Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/ydCdCSAFNPj9LQf5sdB3AS7NnOc.roa
File: ydCdCSAFNPj9LQf5sdB3AS7NnOc.roa (raw, json)
Hash identifier: BC3S698icd8XutbzOglygy5skPHsOj+fw8VBbrHXJko=
Subject key identifier: C9:D0:9D:09:20:05:34:F8:FD:2D:07:F9:B1:D0:77:01:2E:CD:9C:E7
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0D5F
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/ydCdCSAFNPj9LQf5sdB3AS7NnOc.roa
Signing time: Mon 10 Feb 2025 14:12:18 +0000
ROA not before: Mon 10 Feb 2025 14:12:18 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 203.121.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3423 (0xd5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Feb 10 14:12:18 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C9D09D09200534F8FD2D07F9B1D077012ECD9CE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f8:3c:d5:fc:43:5f:3a:77:c8:b3:4c:04:ff:
6e:b4:ea:03:4c:3a:ec:28:f3:b6:85:d4:b0:13:3e:
4a:a1:b0:ef:b6:aa:a8:55:a7:34:97:ce:ee:7f:74:
75:92:c6:00:21:ac:22:29:ee:b1:ad:19:98:c3:c7:
e4:8f:c9:41:4e:e0:f7:05:df:43:ac:46:a4:9f:79:
29:7f:ea:0c:84:b3:56:70:49:f6:eb:41:a9:11:a7:
31:d2:00:40:59:c8:0f:c5:0b:79:b5:6a:d3:e9:4b:
c8:15:5f:5e:d3:b7:62:20:82:85:fd:63:36:02:ac:
79:85:25:63:74:e0:3f:0a:40:f7:49:d2:a8:ce:c5:
e4:61:8d:2e:e3:43:e4:06:5e:92:c4:2e:12:e4:0d:
9d:25:ea:ac:ac:77:af:d0:c6:b2:01:d0:3e:68:7b:
f3:42:a2:08:22:83:3c:87:fb:82:81:86:c3:37:a8:
c6:4b:ab:ed:f7:e4:86:3e:70:fb:35:af:14:60:00:
1d:60:1d:40:75:a1:6c:65:f2:25:71:5f:6e:3a:9d:
b7:52:3b:c8:9b:e1:46:35:48:2a:34:ac:b7:68:94:
dc:b3:11:88:aa:c7:a5:71:42:f5:ff:54:02:59:9b:
13:2b:0c:85:56:7e:ca:db:50:16:1e:a6:81:e1:02:
66:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D0:9D:09:20:05:34:F8:FD:2D:07:F9:B1:D0:77:01:2E:CD:9C:E7
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/ydCdCSAFNPj9LQf5sdB3AS7NnOc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.240.0/20
Signature Algorithm: sha256WithRSAEncryption
42:13:97:f6:5f:77:a2:12:04:00:0a:93:37:ee:50:2b:b8:1a:
38:7c:01:73:64:54:35:07:12:b7:28:74:76:de:cb:bf:c2:61:
6a:e8:f1:ac:a8:8d:6e:09:05:77:54:a1:d8:81:50:e3:14:54:
f7:a2:29:93:93:92:dc:55:15:26:a5:d6:c0:c2:9e:8f:a1:53:
ce:30:54:bd:7c:14:bd:07:dc:86:c0:92:c9:65:2d:92:6d:ef:
30:ef:5f:4b:91:ba:51:98:aa:9a:21:dc:37:f7:eb:a8:63:b3:
9b:24:29:4d:a8:f2:cd:5b:c1:f6:67:30:c4:77:d1:46:4c:9c:
c2:0b:1f:99:fa:61:fe:88:73:1c:61:6c:63:d6:b0:36:1d:28:
6a:a1:98:7a:ff:58:15:9c:55:b0:ad:34:03:ba:45:db:ff:95:
c8:ce:32:fb:f7:b6:26:e1:65:8d:ad:ba:e0:37:40:60:7c:fb:
4a:34:d7:b5:27:42:07:65:21:e3:57:86:cb:d2:b5:6a:e8:d6:
8f:6f:e6:2f:2a:bb:22:bd:65:47:b1:b6:f0:f2:ac:57:d1:ac:
52:9a:fc:a3:0e:3e:97:39:25:44:5d:5d:dc:b6:37:c5:f5:a5:
62:11:52:31:cd:4b:4c:42:ac:7b:18:05:2a:a2:7c:09:57:5d:
92:43:2b:65
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDV8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx
NDEyMThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM5RDA5RDA5MjAwNTM0
RjhGRDJEMDdGOUIxRDA3NzAxMkVDRDlDRTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7+DzV/ENfOnfIs0wE/2606gNMOuwo87aF1LATPkqhsO+2qqhV
pzSXzu5/dHWSxgAhrCIp7rGtGZjDx+SPyUFO4PcF30OsRqSfeSl/6gyEs1ZwSfbr
QakRpzHSAEBZyA/FC3m1atPpS8gVX17Tt2IggoX9YzYCrHmFJWN04D8KQPdJ0qjO
xeRhjS7jQ+QGXpLELhLkDZ0l6qysd6/QxrIB0D5oe/NCoggigzyH+4KBhsM3qMZL
q+335IY+cPs1rxRgAB1gHUB1oWxl8iVxX246nbdSO8ib4UY1SCo0rLdolNyzEYiq
x6VxQvX/VAJZmxMrDIVWfsrbUBYepoHhAmb9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUydCdCSAFNPj9LQf5sdB3AS7NnOcwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS95ZENkQ1NBRk5QajlMUWY1c2RC
M0FTN05uT2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3nw
MA0GCSqGSIb3DQEBCwUAA4IBAQBCE5f2X3eiEgQACpM37lAruBo4fAFzZFQ1BxK3
KHR23su/wmFq6PGsqI1uCQV3VKHYgVDjFFT3oimTk5LcVRUmpdbAwp6PoVPOMFS9
fBS9B9yGwJLJZS2Sbe8w719LkbpRmKqaIdw39+uoY7ObJClNqPLNW8H2ZzDEd9FG
TJzCCx+Z+mH+iHMcYWxj1rA2HShqoZh6/1gVnFWwrTQDukXb/5XIzjL797Ym4WWN
rbrgN0BgfPtKNNe1J0IHZSHjV4bL0rVq6NaPb+YvKrsivWVHsbbw8qxX0axSmvyj
Dj6XOSVEXV3ctjfF9aViEVIxzUtMQqx7GAUqonwJV12SQytl
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:59:32 2025 by rpki-client