Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/eJzLNLjQ6DxAzr2rQtEOHBKsms8.roa
File: eJzLNLjQ6DxAzr2rQtEOHBKsms8.roa (raw, json)
Hash identifier: ypTmrfGZfByBMN9isAPlTCJEeF0kVzPQ8dme6ieuoGU=
Subject key identifier: 78:9C:CB:34:B8:D0:E8:3C:40:CE:BD:AB:42:D1:0E:1C:12:AC:9A:CF
Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial: 0D07
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/eJzLNLjQ6DxAzr2rQtEOHBKsms8.roa
Signing time: Mon 10 Feb 2025 14:02:27 +0000
ROA not before: Mon 10 Feb 2025 14:02:27 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9922
IP address blocks: 39.1.64.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3335 (0xd07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Validity
Not Before: Feb 10 14:02:27 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=789CCB34B8D0E83C40CEBDAB42D10E1C12AC9ACF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a3:1e:ba:a4:21:f8:9a:7d:c3:7f:8d:ed:13:
78:8b:0c:9e:e8:fa:4c:2b:2f:d1:fb:30:f2:27:5e:
14:29:77:40:6f:b7:25:e3:ed:6d:c7:c8:7b:5e:b1:
ce:c3:f2:5b:0b:56:61:3b:9b:93:4c:e2:8e:4e:d6:
14:77:c4:68:5c:a2:a4:25:0a:54:1b:81:ea:e0:78:
80:ef:c1:52:30:42:53:48:bb:a5:ea:01:a1:2d:70:
55:f1:57:9e:4c:2e:8a:1d:d9:94:b6:58:4b:71:06:
ce:b1:ba:90:12:0a:f8:41:cf:5d:16:b9:da:65:6b:
a2:81:27:4c:3a:10:a6:58:d9:f4:e5:83:50:1b:ad:
71:61:d7:29:b5:41:b6:99:cb:d7:a6:78:44:10:a7:
2d:64:27:bf:46:88:ad:7f:f4:35:f0:f3:56:8a:95:
c6:2f:7d:e0:2d:fd:a1:a2:c5:9c:60:4a:b6:42:2b:
f9:e5:cf:06:cb:b8:95:94:76:25:7f:7d:11:53:69:
78:55:bb:08:87:a1:98:00:93:0e:b1:62:b4:55:6d:
58:33:bc:95:03:48:30:83:d0:bf:ac:92:45:0e:98:
d8:d0:b8:ba:c2:db:bc:d9:14:51:99:40:05:d0:db:
a6:b8:1e:8b:93:26:24:87:f4:ce:0f:51:33:3a:6f:
84:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:9C:CB:34:B8:D0:E8:3C:40:CE:BD:AB:42:D1:0E:1C:12:AC:9A:CF
X509v3 Authority Key Identifier:
keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/eJzLNLjQ6DxAzr2rQtEOHBKsms8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
39.1.64.0/20
Signature Algorithm: sha256WithRSAEncryption
b0:db:35:16:2f:fb:bc:92:d4:82:09:07:20:12:a5:8d:fc:c7:
e8:ab:2c:ef:99:d0:b8:72:fa:30:ab:a8:e9:7b:0f:0c:a8:21:
7b:a5:35:e4:3d:c8:da:a6:15:88:76:00:de:c3:eb:eb:d5:85:
d4:0d:d5:d4:34:d3:91:60:c9:52:29:ae:6f:cb:a3:9a:75:fd:
8b:30:ad:b5:34:5a:39:33:9c:59:3b:96:35:69:5c:7d:21:ab:
07:41:2e:3b:5a:83:76:51:52:57:b0:3c:07:02:61:60:eb:1c:
52:75:97:78:09:f9:c9:6b:e7:f6:0d:ab:0e:2c:36:21:73:9b:
28:6a:55:2b:bb:86:86:88:72:15:09:a1:c8:30:55:40:0d:83:
2c:48:7b:8a:6a:3a:7e:f0:3d:cf:64:22:da:8e:c3:1c:63:18:
1b:88:1b:22:e8:2b:1d:06:b1:10:47:dd:73:94:d6:7e:c2:d5:
da:fe:dd:a7:42:3e:26:3e:ed:b2:3a:ec:9f:c9:9e:8f:87:12:
14:cc:26:28:2d:ef:e7:67:40:f9:f6:7d:d2:1c:fc:5c:92:7e:
30:81:04:c7:d9:7e:dd:fe:12:23:38:3d:d7:ed:81:42:7d:59:
f8:44:30:da:12:a5:0a:ca:e3:36:2a:c5:97:d6:71:d3:df:9a:
ea:52:35:c7
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDQcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yNTAyMTAx
NDAyMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc4OUNDQjM0QjhEMEU4
M0M0MENFQkRBQjQyRDEwRTFDMTJBQzlBQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjox66pCH4mn3Df43tE3iLDJ7o+kwrL9H7MPInXhQpd0BvtyXj
7W3HyHtesc7D8lsLVmE7m5NM4o5O1hR3xGhcoqQlClQbgergeIDvwVIwQlNIu6Xq
AaEtcFXxV55MLood2ZS2WEtxBs6xupASCvhBz10Wudpla6KBJ0w6EKZY2fTlg1Ab
rXFh1ym1QbaZy9emeEQQpy1kJ79GiK1/9DXw81aKlcYvfeAt/aGixZxgSrZCK/nl
zwbLuJWUdiV/fRFTaXhVuwiHoZgAkw6xYrRVbVgzvJUDSDCD0L+skkUOmNjQuLrC
27zZFFGZQAXQ26a4HouTJiSH9M4PUTM6b4SlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUeJzLNLjQ6DxAzr2rQtEOHBKsms8wHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9lSnpMTkxqUTZEeEF6cjJyUXRF
T0hCS3Ntczgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJwFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCw2zUWL/u8ktSCCQcgEqWN/MfoqyzvmdC4cvow
q6jpew8MqCF7pTXkPcjaphWIdgDew+vr1YXUDdXUNNORYMlSKa5vy6Oadf2LMK21
NFo5M5xZO5Y1aVx9IasHQS47WoN2UVJXsDwHAmFg6xxSdZd4CfnJa+f2DasOLDYh
c5soalUru4aGiHIVCaHIMFVADYMsSHuKajp+8D3PZCLajsMcYxgbiBsi6CsdBrEQ
R91zlNZ+wtXa/t2nQj4mPu2yOuyfyZ6PhxIUzCYoLe/nZ0D59n3SHPxckn4wgQTH
2X7d/hIjOD3X7YFCfVn4RDDaEqUKyuM2KsWX1nHT35rqUjXH
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:04:32 2025 by rpki-client