Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/xo9ILOo1Boo3UkqIdAfk12QmN0k.roa
File: xo9ILOo1Boo3UkqIdAfk12QmN0k.roa (raw, json)
Hash identifier: rXzmtAJguczL60MJ8zyXN4DqRdtNt2RTwsn9GBIwlZA=
Subject key identifier: C6:8F:48:2C:EA:35:06:8A:37:52:4A:88:74:07:E4:D7:64:26:37:49
Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Certificate serial: 0CC3
Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/xo9ILOo1Boo3UkqIdAfk12QmN0k.roa
Signing time: Mon 10 Feb 2025 14:23:21 +0000
ROA not before: Mon 10 Feb 2025 14:23:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38851
IP address blocks: 43.250.46.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3267 (0xcc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Validity
Not Before: Feb 10 14:23:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C68F482CEA35068A37524A887407E4D764263749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:53:de:a8:f9:89:69:2e:7a:f6:c3:d6:2e:c9:
f3:5b:26:0e:5b:a4:60:0d:d6:15:53:8a:15:ca:41:
97:7b:55:7f:dc:34:01:62:f3:e1:6e:ff:69:6d:26:
bc:94:c0:e6:79:ee:ea:d0:e6:5a:23:80:73:c8:f4:
f0:b1:c1:77:7c:d8:ec:36:27:be:58:49:cd:12:8c:
a0:1c:64:1b:4e:a0:c2:a3:f2:b3:e6:47:7b:7d:a0:
cc:b6:cb:00:c8:31:ec:45:b6:9f:5b:fc:d4:30:7c:
13:4a:c3:6c:38:c0:81:0e:cf:15:2f:f9:36:6b:07:
bd:f7:07:23:35:8b:45:57:1f:af:c4:e6:81:ad:c7:
1d:0e:c4:9b:60:41:14:86:37:e2:41:c8:f6:44:6d:
5a:c7:b7:18:70:9a:09:65:b6:f9:fa:1b:6e:6f:17:
13:de:94:f3:ce:a1:36:bf:17:e9:23:98:c3:f6:cf:
9b:74:e7:56:27:95:29:a5:30:06:e7:b4:53:ec:7a:
31:10:be:58:89:32:44:05:2a:0a:7b:15:08:b8:19:
77:08:87:5a:4f:14:26:ff:a0:1d:11:74:7e:24:2b:
2f:7c:de:e0:16:9f:54:3a:0a:a2:26:64:db:d2:81:
38:b4:31:d7:ab:ed:a7:1f:0f:56:20:86:35:b4:4f:
7b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8F:48:2C:EA:35:06:8A:37:52:4A:88:74:07:E4:D7:64:26:37:49
X509v3 Authority Key Identifier:
keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/xo9ILOo1Boo3UkqIdAfk12QmN0k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.250.46.0/23
Signature Algorithm: sha256WithRSAEncryption
76:25:4c:48:17:64:f0:ec:8c:34:da:ac:82:95:32:ea:f9:25:
78:db:c5:c8:24:fb:6e:41:6b:9c:e4:82:83:28:3e:16:27:5f:
c3:f1:b3:35:11:07:98:2c:af:8d:6e:75:81:51:00:77:8e:5a:
26:15:e6:07:94:84:c5:1b:1d:f1:56:84:49:78:bf:6c:14:34:
e8:fb:a6:07:ce:81:33:e9:29:2b:dd:55:02:ed:fd:5f:ad:31:
0e:03:63:7a:c0:83:df:1b:63:ac:5e:e3:28:c4:84:6a:da:7a:
df:c1:7a:bc:e1:8e:a0:53:2c:08:d1:89:7d:fe:1d:17:07:bc:
84:51:8f:ca:a8:24:0c:1a:e8:9b:1e:2e:81:6a:b2:a3:f3:30:
f1:b9:35:ea:51:bd:e9:7c:71:87:cc:c7:18:8c:71:ed:36:f3:
ea:4d:8b:46:79:17:0c:f7:74:27:7e:14:5c:cd:e6:c2:6f:be:
57:47:6a:f5:a9:5f:a8:d8:d8:d5:5f:a8:33:8b:bd:9c:ab:7a:
bb:31:d0:f6:ce:6d:9f:07:5f:e3:08:33:32:28:e4:ce:de:13:
fa:56:55:0f:e1:46:f2:be:55:98:cb:63:19:8b:56:8a:72:48:
28:c6:a8:99:bd:e4:1e:52:ce:9b:d9:f9:70:c6:64:f8:ae:8e:
35:a9:df:ec
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDMMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD
N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yNTAyMTAx
NDIzMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM2OEY0ODJDRUEzNTA2
OEEzNzUyNEE4ODc0MDdFNEQ3NjQyNjM3NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjU96o+YlpLnr2w9YuyfNbJg5bpGAN1hVTihXKQZd7VX/cNAFi
8+Fu/2ltJryUwOZ57urQ5lojgHPI9PCxwXd82Ow2J75YSc0SjKAcZBtOoMKj8rPm
R3t9oMy2ywDIMexFtp9b/NQwfBNKw2w4wIEOzxUv+TZrB733ByM1i0VXH6/E5oGt
xx0OxJtgQRSGN+JByPZEbVrHtxhwmglltvn6G25vFxPelPPOoTa/F+kjmMP2z5t0
51YnlSmlMAbntFPsejEQvliJMkQFKgp7FQi4GXcIh1pPFCb/oB0RdH4kKy983uAW
n1Q6CqImZNvSgTi0Mder7acfD1YghjW0T3uhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUxo9ILOo1Boo3UkqIdAfk12QmN0kwHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7
t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz
ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL3hvOUlMT28xQm9vM1VrcUlkQWZrMTJR
bU4way5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEr+i4wDQYJ
KoZIhvcNAQELBQADggEBAHYlTEgXZPDsjDTarIKVMur5JXjbxcgk+25Ba5zkgoMo
PhYnX8PxszURB5gsr41udYFRAHeOWiYV5geUhMUbHfFWhEl4v2wUNOj7pgfOgTPp
KSvdVQLt/V+tMQ4DY3rAg98bY6xe4yjEhGraet/BerzhjqBTLAjRiX3+HRcHvIRR
j8qoJAwa6JseLoFqsqPzMPG5NepRvel8cYfMxxiMce028+pNi0Z5Fwz3dCd+FFzN
5sJvvldHavWpX6jY2NVfqDOLvZyrersx0PbObZ8HX+MIMzIo5M7eE/pWVQ/hRvK+
VZjLYxmLVopySCjGqJm95B5SzpvZ+XDGZPiujjWp3+w=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:23:38 2025 by rpki-client