Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/ixbMn-cB0RySdpn3AhNWw7OrVS8.roa
File: ixbMn-cB0RySdpn3AhNWw7OrVS8.roa (raw, json)
Hash identifier: Dy3msUluRFSYGGOa551tQkuUTUvvjpMzPyxHAwx/Z6E=
Subject key identifier: 8B:16:CC:9F:E7:01:D1:1C:92:76:99:F7:02:13:56:C3:B3:AB:55:2F
Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Certificate serial: 0D6E
Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/ixbMn-cB0RySdpn3AhNWw7OrVS8.roa
Signing time: Mon 10 Feb 2025 14:13:19 +0000
ROA not before: Mon 10 Feb 2025 14:13:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 61.58.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3438 (0xd6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Validity
Not Before: Feb 10 14:13:19 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8B16CC9FE701D11C927699F7021356C3B3AB552F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c8:89:b2:18:8a:5b:c6:d3:62:c4:52:29:32:
8e:a9:13:8a:95:aa:c9:b6:ff:cf:82:34:30:51:af:
41:f1:2d:20:9a:77:31:a9:5f:af:e5:d2:9c:d3:32:
d9:d9:36:69:29:0e:d5:c4:da:73:79:ae:3f:20:fb:
dc:b2:a5:71:06:ab:9f:b5:d9:65:e8:5a:5d:0d:75:
7c:7a:7d:ed:37:36:a8:e6:eb:b1:50:f7:7b:f2:f7:
a7:2a:27:0e:a5:55:16:00:99:d9:21:56:42:7a:21:
49:d6:12:78:3f:5f:04:ed:66:c7:2d:92:fc:c0:0a:
d3:d5:b4:2a:07:e4:ba:72:fc:a6:82:4d:63:25:98:
62:b9:13:eb:31:cb:3d:e8:d3:35:79:3a:ab:fe:cc:
56:18:07:60:13:b6:f4:53:d4:64:aa:e5:71:16:74:
29:2d:81:48:4f:bb:85:d3:a3:06:ef:f2:5d:69:a5:
44:06:60:c5:29:a1:f7:50:e4:38:18:2c:a7:be:f1:
5f:12:71:53:6f:b4:16:fa:32:e8:43:fb:cb:93:0d:
3e:dc:1c:8b:71:3b:0f:19:4e:eb:4c:80:ba:3f:0e:
3e:c9:e3:15:34:a6:9c:e1:f7:2a:96:81:96:1f:87:
2d:c8:a0:50:68:7a:fa:8c:43:6b:59:4d:11:62:35:
32:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:16:CC:9F:E7:01:D1:1C:92:76:99:F7:02:13:56:C3:B3:AB:55:2F
X509v3 Authority Key Identifier:
keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/ixbMn-cB0RySdpn3AhNWw7OrVS8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.58.72.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:7b:89:58:66:8d:f3:21:19:c4:b1:6f:37:b0:e0:22:57:97:
7e:6f:0a:94:56:43:b1:4e:de:61:db:36:94:c2:50:2b:ba:4d:
82:bf:64:36:91:10:5d:ec:ac:ad:dc:cb:9f:35:9e:69:a9:cc:
76:ba:d7:24:9c:48:4d:67:5d:b1:40:45:3b:42:6a:13:4f:20:
cc:ce:e6:ab:7d:62:c7:ba:37:83:3a:c6:69:80:46:e0:01:bb:
8f:79:7d:f5:53:b7:4b:71:d6:fa:66:b7:4f:52:72:6b:9e:87:
ea:34:7f:6d:43:5a:df:cb:96:18:eb:5f:e0:23:4d:97:ed:db:
02:29:21:5c:e1:9c:3f:db:81:1e:29:69:70:f4:cd:05:e6:62:
96:5e:71:49:91:18:a5:75:2d:23:ad:fc:ac:93:c8:c9:79:f1:
5f:21:78:16:5e:33:1f:e9:1e:7a:d2:f2:ed:34:fe:a3:29:56:
8b:4d:5f:a7:a5:b7:d7:24:09:dd:93:c8:08:c3:b3:83:f6:6e:
d1:4a:0f:21:ad:ec:89:dd:bf:fb:16:95:dd:2b:86:81:a5:c7:
a4:84:5b:ad:a4:be:26:72:d5:a8:c6:89:7d:4c:1c:55:c2:c9:
c0:84:28:72:56:81:2b:e5:c4:40:0c:6e:8e:87:fb:f5:92:cf:
05:13:d5:27
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDW4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy
NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx
NDEzMTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhCMTZDQzlGRTcwMUQx
MUM5Mjc2OTlGNzAyMTM1NkMzQjNBQjU1MkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSyImyGIpbxtNixFIpMo6pE4qVqsm2/8+CNDBRr0HxLSCadzGp
X6/l0pzTMtnZNmkpDtXE2nN5rj8g+9yypXEGq5+12WXoWl0NdXx6fe03Nqjm67FQ
93vy96cqJw6lVRYAmdkhVkJ6IUnWEng/XwTtZsctkvzACtPVtCoH5Lpy/KaCTWMl
mGK5E+sxyz3o0zV5Oqv+zFYYB2ATtvRT1GSq5XEWdCktgUhPu4XTowbv8l1ppUQG
YMUpofdQ5DgYLKe+8V8ScVNvtBb6MuhD+8uTDT7cHItxOw8ZTutMgLo/Dj7J4xU0
ppzh9yqWgZYfhy3IoFBoevqMQ2tZTRFiNTITAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUixbMn+cB0RySdpn3AhNWw7OrVS8wHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO
McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v
Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9peGJNbi1jQjBSeVNkcG4zQWhO
V3c3T3JWUzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTpI
MA0GCSqGSIb3DQEBCwUAA4IBAQAse4lYZo3zIRnEsW83sOAiV5d+bwqUVkOxTt5h
2zaUwlAruk2Cv2Q2kRBd7Kyt3MufNZ5pqcx2utcknEhNZ12xQEU7QmoTTyDMzuar
fWLHujeDOsZpgEbgAbuPeX31U7dLcdb6ZrdPUnJrnofqNH9tQ1rfy5YY61/gI02X
7dsCKSFc4Zw/24EeKWlw9M0F5mKWXnFJkRildS0jrfysk8jJefFfIXgWXjMf6R56
0vLtNP6jKVaLTV+npbfXJAndk8gIw7OD9m7RSg8hreyJ3b/7FpXdK4aBpcekhFut
pL4mctWoxol9TBxVwsnAhChyVoEr5cRADG6Oh/v1ks8FE9Un
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:04:33 2025 by rpki-client