Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/c5nNDgfYWgi6O5nqir1wZcvdId0.roa
File: c5nNDgfYWgi6O5nqir1wZcvdId0.roa (raw, json)
Hash identifier: PG+7JddDzLAgWmV8Eh/qbJVWA/jS9nRq9tKaxRzFVjA=
Subject key identifier: 73:99:CD:0E:07:D8:5A:08:BA:3B:99:EA:8A:BD:70:65:CB:DD:21:DD
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0E4C
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/c5nNDgfYWgi6O5nqir1wZcvdId0.roa
Signing time: Mon 10 Feb 2025 14:03:23 +0000
ROA not before: Mon 10 Feb 2025 14:03:23 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 123.50.32.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3660 (0xe4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 10 14:03:23 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7399CD0E07D85A08BA3B99EA8ABD7065CBDD21DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:9b:5f:44:c1:dd:2a:d6:60:e6:64:7c:f4:3d:
5b:a8:98:c9:12:d6:26:de:d5:7b:ce:78:05:a8:6d:
1c:d7:16:03:39:71:59:32:48:3d:48:73:a0:d9:f2:
a2:17:c0:87:e2:ae:8b:99:26:fc:7e:f2:96:21:fc:
12:57:a6:2a:7e:ec:9c:cb:14:b4:88:b6:5d:64:59:
51:17:ef:44:ad:c1:68:94:4a:fc:5b:64:cd:7e:b2:
69:28:d2:93:bd:97:da:fe:8d:93:0e:3f:0a:77:c0:
21:53:be:c7:cf:2e:67:41:1f:81:d0:be:aa:54:a2:
e9:92:b5:6a:18:de:6b:bd:b8:61:6d:bf:9f:05:8f:
81:85:76:67:46:b6:c4:d0:97:d6:59:ae:62:ae:72:
e2:41:f9:7d:bb:51:84:b1:8e:9d:06:99:92:af:02:
29:5b:01:10:a6:9e:ac:83:2e:b8:8f:69:8a:22:17:
69:ca:b7:5b:0f:5a:5b:79:63:fd:41:72:98:bd:32:
16:aa:06:83:76:84:4a:1c:48:a4:e8:0e:9b:c6:b6:
12:15:85:91:f0:9b:9a:0f:7a:dd:26:d4:f9:0d:a1:
8e:fb:e5:a1:c0:d4:4c:04:11:c0:8c:ac:d5:a4:65:
23:61:31:3d:2e:5d:33:1b:be:6f:00:35:ed:2a:70:
93:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:99:CD:0E:07:D8:5A:08:BA:3B:99:EA:8A:BD:70:65:CB:DD:21:DD
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/c5nNDgfYWgi6O5nqir1wZcvdId0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.50.32.0/21
Signature Algorithm: sha256WithRSAEncryption
72:60:45:57:a1:cb:65:c9:64:ca:f9:3c:fe:59:a1:6d:be:50:
16:53:36:6b:dc:9c:a3:e9:48:ab:14:c1:c8:4a:fe:10:aa:1d:
e1:66:34:ed:59:60:a9:dd:64:cc:8f:0f:7f:17:67:4e:5a:b8:
a7:1d:66:49:50:74:f7:f6:f5:43:c8:1b:8d:d2:74:db:46:07:
8b:f2:d6:ee:63:bb:d6:16:1e:d0:47:62:40:4c:df:97:1b:7d:
ed:68:31:fb:d4:ac:49:d2:ae:03:db:48:6a:c1:a1:9f:8b:a2:
dc:cb:cc:dd:3c:19:9b:11:11:7e:4e:14:e8:a5:f7:c4:29:c5:
4e:68:eb:0d:50:b6:e0:d3:f7:78:01:79:c9:3d:52:63:40:ad:
bd:ef:79:cb:9b:5e:43:f7:6a:ec:8c:f7:1b:fd:17:28:3f:3a:
c8:c3:83:7f:d0:50:03:e2:fe:e2:26:2a:40:84:5a:64:a2:5b:
64:ce:5a:b9:63:4f:2c:dc:84:2f:38:41:d7:47:78:f4:fe:40:
67:73:71:63:88:c1:64:80:78:6a:7e:db:bb:90:3d:6a:4c:4a:
60:53:f0:a7:a8:19:56:8c:58:d3:52:81:4b:25:7e:ae:0b:06:
6a:8f:2a:91:82:f3:49:3a:cf:d9:b0:08:50:d1:d4:db:d2:13:
5c:cb:27:e4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDkwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx
NDAzMjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDczOTlDRDBFMDdEODVB
MDhCQTNCOTlFQThBQkQ3MDY1Q0JERDIxREQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCam19Ewd0q1mDmZHz0PVuomMkS1ibe1XvOeAWobRzXFgM5cVky
SD1Ic6DZ8qIXwIfirouZJvx+8pYh/BJXpip+7JzLFLSItl1kWVEX70StwWiUSvxb
ZM1+smko0pO9l9r+jZMOPwp3wCFTvsfPLmdBH4HQvqpUoumStWoY3mu9uGFtv58F
j4GFdmdGtsTQl9ZZrmKucuJB+X27UYSxjp0GmZKvAilbARCmnqyDLriPaYoiF2nK
t1sPWlt5Y/1Bcpi9MhaqBoN2hEocSKToDpvGthIVhZHwm5oPet0m1PkNoY775aHA
1EwEEcCMrNWkZSNhMT0uXTMbvm8ANe0qcJMfAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUc5nNDgfYWgi6O5nqir1wZcvdId0wHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9jNW5ORGdmWVdnaTZPNW5xaXIx
d1pjdmRJZDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDezIg
MA0GCSqGSIb3DQEBCwUAA4IBAQByYEVXoctlyWTK+Tz+WaFtvlAWUzZr3Jyj6Uir
FMHISv4Qqh3hZjTtWWCp3WTMjw9/F2dOWrinHWZJUHT39vVDyBuN0nTbRgeL8tbu
Y7vWFh7QR2JATN+XG33taDH71KxJ0q4D20hqwaGfi6Lcy8zdPBmbERF+ThTopffE
KcVOaOsNULbg0/d4AXnJPVJjQK2973nLm15D92rsjPcb/RcoPzrIw4N/0FAD4v7i
JipAhFpkoltkzlq5Y08s3IQvOEHXR3j0/kBnc3FjiMFkgHhqftu7kD1qTEpgU/Cn
qBlWjFjTUoFLJX6uCwZqjyqRgvNJOs/ZsAhQ0dTb0hNcyyfk
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:08 2025 by rpki-client