Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/oYfnUrP87m0ry0Su_FSA2VApCWw.roa
File: oYfnUrP87m0ry0Su_FSA2VApCWw.roa (raw, json)
Hash identifier: htw+ncRg+Usl7uVVEDTaDQl02Hb75FgObG87/n51m1U=
Subject key identifier: A1:87:E7:52:B3:FC:EE:6D:2B:CB:44:AE:FC:54:80:D9:50:29:09:6C
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0CD7
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/oYfnUrP87m0ry0Su_FSA2VApCWw.roa
Signing time: Mon 10 Feb 2025 13:49:22 +0000
ROA not before: Mon 10 Feb 2025 13:49:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38254
IP address blocks: 2403:7f40:e000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3287 (0xcd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Feb 10 13:49:22 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A187E752B3FCEE6D2BCB44AEFC5480D95029096C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:84:b2:97:50:44:4d:58:39:67:10:8f:b3:bd:
d3:bf:66:ed:c2:ff:bf:94:e8:19:b7:0b:a0:95:b9:
fb:38:65:db:02:b0:df:3e:c0:9e:12:fe:b5:f5:48:
a2:95:ca:e3:3a:ef:8a:3e:76:84:d8:ca:89:b8:b1:
58:96:f0:5b:9b:33:c0:84:25:d5:03:04:65:a9:1f:
27:05:81:9d:0c:94:a5:32:01:f6:c2:e9:b1:54:dc:
41:67:c6:91:b3:4d:01:d0:34:cb:3f:69:32:f5:03:
d5:fe:82:47:b7:8b:73:8d:dd:74:a9:06:c4:04:d6:
59:d2:66:1a:2c:9b:0e:68:51:3d:4e:9a:bb:90:31:
c0:73:2e:2a:25:40:0c:9c:c7:0e:21:d7:ab:05:4b:
7e:d5:fc:c1:a6:e7:96:89:51:41:e0:49:45:03:b0:
9c:57:ce:85:a9:c8:4d:10:b5:44:9c:6c:0e:85:22:
22:0b:b0:8d:22:d3:8b:a8:30:3c:28:46:b4:2a:d2:
6c:49:7a:1a:c3:cc:f6:58:af:40:1a:24:7d:c5:10:
e3:35:58:f3:fe:83:f4:0d:5c:9c:93:c4:da:32:3e:
60:eb:ab:d9:93:e5:74:8f:73:55:34:22:2b:04:60:
c1:e6:5a:1d:b2:72:e2:08:ea:14:65:86:09:86:54:
66:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:87:E7:52:B3:FC:EE:6D:2B:CB:44:AE:FC:54:80:D9:50:29:09:6C
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/oYfnUrP87m0ry0Su_FSA2VApCWw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:e000::/48
Signature Algorithm: sha256WithRSAEncryption
56:54:c5:bc:b8:cb:67:fc:b5:78:6c:63:93:81:43:7a:df:82:
09:38:ba:81:99:5e:db:16:e2:88:a2:47:35:4d:12:79:49:a0:
9b:73:e8:5c:5c:b1:e9:8d:d3:d7:f6:4e:1c:44:cb:0e:fb:25:
92:91:b9:0e:94:91:d1:6c:90:f4:5a:95:40:db:14:e2:00:a8:
45:f0:d5:ce:c3:f2:bb:98:0c:3f:00:d1:bb:9f:f6:af:68:5e:
9b:37:28:fe:0d:e9:79:54:72:c6:86:94:d7:fd:9c:b4:07:c5:
92:08:dd:73:e3:6b:da:9c:37:0f:86:96:16:f6:b7:dd:17:86:
e2:3f:64:02:d7:73:dd:47:ee:e3:3a:60:7a:d6:09:50:33:35:
ea:61:bf:0b:06:26:81:c1:14:f9:62:3b:8b:48:1a:1b:1c:f1:
58:0e:8a:86:a9:bf:4f:45:5a:b9:57:22:30:6b:bd:b7:a3:84:
44:58:ac:e2:19:6b:97:fb:a5:13:a3:97:27:b2:c3:1f:85:5a:
08:90:2e:0a:32:0a:42:b8:e6:35:60:ab:61:6c:a5:62:8f:5a:
d5:71:6f:de:c2:96:aa:5f:05:5d:a9:2c:a7:6d:ba:92:29:9e:
73:b5:e3:cf:bc:ef:96:f9:15:b4:68:30:ee:a0:4d:86:f6:bf:
69:60:36:6f
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDNcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTAyMTAx
MzQ5MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEExODdFNzUyQjNGQ0VF
NkQyQkNCNDRBRUZDNTQ4MEQ5NTAyOTA5NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCphLKXUERNWDlnEI+zvdO/Zu3C/7+U6Bm3C6CVufs4ZdsCsN8+
wJ4S/rX1SKKVyuM674o+doTYyom4sViW8FubM8CEJdUDBGWpHycFgZ0MlKUyAfbC
6bFU3EFnxpGzTQHQNMs/aTL1A9X+gke3i3ON3XSpBsQE1lnSZhosmw5oUT1OmruQ
McBzLiolQAycxw4h16sFS37V/MGm55aJUUHgSUUDsJxXzoWpyE0QtUScbA6FIiIL
sI0i04uoMDwoRrQq0mxJehrDzPZYr0AaJH3FEOM1WPP+g/QNXJyTxNoyPmDrq9mT
5XSPc1U0IisEYMHmWh2ycuII6hRlhgmGVGYLAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUoYfnUrP87m0ry0Su/FSA2VApCWwwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL29ZZm5VclA4N20wcnkwU3VfRlNBMlZB
cENXdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A4AAw
DQYJKoZIhvcNAQELBQADggEBAFZUxby4y2f8tXhsY5OBQ3rfggk4uoGZXtsW4oii
RzVNEnlJoJtz6FxcsemN09f2ThxEyw77JZKRuQ6UkdFskPRalUDbFOIAqEXw1c7D
8ruYDD8A0buf9q9oXps3KP4N6XlUcsaGlNf9nLQHxZII3XPja9qcNw+Glhb2t90X
huI/ZALXc91H7uM6YHrWCVAzNephvwsGJoHBFPliO4tIGhsc8VgOioapv09FWrlX
IjBrvbejhERYrOIZa5f7pROjlyeywx+FWgiQLgoyCkK45jVgq2FspWKPWtVxb97C
lqpfBV2pLKdtupIpnnO148+875b5FbRoMO6gTYb2v2lgNm8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:14:29 2025 by rpki-client