Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/IxpZDXdZKR8EQr4RGjTYC9z5CZg.roa
File: IxpZDXdZKR8EQr4RGjTYC9z5CZg.roa (raw, json)
Hash identifier: M5a2tiG2l6692Epp/RUZI9Eunj7IYAn90MnrHDhNY+4=
Subject key identifier: 23:1A:59:0D:77:59:29:1F:04:42:BE:11:1A:34:D8:0B:DC:F9:09:98
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0E52
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/IxpZDXdZKR8EQr4RGjTYC9z5CZg.roa
Signing time: Mon 10 Feb 2025 14:03:25 +0000
ROA not before: Mon 10 Feb 2025 14:03:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 27.147.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3666 (0xe52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 10 14:03:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=231A590D7759291F0442BE111A34D80BDCF90998
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c0:1b:23:cc:08:0b:dc:0f:52:bd:c9:8f:d2:
f2:dc:3d:c5:bf:34:38:4e:a7:23:ec:75:2a:b7:86:
7b:91:91:c9:5b:3b:87:89:ab:74:1f:d2:07:b7:43:
10:b9:11:31:3e:73:d9:46:e1:fd:6c:01:f2:78:54:
b1:20:2c:7c:bb:58:ab:a6:2b:f1:95:2f:8b:eb:de:
a8:a2:d2:d4:63:1b:11:f5:8c:a4:9b:f2:d9:79:f5:
fc:e3:fd:24:c0:d1:e1:4b:9e:fa:71:39:b1:2c:a9:
1f:aa:89:03:b8:fa:c6:79:03:82:e3:5d:f7:2c:4d:
a9:b5:37:fb:b2:02:a0:80:a5:ed:d3:62:64:d9:af:
45:cc:18:82:c5:16:36:0e:f8:31:c4:c9:c2:53:7e:
99:74:ac:db:bd:be:77:e4:3f:e2:34:cb:5f:bb:7a:
cf:04:96:dc:11:7e:b5:ab:45:5a:61:04:c6:6d:93:
ed:14:f1:d9:14:05:32:3d:41:aa:6a:7a:51:34:64:
03:01:c9:c3:34:46:81:37:35:be:36:d6:2e:37:34:
67:d3:16:83:57:1a:77:6b:44:5a:1c:6d:a2:02:67:
95:29:6c:48:d5:c9:e1:ca:95:40:bf:9a:70:9a:c2:
d4:c8:06:0f:a4:43:03:dd:d0:c5:72:76:bc:11:c3:
f7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1A:59:0D:77:59:29:1F:04:42:BE:11:1A:34:D8:0B:DC:F9:09:98
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/IxpZDXdZKR8EQr4RGjTYC9z5CZg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.63.0/24
Signature Algorithm: sha256WithRSAEncryption
93:f1:d6:d3:5f:04:04:66:39:8e:d2:20:b5:b2:54:8f:b0:00:
d8:b3:81:1d:c2:e7:a1:47:68:bc:0a:4b:8d:1c:3b:7a:69:4d:
61:88:ef:01:32:6c:89:0a:8b:cb:3f:45:50:8f:4b:d8:e2:e4:
76:97:69:3d:d2:20:90:fd:ed:68:ae:a6:9e:f9:81:57:26:f6:
ee:92:ba:68:09:ff:bb:d9:68:14:69:d1:05:46:f2:c0:f4:b4:
bc:64:95:8c:6f:27:4b:cd:e8:2c:43:c5:1d:2f:b0:65:94:be:
a3:56:09:6b:95:1e:50:30:5a:ea:fd:4e:f0:0b:42:87:59:10:
9c:16:b3:e2:98:9d:31:c8:4d:9b:f8:68:14:f3:81:80:d9:5a:
4c:0a:51:0f:b6:49:f2:87:50:2f:a7:6a:e5:b2:e1:fe:06:d4:
f3:e2:2a:dc:b9:5e:01:9a:ef:41:18:60:aa:1d:a2:ab:97:91:
fc:4d:d8:29:ef:68:2b:36:35:9c:9e:85:79:ef:2a:0d:38:56:
1a:2b:ac:4d:28:af:28:11:62:f3:26:f0:4c:57:9e:59:91:22:
95:86:87:cf:7e:79:a4:ed:74:78:14:97:56:bc:8e:be:a5:84:
8e:43:a1:b2:b8:eb:12:3a:8f:25:cd:c5:d8:a2:d0:02:d4:c6:
15:e0:cf:9b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDlIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx
NDAzMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIzMUE1OTBENzc1OTI5
MUYwNDQyQkUxMTFBMzREODBCRENGOTA5OTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChwBsjzAgL3A9SvcmP0vLcPcW/NDhOpyPsdSq3hnuRkclbO4eJ
q3Qf0ge3QxC5ETE+c9lG4f1sAfJ4VLEgLHy7WKumK/GVL4vr3qii0tRjGxH1jKSb
8tl59fzj/STA0eFLnvpxObEsqR+qiQO4+sZ5A4LjXfcsTam1N/uyAqCApe3TYmTZ
r0XMGILFFjYO+DHEycJTfpl0rNu9vnfkP+I0y1+7es8EltwRfrWrRVphBMZtk+0U
8dkUBTI9QapqelE0ZAMBycM0RoE3Nb421i43NGfTFoNXGndrRFocbaICZ5UpbEjV
yeHKlUC/mnCawtTIBg+kQwPd0MVydrwRw/fvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUIxpZDXdZKR8EQr4RGjTYC9z5CZgwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9JeHBaRFhkWktSOEVRcjRSR2pU
WUM5ejVDWmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAG5M/
MA0GCSqGSIb3DQEBCwUAA4IBAQCT8dbTXwQEZjmO0iC1slSPsADYs4EdwuehR2i8
CkuNHDt6aU1hiO8BMmyJCovLP0VQj0vY4uR2l2k90iCQ/e1orqae+YFXJvbukrpo
Cf+72WgUadEFRvLA9LS8ZJWMbydLzegsQ8UdL7BllL6jVglrlR5QMFrq/U7wC0KH
WRCcFrPimJ0xyE2b+GgU84GA2VpMClEPtknyh1Avp2rlsuH+BtTz4ircuV4Bmu9B
GGCqHaKrl5H8Tdgp72grNjWcnoV57yoNOFYaK6xNKK8oEWLzJvBMV55ZkSKVhofP
fnmk7XR4FJdWvI6+pYSOQ6GyuOsSOo8lzcXYotAC1MYV4M+b
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:08 2025 by rpki-client