Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/QBBXwfswqMX3FRtvjXLkS1nRLM4.roa
File: QBBXwfswqMX3FRtvjXLkS1nRLM4.roa (raw, json)
Hash identifier: 0w7HE/cg3FLfbl+Zi0lsf86FjN8G6Xltv6fTzP6NuOQ=
Subject key identifier: 40:10:57:C1:FB:30:A8:C5:F7:15:1B:6F:8D:72:E4:4B:59:D1:2C:CE
Certificate issuer: /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial: 0C73
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/QBBXwfswqMX3FRtvjXLkS1nRLM4.roa
Signing time: Mon 26 Aug 2024 05:32:40 +0000
ROA not before: Mon 26 Aug 2024 05:32:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18018
IP address blocks: 61.58.34.0/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3187 (0xc73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Validity
Not Before: Aug 26 05:32:40 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=401057C1FB30A8C5F7151B6F8D72E44B59D12CCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:99:49:3f:52:8f:73:25:da:64:0c:d3:b3:20:
e1:5c:92:cd:67:6e:37:31:ce:9d:68:e8:44:58:2a:
59:67:c8:5e:5c:85:90:fd:7a:57:2b:b7:6d:d3:e6:
ea:d9:92:39:87:5c:1b:c1:85:2a:0a:dc:b5:88:14:
4b:c7:cc:15:19:05:f7:cd:b4:aa:09:2e:c5:65:6a:
5c:df:72:a0:1b:e8:d4:c8:61:75:e6:ff:72:37:f9:
26:9c:11:f7:ef:70:5c:b6:bd:43:58:0d:0d:5a:c0:
50:83:84:c0:00:54:11:1b:d7:5f:34:33:f7:9a:ce:
ce:aa:3f:aa:99:3f:53:7c:93:d2:dc:85:e0:88:bb:
6f:5e:99:92:3f:94:26:c1:ff:8e:d1:1c:86:f9:a4:
c8:a5:b6:dd:83:4a:7b:11:f5:7e:f5:60:f5:a3:2d:
32:2e:1a:d0:87:51:13:14:b7:58:ff:07:6b:20:e5:
32:d5:86:d7:e9:26:a1:e8:9b:90:d1:c0:08:21:98:
ed:51:94:30:e6:1d:3f:72:63:ec:bc:97:ca:56:80:
c1:63:83:9e:42:da:a7:d6:ac:8c:3c:92:f8:b8:82:
b0:49:1f:e0:51:50:c9:04:49:63:9b:88:15:8d:6a:
75:f4:ec:ff:9b:d0:1e:31:fd:49:e0:b3:4e:62:5c:
c4:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:10:57:C1:FB:30:A8:C5:F7:15:1B:6F:8D:72:E4:4B:59:D1:2C:CE
X509v3 Authority Key Identifier:
keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/QBBXwfswqMX3FRtvjXLkS1nRLM4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.58.34.0/25
Signature Algorithm: sha256WithRSAEncryption
88:ee:9b:99:de:a3:d9:58:6e:36:c7:29:a2:72:38:a7:d0:0e:
92:23:91:e7:40:58:e7:15:2d:04:f7:5a:d2:90:59:83:bf:9d:
21:ec:b6:a0:e5:42:50:d7:a7:22:3a:fc:c8:07:8c:da:d9:67:
4a:42:f5:c6:2e:48:bb:8a:6a:e5:5d:a0:8f:91:fd:b1:e2:a6:
5c:cc:69:83:a6:75:6b:c5:cd:4d:c9:89:dd:92:06:71:1e:02:
60:27:72:b3:66:92:9e:c4:c1:a5:ae:e0:ea:f6:ac:e6:d4:53:
18:19:db:46:e1:ac:7d:a0:9a:5e:16:6e:10:25:07:34:14:fa:
87:67:62:4c:52:e7:67:f8:82:53:01:9b:7d:a1:75:dd:47:82:
d5:95:81:e1:ac:d2:63:77:7e:16:73:70:43:64:d9:2c:1c:ac:
ee:87:1e:44:d2:66:f9:d2:9f:13:6c:c8:43:00:cc:be:e1:46:
bc:84:9b:df:a6:09:25:58:b0:70:99:1b:60:2b:26:d7:d9:a3:
3b:21:cd:a4:e2:ce:93:ee:82:99:cd:13:2a:64:c0:0d:ab:db:
09:74:f7:a0:e2:50:bb:e0:50:f4:6d:c9:e9:39:79:c5:3c:b7:
0e:82:b2:1f:c4:bc:57:8d:a6:d8:08:f4:7e:8d:c5:d2:47:de:
4a:ab:d2:b1
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICDHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yNDA4MjYw
NTMyNDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQwMTA1N0MxRkIzMEE4
QzVGNzE1MUI2RjhENzJFNDRCNTlEMTJDQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9mUk/Uo9zJdpkDNOzIOFcks1nbjcxzp1o6ERYKllnyF5chZD9
elcrt23T5urZkjmHXBvBhSoK3LWIFEvHzBUZBffNtKoJLsVlalzfcqAb6NTIYXXm
/3I3+SacEffvcFy2vUNYDQ1awFCDhMAAVBEb1180M/eazs6qP6qZP1N8k9LcheCI
u29emZI/lCbB/47RHIb5pMiltt2DSnsR9X71YPWjLTIuGtCHURMUt1j/B2sg5TLV
htfpJqHom5DRwAghmO1RlDDmHT9yY+y8l8pWgMFjg55C2qfWrIw8kvi4grBJH+BR
UMkESWObiBWNanX07P+b0B4x/Ungs05iXMT9AgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUQBBXwfswqMX3FRtvjXLkS1nRLM4wHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9RQkJYd2Zzd3FNWDNGUnR2alhM
a1MxblJMTTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHPToi
ADANBgkqhkiG9w0BAQsFAAOCAQEAiO6bmd6j2VhuNscponI4p9AOkiOR50BY5xUt
BPda0pBZg7+dIey2oOVCUNenIjr8yAeM2tlnSkL1xi5Iu4pq5V2gj5H9seKmXMxp
g6Z1a8XNTcmJ3ZIGcR4CYCdys2aSnsTBpa7g6vas5tRTGBnbRuGsfaCaXhZuECUH
NBT6h2diTFLnZ/iCUwGbfaF13UeC1ZWB4azSY3d+FnNwQ2TZLBys7oceRNJm+dKf
E2zIQwDMvuFGvISb36YJJViwcJkbYCsm19mjOyHNpOLOk+6Cmc0TKmTADavbCXT3
oOJQu+BQ9G3J6Tl5xTy3DoKyH8S8V42m2Aj0fo3F0kfeSqvSsQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:53:27 2025 by rpki-client