Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ASPIRAPPS/CGDe2gdz6DM-b9iX2nZyLrche2k.roa
File: CGDe2gdz6DM-b9iX2nZyLrche2k.roa (raw, json)
Hash identifier: FnkTfW3m2HmBepohiOe8nSp1g74ar8P1tnT/LimQK58=
Subject key identifier: 08:60:DE:DA:07:73:E8:33:3E:6F:D8:97:DA:76:72:2E:B7:21:7B:69
Certificate issuer: /CN=461BC0E516022C3C278FC892420705FEB85668D9
Certificate serial: DF
Authority key identifier: 46:1B:C0:E5:16:02:2C:3C:27:8F:C8:92:42:07:05:FE:B8:56:68:D9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RhvA5RYCLDwnj8iSQgcF_rhWaNk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ASPIRAPPS/CGDe2gdz6DM-b9iX2nZyLrche2k.roa
Signing time: Wed 15 Jan 2025 15:34:03 +0000
ROA not before: Wed 15 Jan 2025 15:34:03 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 150769
IP address blocks: 157.15.70.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 223 (0xdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=461BC0E516022C3C278FC892420705FEB85668D9
Validity
Not Before: Jan 15 15:34:03 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0860DEDA0773E8333E6FD897DA76722EB7217B69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:cb:4e:7e:61:ab:9a:74:2f:4d:88:b4:04:34:
76:6b:cf:28:11:50:05:01:60:a2:76:44:1a:7d:07:
30:4f:02:79:7d:64:e7:16:bc:63:ea:5b:6c:c9:0c:
bd:d3:f3:5b:30:05:77:09:0f:46:9e:ff:d8:2e:d9:
95:ad:92:1d:0f:93:b1:bc:7e:fe:0c:b3:88:a0:78:
12:3d:f8:e3:84:e1:b2:b9:b3:9b:b3:69:48:df:d5:
c3:cc:d5:de:25:8f:49:e1:5a:24:94:39:2c:58:1f:
4f:7a:f5:10:06:3f:05:f5:f9:a4:2a:a8:25:82:a0:
c8:73:5b:ab:4f:bb:23:b4:ad:db:c7:8d:30:e0:be:
33:c2:6f:30:df:04:61:f5:1f:98:77:77:f2:d1:36:
e2:be:d1:e8:46:69:78:09:43:42:e8:af:4a:57:c0:
8e:41:aa:19:31:4d:e7:41:9a:44:0a:fb:b2:84:ef:
01:62:31:0f:2f:92:a9:fd:78:6c:3f:cc:50:07:d2:
84:c7:31:cf:7d:c2:2a:0d:a2:19:e3:7d:0f:78:1d:
66:fb:d5:b8:4b:5f:f3:30:38:8e:55:e7:7f:7c:6b:
67:87:37:53:c8:2a:04:b4:12:b4:d7:33:3a:90:56:
ad:f1:a4:b3:63:0b:db:06:ec:2f:a1:76:f8:ca:12:
40:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:60:DE:DA:07:73:E8:33:3E:6F:D8:97:DA:76:72:2E:B7:21:7B:69
X509v3 Authority Key Identifier:
keyid:46:1B:C0:E5:16:02:2C:3C:27:8F:C8:92:42:07:05:FE:B8:56:68:D9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASPIRAPPS/RhvA5RYCLDwnj8iSQgcF_rhWaNk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RhvA5RYCLDwnj8iSQgcF_rhWaNk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASPIRAPPS/CGDe2gdz6DM-b9iX2nZyLrche2k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.15.70.0/23
Signature Algorithm: sha256WithRSAEncryption
19:72:d6:36:a6:c1:b4:80:d7:74:a6:a9:a5:19:fb:0c:85:2c:
24:d7:43:02:5a:61:02:35:9f:f0:4e:ed:93:12:df:c2:b8:7d:
01:ff:b0:76:08:7e:4b:8d:a8:9e:a1:e1:4d:bb:ba:e9:8e:78:
67:94:cb:9d:b7:94:9b:6b:98:96:35:75:ff:6a:a3:e0:64:86:
32:01:30:4f:21:90:39:21:1a:30:9a:30:4a:ee:ad:a1:78:b8:
be:19:48:19:22:56:69:36:c4:4e:10:06:b4:01:e1:9c:a4:3a:
ed:7e:61:02:d0:83:2b:f9:8d:c4:76:d7:73:58:72:03:da:25:
44:1b:6a:56:35:e6:84:7a:b6:ad:3a:86:36:24:25:da:1d:b1:
61:7a:b5:21:cd:65:9e:e8:37:86:b1:25:20:39:07:6f:ef:c1:
dc:74:53:d0:b5:81:15:52:54:0e:cb:c7:5f:f1:55:97:37:a6:
b7:99:3e:15:47:b2:17:3a:f0:31:d2:d2:63:7e:71:f4:18:7b:
6f:06:d7:5f:a4:0c:c0:81:e3:65:ed:a5:75:8c:01:06:55:8f:
8f:d0:57:fb:37:cd:98:48:3f:54:58:8f:67:52:8d:07:84:39:
a8:26:86:62:16:a0:3c:e6:c1:51:ef:be:34:e2:63:84:11:01:
38:15:17:f6
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDYx
QkMwRTUxNjAyMkMzQzI3OEZDODkyNDIwNzA1RkVCODU2NjhEOTAeFw0yNTAxMTUx
NTM0MDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4NjBERURBMDc3M0U4
MzMzRTZGRDg5N0RBNzY3MjJFQjcyMTdCNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCty05+YauadC9NiLQENHZrzygRUAUBYKJ2RBp9BzBPAnl9ZOcW
vGPqW2zJDL3T81swBXcJD0ae/9gu2ZWtkh0Pk7G8fv4Ms4igeBI9+OOE4bK5s5uz
aUjf1cPM1d4lj0nhWiSUOSxYH0969RAGPwX1+aQqqCWCoMhzW6tPuyO0rdvHjTDg
vjPCbzDfBGH1H5h3d/LRNuK+0ehGaXgJQ0Lor0pXwI5BqhkxTedBmkQK+7KE7wFi
MQ8vkqn9eGw/zFAH0oTHMc99wioNohnjfQ94HWb71bhLX/MwOI5V5398a2eHN1PI
KgS0ErTXMzqQVq3xpLNjC9sG7C+hdvjKEkDfAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUCGDe2gdz6DM+b9iX2nZyLrche2kwHwYDVR0jBBgwFoAURhvA5RYCLDwnj8iS
QgcF/rhWaNkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVNQSVJB
UFBTL1JodkE1UllDTER3bmo4aVNRZ2NGX3JoV2FOay5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvUmh2QTVSWUNMRHduajhpU1FnY0ZfcmhXYU5rLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVNQSVJBUFBTL0NHRGUyZ2R6NkRN
LWI5aVgyblp5THJjaGUyay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAGdD0YwDQYJKoZIhvcNAQELBQADggEBABly1jamwbSA13SmqaUZ+wyFLCTX
QwJaYQI1n/BO7ZMS38K4fQH/sHYIfkuNqJ6h4U27uumOeGeUy523lJtrmJY1df9q
o+BkhjIBME8hkDkhGjCaMEruraF4uL4ZSBkiVmk2xE4QBrQB4ZykOu1+YQLQgyv5
jcR213NYcgPaJUQbalY15oR6tq06hjYkJdodsWF6tSHNZZ7oN4axJSA5B2/vwdx0
U9C1gRVSVA7Lx1/xVZc3preZPhVHshc68DHS0mN+cfQYe28G11+kDMCB42XtpXWM
AQZVj4/QV/s3zZhIP1RYj2dSjQeEOagmhmIWoDzmwVHvvjTiY4QRATgVF/Y=
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:02:16 2025 by rpki-client