Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QKAfJxAKn1AdheRDAVtmWBh6daY.roa
File: QKAfJxAKn1AdheRDAVtmWBh6daY.roa (raw, json)
Hash identifier: ci7ykUH5wFM9ICcoyPtWPnEsTbYuh3ApCufhapRRXcQ=
Subject key identifier: 40:A0:1F:27:10:0A:9F:50:1D:85:E4:43:01:5B:66:58:18:7A:75:A6
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0D57
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QKAfJxAKn1AdheRDAVtmWBh6daY.roa
Signing time: Mon 10 Feb 2025 14:12:16 +0000
ROA not before: Mon 10 Feb 2025 14:12:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 150.129.228.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3415 (0xd57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Feb 10 14:12:16 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=40A01F27100A9F501D85E443015B6658187A75A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:24:c4:6d:7c:59:c2:bc:a9:a6:6f:dd:be:2f:
c1:98:25:90:87:cd:2e:52:66:93:2c:c7:b4:2d:f8:
a5:e7:38:92:ef:ff:07:1d:6c:b6:eb:d0:a6:b3:80:
b0:b6:ce:2b:58:15:2d:24:f4:f3:85:47:5d:f9:ef:
08:fd:88:f7:d4:0b:f4:5a:f1:bb:eb:5d:27:67:26:
f2:52:bf:21:b7:2f:c6:22:00:18:67:c7:33:f9:3b:
1a:85:46:9e:a2:3b:1b:80:73:f2:cf:4e:c5:0e:b6:
62:2e:c2:84:40:4b:80:7c:b2:c5:df:03:73:ec:77:
27:3b:72:a3:96:13:f9:37:cd:e2:c2:f1:2f:77:99:
05:5e:13:4e:68:b1:de:56:6a:14:04:e0:cd:7a:ed:
e7:32:ab:d3:cc:70:f8:a9:cc:b5:74:5c:93:cc:52:
27:f9:d4:47:74:91:b3:c4:6f:08:ff:68:ef:fa:3d:
0a:8f:92:8b:12:0b:90:8f:cc:25:b1:4b:c8:ef:99:
93:45:8b:68:00:cb:0c:3c:3a:aa:f0:9e:01:c9:47:
13:fa:57:ed:ae:8a:b8:a0:cd:02:2a:53:4a:cc:f7:
4a:2f:7e:9b:a4:9e:2e:94:f7:50:30:aa:dd:cb:dd:
e0:e4:c4:cc:c2:e8:a1:90:a5:11:8e:12:5f:ae:5b:
aa:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:A0:1F:27:10:0A:9F:50:1D:85:E4:43:01:5B:66:58:18:7A:75:A6
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/QKAfJxAKn1AdheRDAVtmWBh6daY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.129.228.0/22
Signature Algorithm: sha256WithRSAEncryption
36:39:34:59:38:15:5a:aa:c6:5b:d6:37:c1:08:e1:80:33:7d:
a7:d2:75:85:f7:e4:81:58:61:10:3e:7c:6d:5f:6a:9e:63:db:
d2:83:b0:86:8e:32:15:d1:03:0c:45:6d:93:72:10:32:f8:41:
9f:2f:c7:82:08:b0:76:45:1f:7a:f2:ed:3c:d5:14:b4:b8:cf:
ab:45:30:97:ce:56:41:88:4f:06:11:cc:65:96:8e:2a:40:2d:
63:32:f5:5b:81:c0:79:09:18:ac:a7:82:10:35:ba:7f:a3:78:
9d:e6:e2:eb:3c:07:47:d7:0f:9e:1e:9d:d6:d9:61:02:d6:d5:
23:a9:ec:1e:ad:d4:57:cb:63:d5:84:28:6d:49:f9:b1:fa:01:
51:69:7b:c9:42:d1:b1:14:74:61:c9:49:bc:01:00:ca:91:d8:
80:bf:40:69:41:6d:c8:9d:d9:cb:3a:61:d8:0f:5d:24:d8:e9:
f5:19:e3:8c:3d:b7:67:ad:66:bc:2f:3c:6b:f7:d9:8b:2c:73:
ed:9f:8e:6f:0f:58:77:04:1a:46:d4:bb:e8:69:d9:af:82:44:
d3:9b:0b:2b:06:72:70:98:e1:d4:af:55:6c:3c:fb:f1:6c:ac:
aa:ea:3e:87:d0:19:2e:7f:68:51:c1:0c:81:ec:95:45:11:bc:
ef:7d:a2:ab
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx
NDEyMTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQwQTAxRjI3MTAwQTlG
NTAxRDg1RTQ0MzAxNUI2NjU4MTg3QTc1QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtJMRtfFnCvKmmb92+L8GYJZCHzS5SZpMsx7Qt+KXnOJLv/wcd
bLbr0KazgLC2zitYFS0k9POFR1357wj9iPfUC/Ra8bvrXSdnJvJSvyG3L8YiABhn
xzP5OxqFRp6iOxuAc/LPTsUOtmIuwoRAS4B8ssXfA3Psdyc7cqOWE/k3zeLC8S93
mQVeE05osd5WahQE4M167ecyq9PMcPipzLV0XJPMUif51Ed0kbPEbwj/aO/6PQqP
kosSC5CPzCWxS8jvmZNFi2gAyww8OqrwngHJRxP6V+2uirigzQIqU0rM90ovfpuk
ni6U91Awqt3L3eDkxMzC6KGQpRGOEl+uW6obAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUQKAfJxAKn1AdheRDAVtmWBh6daYwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9RS0FmSnhBS24xQWRoZVJEQVZ0
bVdCaDZkYVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloHk
MA0GCSqGSIb3DQEBCwUAA4IBAQA2OTRZOBVaqsZb1jfBCOGAM32n0nWF9+SBWGEQ
PnxtX2qeY9vSg7CGjjIV0QMMRW2TchAy+EGfL8eCCLB2RR968u081RS0uM+rRTCX
zlZBiE8GEcxllo4qQC1jMvVbgcB5CRisp4IQNbp/o3id5uLrPAdH1w+eHp3W2WEC
1tUjqewerdRXy2PVhChtSfmx+gFRaXvJQtGxFHRhyUm8AQDKkdiAv0BpQW3IndnL
OmHYD10k2On1GeOMPbdnrWa8Lzxr99mLLHPtn45vD1h3BBpG1LvoadmvgkTTmwsr
BnJwmOHUr1VsPPvxbKyq6j6H0Bkuf2hRwQyB7JVFEbzvfaKr
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:05:40 2025 by rpki-client