Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3aLbZG2Y1RSVO7u0W0hr4S9qUY8.roa
File: 3aLbZG2Y1RSVO7u0W0hr4S9qUY8.roa (raw, json)
Hash identifier: jRyl4WeeeWP98fPFMqRBdVRyuKcIkaU8RhSWHO1TefI=
Subject key identifier: DD:A2:DB:64:6D:98:D5:14:95:3B:BB:B4:5B:48:6B:E1:2F:6A:51:8F
Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Certificate serial: 0D68
Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3aLbZG2Y1RSVO7u0W0hr4S9qUY8.roa
Signing time: Mon 10 Feb 2025 14:13:17 +0000
ROA not before: Mon 10 Feb 2025 14:13:17 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 59.102.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3432 (0xd68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Validity
Not Before: Feb 10 14:13:17 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DDA2DB646D98D514953BBBB45B486BE12F6A518F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7f:42:57:32:4c:7f:39:a8:06:76:3e:2c:f3:
a0:29:6e:db:6d:9b:45:13:b7:50:f0:85:50:d3:73:
b3:d4:91:fd:d3:10:c9:94:5f:16:03:83:56:38:70:
33:d8:ad:21:c6:13:81:3a:20:d6:b0:9d:04:b9:da:
f0:c5:81:ff:b2:1e:70:ff:3b:78:9f:51:28:af:5d:
3f:26:2b:81:e5:7c:55:06:e9:ab:e3:aa:13:9b:a4:
bb:b6:fd:b4:c9:e0:2c:19:ea:8d:1b:af:85:3c:33:
67:48:ca:e8:39:3a:5e:5c:17:d0:fa:66:72:0f:75:
02:82:21:ff:f9:23:4d:47:0e:1e:8e:d7:5f:37:42:
19:7a:8d:4e:bd:43:e9:44:b9:5b:25:66:6a:96:62:
bd:69:a7:7e:39:40:92:cc:b1:62:73:22:dc:b2:ff:
e7:da:bd:72:77:64:c4:03:bf:eb:72:d5:22:75:48:
47:d3:eb:1f:d2:b5:39:44:1f:cc:9d:8f:42:61:6f:
8f:6e:67:a2:a9:b4:fd:3a:21:66:84:f9:a0:52:46:
c7:d2:0d:84:89:20:ce:6b:c4:c2:40:27:62:52:d8:
14:1b:e5:2c:04:3b:57:b3:2b:7e:32:36:f7:6f:e1:
9a:7d:14:14:7e:2a:61:1a:58:ea:f3:37:b0:8e:08:
8b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:A2:DB:64:6D:98:D5:14:95:3B:BB:B4:5B:48:6B:E1:2F:6A:51:8F
X509v3 Authority Key Identifier:
keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/3aLbZG2Y1RSVO7u0W0hr4S9qUY8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.102.128.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:8f:39:73:e7:d5:fb:ef:90:9f:c0:a7:37:d1:d9:d3:2a:88:
7e:0a:b8:38:5a:7a:ba:dd:0d:89:cb:6f:bb:34:e9:96:ae:e3:
a3:e5:16:58:3a:10:cc:71:c8:9d:f1:bb:2a:d6:39:5a:7c:2e:
3b:8f:51:f1:af:c2:5c:e2:cb:fc:bf:47:13:c1:10:ff:e4:66:
3c:e3:00:da:b2:2c:4c:01:f3:b6:71:65:dd:f7:21:f9:14:0f:
96:c0:08:bc:4b:2c:b1:e0:1b:b8:73:84:5a:3e:01:dd:a8:dd:
47:f5:57:ba:dd:12:4c:e5:d9:92:fe:70:3b:31:65:57:b5:8d:
5f:fb:62:fa:e8:d6:c1:e8:3a:e4:9b:ff:96:74:2a:c3:6e:c4:
0b:76:4f:7b:6e:68:e3:f9:89:d7:15:a6:81:bf:cd:f7:0e:ac:
e4:bd:5b:e5:d7:45:5b:c2:34:e1:9e:62:34:fb:e9:b9:2a:77:
39:40:c6:a1:42:80:e3:88:33:18:96:58:21:47:71:01:65:be:
e7:f9:f4:3c:38:9e:94:8d:c3:6c:ec:e0:1f:1e:43:3d:67:7e:
86:14:11:30:54:a5:ec:bd:56:f1:c7:4d:08:68:43:2c:75:1a:
b6:52:e6:3f:a2:17:fe:c7:e9:72:cc:01:c3:15:0f:35:9f:f9:
95:b5:a1:70
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDWgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy
NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx
NDEzMTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEREQTJEQjY0NkQ5OEQ1
MTQ5NTNCQkJCNDVCNDg2QkUxMkY2QTUxOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+f0JXMkx/OagGdj4s86Apbtttm0UTt1DwhVDTc7PUkf3TEMmU
XxYDg1Y4cDPYrSHGE4E6INawnQS52vDFgf+yHnD/O3ifUSivXT8mK4HlfFUG6avj
qhObpLu2/bTJ4CwZ6o0br4U8M2dIyug5Ol5cF9D6ZnIPdQKCIf/5I01HDh6O1183
Qhl6jU69Q+lEuVslZmqWYr1pp345QJLMsWJzItyy/+favXJ3ZMQDv+ty1SJ1SEfT
6x/StTlEH8ydj0Jhb49uZ6KptP06IWaE+aBSRsfSDYSJIM5rxMJAJ2JS2BQb5SwE
O1ezK34yNvdv4Zp9FBR+KmEaWOrzN7COCIvNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3aLbZG2Y1RSVO7u0W0hr4S9qUY8wHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO
McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v
Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS8zYUxiWkcyWTFSU1ZPN3UwVzBo
cjRTOXFVWTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCO2aA
MA0GCSqGSIb3DQEBCwUAA4IBAQBcjzlz59X775CfwKc30dnTKoh+Crg4Wnq63Q2J
y2+7NOmWruOj5RZYOhDMccid8bsq1jlafC47j1Hxr8Jc4sv8v0cTwRD/5GY84wDa
sixMAfO2cWXd9yH5FA+WwAi8Syyx4Bu4c4RaPgHdqN1H9Ve63RJM5dmS/nA7MWVX
tY1f+2L66NbB6Drkm/+WdCrDbsQLdk97bmjj+YnXFaaBv833DqzkvVvl10VbwjTh
nmI0++m5Knc5QMahQoDjiDMYllghR3EBZb7n+fQ8OJ6UjcNs7OAfHkM9Z36GFBEw
VKXsvVbxx00IaEMsdRq2UuY/ohf+x+lyzAHDFQ81n/mVtaFw
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:07:22 2025 by rpki-client