Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/3n2JE67vTPTKHxSPyxfP8bEq-CM.roa
File: 3n2JE67vTPTKHxSPyxfP8bEq-CM.roa (raw, json)
Hash identifier: 1hoDHtOeJhMjwFjkZcEON8hcKk0UyH4ektlva8IA0TY=
Subject key identifier: DE:7D:89:13:AE:EF:4C:F4:CA:1F:14:8F:CB:17:CF:F1:B1:2A:F8:23
Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Certificate serial: 0CC2
Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/3n2JE67vTPTKHxSPyxfP8bEq-CM.roa
Signing time: Mon 10 Feb 2025 14:23:21 +0000
ROA not before: Mon 10 Feb 2025 14:23:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38851
IP address blocks: 43.250.44.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3266 (0xcc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Validity
Not Before: Feb 10 14:23:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DE7D8913AEEF4CF4CA1F148FCB17CFF1B12AF823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e3:05:2c:c5:d8:47:37:08:11:2b:f2:d3:11:
df:64:1c:f4:71:58:5b:dd:c8:3c:c0:1d:1c:cf:6c:
22:13:1c:cf:26:d5:2b:1b:16:aa:63:9f:3e:35:14:
ce:f4:c0:36:84:95:9c:1e:6c:56:14:7f:c4:13:85:
56:ff:22:c4:c2:e7:ef:6c:50:81:e4:43:e0:1f:99:
50:e2:46:29:58:35:cf:52:c7:4e:76:ac:15:2d:19:
18:1a:0d:53:fe:4a:d2:bb:59:44:25:9a:34:7e:2e:
38:e4:ad:eb:20:8c:83:a5:74:ab:b9:54:71:e2:28:
f2:27:fc:91:d3:36:c3:38:8b:59:cb:16:83:4e:26:
69:36:c2:f1:69:dd:2c:d6:87:c9:33:7f:02:72:00:
3a:5d:b4:62:1d:ae:1b:1a:3c:c6:5f:7e:1f:6b:a1:
ac:fb:6d:a0:be:e7:31:f1:ac:2f:3e:a7:28:30:5a:
d0:e3:81:bf:2e:b4:df:37:c3:eb:a5:d1:0d:bc:6e:
58:16:c0:77:09:60:9b:34:e7:04:a7:d7:95:42:9d:
a1:2b:78:53:67:10:b5:89:d6:7a:bb:30:f9:7d:88:
6f:d8:d3:b9:bb:6f:ea:12:8a:79:f5:aa:73:d0:1d:
f3:ff:bf:44:de:1a:91:a0:fd:ef:5b:98:50:25:19:
d6:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7D:89:13:AE:EF:4C:F4:CA:1F:14:8F:CB:17:CF:F1:B1:2A:F8:23
X509v3 Authority Key Identifier:
keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/3n2JE67vTPTKHxSPyxfP8bEq-CM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.44.0/23
Signature Algorithm: sha256WithRSAEncryption
36:ca:60:4e:ac:aa:48:91:d9:5a:fe:c7:29:1a:58:6f:ad:24:
25:f7:52:2b:60:92:98:ba:05:cf:29:70:88:07:30:89:79:34:
48:64:4d:06:61:74:00:a1:1d:cc:19:8c:81:e3:83:cd:55:69:
b5:00:08:b9:a0:b9:40:19:29:cd:94:41:8e:ed:b0:4c:56:1d:
3d:22:30:00:23:af:2d:f2:15:78:7d:fa:b4:4b:0f:dc:2c:35:
8d:fe:b7:0d:22:4e:06:40:1b:c7:fa:81:99:1c:5e:28:69:ec:
82:28:d8:01:28:05:a3:de:f7:c3:e0:a5:07:9c:d5:96:1f:73:
d2:dc:33:ab:f1:9a:78:6f:32:e0:64:50:67:40:2f:e9:f4:fb:
75:f1:b3:15:fc:46:eb:24:a2:2e:3b:93:17:f8:7d:93:c3:7a:
b5:55:2b:ac:8b:3b:f9:6b:4c:9b:5c:d6:93:1a:a1:f6:5e:7f:
77:57:15:de:0e:8d:b4:47:c1:c5:2c:c9:12:65:fa:6c:01:47:
71:13:d0:f8:9f:3c:92:fd:5a:d5:00:b7:3b:53:ce:b2:fd:50:
a4:9d:4d:d9:b2:c6:ca:53:fc:8f:1c:e5:7d:fd:dc:c4:ab:c9:
cf:80:cd:ee:af:75:ad:da:4d:97:02:ad:31:23:cb:50:5e:d8:
c5:a7:3a:24
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDMIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD
N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yNTAyMTAx
NDIzMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERFN0Q4OTEzQUVFRjRD
RjRDQTFGMTQ4RkNCMTdDRkYxQjEyQUY4MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw4wUsxdhHNwgRK/LTEd9kHPRxWFvdyDzAHRzPbCITHM8m1Ssb
Fqpjnz41FM70wDaElZwebFYUf8QThVb/IsTC5+9sUIHkQ+AfmVDiRilYNc9Sx052
rBUtGRgaDVP+StK7WUQlmjR+LjjkresgjIOldKu5VHHiKPIn/JHTNsM4i1nLFoNO
Jmk2wvFp3SzWh8kzfwJyADpdtGIdrhsaPMZffh9roaz7baC+5zHxrC8+pygwWtDj
gb8utN83w+ul0Q28blgWwHcJYJs05wSn15VCnaEreFNnELWJ1nq7MPl9iG/Y07m7
b+oSinn1qnPQHfP/v0TeGpGg/e9bmFAlGdYJAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU3n2JE67vTPTKHxSPyxfP8bEq+CMwHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7
t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz
ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFdULzNuMkpFNjd2VFBUS0h4U1B5eGZQOGJF
cS1DTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEr+iwwDQYJ
KoZIhvcNAQELBQADggEBADbKYE6sqkiR2Vr+xykaWG+tJCX3Uitgkpi6Bc8pcIgH
MIl5NEhkTQZhdAChHcwZjIHjg81VabUACLmguUAZKc2UQY7tsExWHT0iMAAjry3y
FXh9+rRLD9wsNY3+tw0iTgZAG8f6gZkcXihp7IIo2AEoBaPe98PgpQec1ZYfc9Lc
M6vxmnhvMuBkUGdAL+n0+3XxsxX8Ruskoi47kxf4fZPDerVVK6yLO/lrTJtc1pMa
ofZef3dXFd4OjbRHwcUsyRJl+mwBR3ET0PifPJL9WtUAtztTzrL9UKSdTdmyxspT
/I8c5X393MSryc+Aze6vda3aTZcCrTEjy1Be2MWnOiQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:24:27 2025 by rpki-client