Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/QXKiva8rC5c4cHN3RUCUH-zjEQ0.roa
File: QXKiva8rC5c4cHN3RUCUH-zjEQ0.roa (raw, json)
Hash identifier: Li2UumvKuKthkNYOLuZreKXPp8YU/efNd3eGO3dF4qc=
Subject key identifier: 41:72:A2:BD:AF:2B:0B:97:38:70:73:77:45:40:94:1F:EC:E3:11:0D
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0E54
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/QXKiva8rC5c4cHN3RUCUH-zjEQ0.roa
Signing time: Mon 10 Feb 2025 14:03:25 +0000
ROA not before: Mon 10 Feb 2025 14:03:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 103.224.200.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3668 (0xe54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 10 14:03:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4172A2BDAF2B0B97387073774540941FECE3110D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7b:74:bc:f2:36:46:67:7b:0c:5b:eb:c8:84:
7e:39:35:ea:69:88:25:ac:97:fd:b1:57:09:5d:df:
63:3f:e1:42:89:2c:bd:ba:8c:8c:9b:fe:83:78:4d:
69:f0:13:83:01:ab:47:af:ea:27:ab:85:fd:3c:bf:
44:c8:0b:bc:cd:8f:a2:d7:33:04:3f:1e:bf:2f:22:
b3:47:96:3d:3b:81:1c:31:12:6b:4b:59:74:6e:a6:
14:bd:31:0f:b5:d2:e6:18:9f:8e:88:c6:a1:69:74:
fd:23:41:65:2b:35:27:12:30:cd:e0:95:1e:25:1a:
37:a2:b0:4e:ac:84:00:9c:01:58:b7:f7:59:47:46:
7e:40:06:cf:09:c1:a4:38:92:42:77:49:df:c3:c9:
6d:6d:5e:24:50:72:e2:5b:9c:84:68:54:a4:a0:96:
0a:2d:98:4a:74:a1:d2:b6:66:1c:06:c0:1a:0b:45:
af:1a:63:62:cc:88:2f:4d:5e:27:ca:76:6b:37:63:
41:fb:9d:fa:d0:51:c8:eb:66:44:28:66:fc:60:a6:
88:e4:4b:76:62:51:78:05:b7:f5:da:66:02:67:f3:
76:9e:ac:46:38:11:71:e9:de:d3:f3:4a:1b:00:8a:
fa:13:1e:86:e5:fe:20:9d:6d:cd:86:ab:e6:70:7b:
83:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:72:A2:BD:AF:2B:0B:97:38:70:73:77:45:40:94:1F:EC:E3:11:0D
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/QXKiva8rC5c4cHN3RUCUH-zjEQ0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.200.0/22
Signature Algorithm: sha256WithRSAEncryption
81:36:d7:e4:63:36:57:57:60:42:3b:b5:aa:99:14:eb:6c:2f:
03:03:7a:80:9d:28:cc:0c:54:43:f9:c7:cb:c4:57:40:40:bd:
94:44:9e:08:0b:bb:6b:8f:ba:dd:70:e1:b8:ac:68:79:73:ad:
0c:a1:f2:26:b9:e5:fb:93:ba:36:84:75:cf:a7:84:b3:8d:97:
2e:b6:ad:97:cc:f1:7c:68:2a:47:12:0c:c9:91:c5:4d:32:f7:
0d:cd:b9:d8:9d:d6:35:28:12:29:aa:ef:41:e2:fb:f3:fa:bd:
25:06:8a:3d:e4:96:36:83:56:25:b8:91:6f:7d:d2:4c:d5:1f:
e8:a4:61:27:f2:07:24:36:1d:07:58:1d:c6:2f:a1:e3:ba:a9:
d4:cf:70:65:0a:30:40:57:78:79:b6:36:d3:fa:d9:81:ae:3f:
c7:94:52:28:eb:6c:32:40:dc:20:c9:5c:30:d7:f8:45:0d:06:
f8:c2:d0:a4:86:df:e7:68:a6:aa:12:e6:07:71:63:02:a7:f7:
61:48:53:a4:22:0e:ca:26:3b:90:69:8d:c6:29:eb:25:d8:bc:
88:37:4f:07:56:b2:a1:02:26:82:fd:83:94:db:3a:a8:30:8d:
12:e6:ff:19:a1:5c:8f:87:c6:0f:48:1e:bd:0b:86:81:63:5e:
a1:8d:a1:5d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDlQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx
NDAzMjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQxNzJBMkJEQUYyQjBC
OTczODcwNzM3NzQ1NDA5NDFGRUNFMzExMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCe3S88jZGZ3sMW+vIhH45NeppiCWsl/2xVwld32M/4UKJLL26
jIyb/oN4TWnwE4MBq0ev6ierhf08v0TIC7zNj6LXMwQ/Hr8vIrNHlj07gRwxEmtL
WXRuphS9MQ+10uYYn46IxqFpdP0jQWUrNScSMM3glR4lGjeisE6shACcAVi391lH
Rn5ABs8JwaQ4kkJ3Sd/DyW1tXiRQcuJbnIRoVKSglgotmEp0odK2ZhwGwBoLRa8a
Y2LMiC9NXifKdms3Y0H7nfrQUcjrZkQoZvxgpojkS3ZiUXgFt/XaZgJn83aerEY4
EXHp3tPzShsAivoTHobl/iCdbc2Gq+Zwe4PHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUQXKiva8rC5c4cHN3RUCUH+zjEQ0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9RWEtpdmE4ckM1YzRjSE4zUlVD
VUgtempFUTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+DI
MA0GCSqGSIb3DQEBCwUAA4IBAQCBNtfkYzZXV2BCO7WqmRTrbC8DA3qAnSjMDFRD
+cfLxFdAQL2URJ4IC7trj7rdcOG4rGh5c60MofImueX7k7o2hHXPp4SzjZcutq2X
zPF8aCpHEgzJkcVNMvcNzbnYndY1KBIpqu9B4vvz+r0lBoo95JY2g1YluJFvfdJM
1R/opGEn8gckNh0HWB3GL6HjuqnUz3BlCjBAV3h5tjbT+tmBrj/HlFIo62wyQNwg
yVww1/hFDQb4wtCkht/naKaqEuYHcWMCp/dhSFOkIg7KJjuQaY3GKesl2LyIN08H
VrKhAiaC/YOU2zqoMI0S5v8ZoVyPh8YPSB69C4aBY16hjaFd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:19 2025 by rpki-client