Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/2hSF_tSTX6o_hA2GZa69uSr7aYw.roa
File: 2hSF_tSTX6o_hA2GZa69uSr7aYw.roa (raw, json)
Hash identifier: 0xknZb1nBEpcxkczaNUmnA6PAHuKCYYJg2j36YRP5+Q=
Subject key identifier: DA:14:85:FE:D4:93:5F:AA:3F:84:0D:86:65:AE:BD:B9:2A:FB:69:8C
Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Certificate serial: 0D5F
Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/2hSF_tSTX6o_hA2GZa69uSr7aYw.roa
Signing time: Mon 10 Feb 2025 14:13:15 +0000
ROA not before: Mon 10 Feb 2025 14:13:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 61.58.160.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3423 (0xd5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Validity
Not Before: Feb 10 14:13:15 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DA1485FED4935FAA3F840D8665AEBDB92AFB698C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a2:39:ec:b2:ee:9f:b1:4a:f1:4f:b2:78:2e:
6e:04:ef:40:bf:90:b8:77:2c:68:cb:e4:ac:fb:17:
75:a6:40:f6:0d:42:02:87:91:0e:83:0b:d5:03:40:
6f:c3:52:2c:13:8f:78:fd:e5:a3:2b:93:94:43:94:
70:e9:71:e8:1f:70:40:d0:0b:2c:f5:db:33:3d:9d:
25:a0:d6:90:42:89:e9:04:63:08:83:33:30:41:44:
95:67:30:6c:78:44:69:12:4b:0e:69:5c:93:df:70:
1b:4d:8a:4e:f0:43:dd:87:b6:6c:cd:0b:b2:c6:86:
3f:b3:b6:a8:5a:20:4e:37:3d:50:3f:f2:85:d5:d3:
5c:41:81:b5:9e:a8:01:57:89:66:a4:95:2f:d1:c8:
51:d4:a4:98:00:67:3d:d6:35:af:69:a3:4d:7a:18:
ec:3a:e0:a9:3c:64:58:e8:15:06:a5:2d:48:b5:7e:
bb:ea:47:1d:5d:2b:14:72:b0:32:e2:95:c3:2d:fd:
2b:fd:a1:ba:8a:44:72:10:43:c1:ec:46:6c:e0:be:
4e:34:78:69:ac:e7:d8:b4:65:a5:c1:78:be:f8:58:
53:f6:7c:0c:41:fc:ed:8b:a4:c1:b4:2d:4b:fe:db:
fe:04:83:67:3b:bf:2a:6d:e2:9c:b6:1f:0d:d8:b0:
28:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:14:85:FE:D4:93:5F:AA:3F:84:0D:86:65:AE:BD:B9:2A:FB:69:8C
X509v3 Authority Key Identifier:
keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/2hSF_tSTX6o_hA2GZa69uSr7aYw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.58.160.0/19
Signature Algorithm: sha256WithRSAEncryption
23:00:cc:da:8f:12:d0:ab:20:84:28:66:05:04:22:93:27:60:
68:45:f6:bd:6d:00:cc:83:ad:8a:91:6c:80:84:9c:71:e0:f2:
6e:54:f6:27:f9:a9:90:fe:95:84:a5:98:2b:86:01:ea:f8:a0:
5e:59:59:f7:99:e8:76:74:19:b4:f6:98:b1:22:aa:34:8e:65:
b8:7d:15:3d:0b:22:e3:27:72:5f:88:45:38:4c:97:76:70:2f:
d0:77:84:5b:e8:00:3b:2c:c2:bf:60:78:4d:92:5d:1e:4f:99:
7f:05:15:91:9b:eb:9a:ec:31:80:79:a5:b5:41:67:9a:fe:75:
08:0b:98:3c:80:8d:c7:89:8b:36:c3:75:bf:69:42:f5:69:e1:
8e:d7:71:1e:4d:85:df:66:d4:cf:3f:c7:3f:5a:fe:09:78:29:
21:87:6d:cb:5a:ba:83:42:2e:ce:c3:1c:a1:07:2f:31:f5:f9:
0f:04:52:0b:89:b9:c4:c9:4f:21:e6:41:c6:44:05:5c:1a:a4:
5e:a7:45:cf:43:c0:8e:88:53:bb:61:07:5d:1c:ce:e4:c2:11:
a9:ed:c0:c7:5f:e1:26:85:72:04:6d:61:80:15:14:89:a0:3a:
14:f6:00:5e:f7:9f:a8:37:ed:31:62:03:1e:65:be:c8:70:f6:
95:67:ca:62
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDV8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy
NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx
NDEzMTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERBMTQ4NUZFRDQ5MzVG
QUEzRjg0MEQ4NjY1QUVCREI5MkFGQjY5OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4ojnssu6fsUrxT7J4Lm4E70C/kLh3LGjL5Kz7F3WmQPYNQgKH
kQ6DC9UDQG/DUiwTj3j95aMrk5RDlHDpcegfcEDQCyz12zM9nSWg1pBCiekEYwiD
MzBBRJVnMGx4RGkSSw5pXJPfcBtNik7wQ92HtmzNC7LGhj+ztqhaIE43PVA/8oXV
01xBgbWeqAFXiWaklS/RyFHUpJgAZz3WNa9po016GOw64Kk8ZFjoFQalLUi1frvq
Rx1dKxRysDLilcMt/Sv9obqKRHIQQ8HsRmzgvk40eGms59i0ZaXBeL74WFP2fAxB
/O2LpMG0LUv+2/4Eg2c7vypt4py2Hw3YsCjjAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2hSF/tSTX6o/hA2GZa69uSr7aYwwHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO
McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v
Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS8yaFNGX3RTVFg2b19oQTJHWmE2
OXVTcjdhWXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPTqg
MA0GCSqGSIb3DQEBCwUAA4IBAQAjAMzajxLQqyCEKGYFBCKTJ2BoRfa9bQDMg62K
kWyAhJxx4PJuVPYn+amQ/pWEpZgrhgHq+KBeWVn3meh2dBm09pixIqo0jmW4fRU9
CyLjJ3JfiEU4TJd2cC/Qd4Rb6AA7LMK/YHhNkl0eT5l/BRWRm+ua7DGAeaW1QWea
/nUIC5g8gI3HiYs2w3W/aUL1aeGO13EeTYXfZtTPP8c/Wv4JeCkhh23LWrqDQi7O
wxyhBy8x9fkPBFILibnEyU8h5kHGRAVcGqRep0XPQ8COiFO7YQddHM7kwhGp7cDH
X+EmhXIEbWGAFRSJoDoU9gBe95+oN+0xYgMeZb7IcPaVZ8pi
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:02:14 2025 by rpki-client