yLqQLot927TtKhW9l5mnVXbLr+a1RqZoOI0fvzB
mTFuc6y79qMsJSmrIoF9ZGmaZhYfcXIgXX4pALm72eTfM3CM+5DyMMk3cjniHIla
xqJXDVddfGw2VqkihL2GZN2Aqjl/qzeZvHUm2dqN8JghtRrE
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:07:22 2025 by rpki-client