Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/F3Z4R0eWIvzEUYJrQ5LrnMg22G8.roa
File: F3Z4R0eWIvzEUYJrQ5LrnMg22G8.roa (raw, json)
Hash identifier: HTb58XGRPZfnVaz0IVrtusmN9XDMDWE+szjXOUuQv9I=
Subject key identifier: 17:76:78:47:47:96:22:FC:C4:51:82:6B:43:92:EB:9C:C8:36:D8:6F
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0E43
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/F3Z4R0eWIvzEUYJrQ5LrnMg22G8.roa
Signing time: Mon 10 Feb 2025 14:03:21 +0000
ROA not before: Mon 10 Feb 2025 14:03:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 27.147.24.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3651 (0xe43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 10 14:03:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=17767847479622FCC451826B4392EB9CC836D86F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:3e:54:12:22:3a:59:01:f6:2f:81:b9:7c:6f:
c0:dd:79:c1:31:e3:e0:b4:18:d0:2e:61:7a:ca:75:
b3:2c:72:6e:49:e5:a1:31:87:93:a1:15:b1:90:1f:
63:00:8d:4e:80:95:c8:91:0e:5b:0e:f8:f1:5f:00:
bb:d2:0a:4b:5a:30:de:a9:49:51:39:9b:21:ce:5b:
59:51:3f:94:8a:6d:ec:a1:58:c4:45:cb:22:e1:22:
bd:1f:20:ee:f2:e5:4c:41:21:96:62:1e:85:29:40:
b7:40:0d:32:ff:53:38:41:07:d8:19:2a:80:9b:ee:
2f:72:26:97:f5:aa:71:2b:e0:3f:08:c9:c6:3b:51:
15:26:27:f2:dd:25:06:34:9c:52:ef:22:2c:51:d5:
b1:33:8f:5d:54:f1:40:7f:13:a3:45:83:c3:ad:7f:
a6:71:88:51:ec:cb:cf:1e:45:12:ee:68:ce:75:1d:
f1:86:02:2b:f3:f1:13:10:31:9f:15:8c:d2:ec:04:
dd:df:23:80:c9:11:23:4f:97:86:98:63:8b:4f:13:
f0:e1:ce:b7:a3:59:42:18:47:06:ad:cf:56:88:89:
91:8a:55:0d:d1:f3:bb:ae:01:8b:8d:0b:2e:da:eb:
11:b1:32:d0:04:48:08:38:d3:71:66:34:ac:29:08:
de:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:76:78:47:47:96:22:FC:C4:51:82:6B:43:92:EB:9C:C8:36:D8:6F
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/F3Z4R0eWIvzEUYJrQ5LrnMg22G8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.24.0/21
Signature Algorithm: sha256WithRSAEncryption
05:89:ee:db:b0:0c:84:04:0a:4d:3f:bb:2a:2d:3d:8a:7e:8c:
88:c9:9b:35:7a:c4:02:1b:ea:71:16:c8:15:79:d5:cb:b7:53:
54:c1:56:34:fb:38:6b:46:82:37:4f:94:30:46:e4:4a:b7:32:
0c:cf:34:0a:c7:64:9a:e0:0d:3e:59:d4:a4:12:8f:5a:ae:a6:
00:c0:69:9f:d5:f4:38:fe:55:93:d6:8d:d2:6c:cf:f1:19:5d:
4a:a4:e1:25:cc:c5:6a:72:2b:67:14:00:b4:5c:69:e0:ca:dc:
9c:55:7a:85:29:e4:1d:6e:4f:78:fd:c0:09:e7:57:7d:b8:e7:
11:c9:c0:ac:18:64:ac:e3:82:26:e1:b8:66:72:d1:90:14:65:
c0:18:0d:80:7b:43:92:20:d2:4c:e6:b6:fe:10:fe:43:39:b3:
e1:23:9b:30:bc:16:bc:92:d0:6d:4a:a0:d5:99:29:35:d2:bd:
6b:5b:52:b9:a4:06:7a:59:3c:85:17:2f:c9:30:51:7d:71:2f:
e5:8f:cf:c4:36:18:5a:67:08:9d:7c:be:86:6f:df:c0:99:04:
e4:13:be:17:1d:38:96:3c:9b:c9:45:84:fe:30:74:df:2b:d9:
ad:87:d8:d7:d0:e9:f7:a3:27:25:9b:ad:93:9c:ad:bd:92:22:
b7:26:96:1f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx
NDAzMjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDE3NzY3ODQ3NDc5NjIy
RkNDNDUxODI2QjQzOTJFQjlDQzgzNkQ4NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmPlQSIjpZAfYvgbl8b8DdecEx4+C0GNAuYXrKdbMscm5J5aEx
h5OhFbGQH2MAjU6AlciRDlsO+PFfALvSCktaMN6pSVE5myHOW1lRP5SKbeyhWMRF
yyLhIr0fIO7y5UxBIZZiHoUpQLdADTL/UzhBB9gZKoCb7i9yJpf1qnEr4D8IycY7
URUmJ/LdJQY0nFLvIixR1bEzj11U8UB/E6NFg8Otf6ZxiFHsy88eRRLuaM51HfGG
Aivz8RMQMZ8VjNLsBN3fI4DJESNPl4aYY4tPE/DhzrejWUIYRwatz1aIiZGKVQ3R
87uuAYuNCy7a6xGxMtAESAg403FmNKwpCN45AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUF3Z4R0eWIvzEUYJrQ5LrnMg22G8wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9GM1o0UjBlV0l2ekVVWUpyUTVM
cm5NZzIyRzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5MY
MA0GCSqGSIb3DQEBCwUAA4IBAQAFie7bsAyEBApNP7sqLT2KfoyIyZs1esQCG+px
FsgVedXLt1NUwVY0+zhrRoI3T5QwRuRKtzIMzzQKx2Sa4A0+WdSkEo9arqYAwGmf
1fQ4/lWT1o3SbM/xGV1KpOElzMVqcitnFAC0XGngytycVXqFKeQdbk94/cAJ51d9
uOcRycCsGGSs44Im4bhmctGQFGXAGA2Ae0OSINJM5rb+EP5DObPhI5swvBa8ktBt
SqDVmSk10r1rW1K5pAZ6WTyFFy/JMFF9cS/lj8/ENhhaZwidfL6Gb9/AmQTkE74X
HTiWPJvJRYT+MHTfK9mth9jX0On3oyclm62TnK29kiK3JpYf
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:14 2025 by rpki-client