Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/j4aJJ2WiQb4lxhLXwJdtSZMLbFI.roa
File: j4aJJ2WiQb4lxhLXwJdtSZMLbFI.roa (raw, json)
Hash identifier: UYdWHhOJEQn9+l0Klp/vM4qOKsYEgf59OuXisbOnz6E=
Subject key identifier: 8F:86:89:27:65:A2:41:BE:25:C6:12:D7:C0:97:6D:49:93:0B:6C:52
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0E61
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/j4aJJ2WiQb4lxhLXwJdtSZMLbFI.roa
Signing time: Mon 10 Feb 2025 14:03:28 +0000
ROA not before: Mon 10 Feb 2025 14:03:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 61.57.136.0/21 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3681 (0xe61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 10 14:03:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8F86892765A241BE25C612D7C0976D49930B6C52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4e:e6:02:7a:35:1f:16:91:3b:d8:10:ac:04:
98:51:9f:b1:f5:5c:e4:79:f2:c3:9f:eb:2e:cc:41:
24:fa:61:eb:2e:44:6c:8f:91:44:cd:35:4d:4c:82:
eb:68:93:59:ee:34:74:4e:55:1b:28:80:b7:e9:f8:
d7:ce:8d:82:c5:13:9b:d5:0c:82:4d:5c:e5:12:23:
43:02:e6:ec:cd:98:a4:fc:a1:02:f5:49:17:3d:ec:
7a:d8:de:72:2e:81:1d:50:66:8c:3b:fc:32:d3:ac:
34:5f:65:f4:8e:c0:aa:1d:15:8a:c1:6c:fc:7a:63:
9d:68:a6:ff:d2:3f:a7:aa:50:f4:a7:83:38:0a:6e:
bf:b6:6e:7f:cd:f6:61:02:c7:cc:a1:fb:d3:df:ac:
e5:35:c5:50:9a:62:70:65:d2:33:86:7c:a4:46:97:
87:3f:1c:46:5a:fb:34:de:43:d8:d8:46:32:92:b8:
92:fe:f5:1a:a4:7f:73:bf:10:58:47:43:07:d0:39:
53:e9:c4:c4:75:02:e6:82:c0:e6:21:fe:6d:11:2f:
f1:86:27:f4:70:51:da:21:41:c9:1f:ab:c4:f1:82:
67:6e:d4:ba:70:bf:70:10:c6:b0:91:04:44:6f:3b:
14:8b:89:ac:0a:e6:a3:ea:22:7d:8e:3b:33:02:40:
c8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:86:89:27:65:A2:41:BE:25:C6:12:D7:C0:97:6D:49:93:0B:6C:52
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/j4aJJ2WiQb4lxhLXwJdtSZMLbFI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.136.0/21
Signature Algorithm: sha256WithRSAEncryption
50:c1:eb:29:3f:9b:4c:8c:d2:03:1d:05:35:9a:0c:40:1e:9d:
bd:82:ef:13:b9:e8:97:25:99:cd:26:fc:d7:21:01:3c:a0:12:
f9:12:4c:3c:45:1c:6c:bd:01:d0:8b:93:9a:b6:3b:e0:d2:2b:
f9:2f:8f:88:fa:d4:d6:12:51:88:ef:c6:39:98:73:1a:0b:99:
dd:02:53:9c:c4:18:75:9f:f5:53:6a:c0:58:b4:70:5e:83:ba:
38:ab:81:2f:c5:ca:46:55:81:ef:59:25:63:e2:12:6e:0e:c2:
ac:96:ac:23:9d:0d:07:ec:89:a6:88:4c:9e:75:db:e5:6a:99:
6c:03:80:aa:9f:9a:52:cf:a0:03:a7:9e:18:78:ee:1b:de:89:
73:10:09:45:3c:55:01:f0:16:c0:30:0f:d9:c9:24:51:63:c1:
e2:74:21:4c:ad:cb:65:04:7f:fe:5e:5d:b1:59:49:b9:bd:50:
85:63:2b:f3:a6:bd:fa:d1:cf:f2:03:55:85:a7:3e:23:a8:06:
e7:58:cb:53:0a:a2:88:ce:1c:5b:a6:de:34:3c:77:8b:86:b3:
84:be:74:43:3f:f3:cc:bb:b0:03:5c:87:7e:dd:b2:90:e6:06:
78:98:77:35:09:e6:13:88:4a:b4:cd:11:ad:ef:26:7f:7d:f6:
a2:79:ab:6e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx
NDAzMjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhGODY4OTI3NjVBMjQx
QkUyNUM2MTJEN0MwOTc2RDQ5OTMwQjZDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSTuYCejUfFpE72BCsBJhRn7H1XOR58sOf6y7MQST6YesuRGyP
kUTNNU1Mgutok1nuNHROVRsogLfp+NfOjYLFE5vVDIJNXOUSI0MC5uzNmKT8oQL1
SRc97HrY3nIugR1QZow7/DLTrDRfZfSOwKodFYrBbPx6Y51opv/SP6eqUPSngzgK
br+2bn/N9mECx8yh+9PfrOU1xVCaYnBl0jOGfKRGl4c/HEZa+zTeQ9jYRjKSuJL+
9Rqkf3O/EFhHQwfQOVPpxMR1AuaCwOYh/m0RL/GGJ/RwUdohQckfq8Txgmdu1Lpw
v3AQxrCRBERvOxSLiawK5qPqIn2OOzMCQMg7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUj4aJJ2WiQb4lxhLXwJdtSZMLbFIwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9qNGFKSjJXaVFiNGx4aExYd0pk
dFNaTUxiRkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmI
MA0GCSqGSIb3DQEBCwUAA4IBAQBQwespP5tMjNIDHQU1mgxAHp29gu8TueiXJZnN
JvzXIQE8oBL5Ekw8RRxsvQHQi5Oatjvg0iv5L4+I+tTWElGI78Y5mHMaC5ndAlOc
xBh1n/VTasBYtHBeg7o4q4EvxcpGVYHvWSVj4hJuDsKslqwjnQ0H7ImmiEyeddvl
aplsA4Cqn5pSz6ADp54YeO4b3olzEAlFPFUB8BbAMA/ZySRRY8HidCFMrctlBH/+
Xl2xWUm5vVCFYyvzpr360c/yA1WFpz4jqAbnWMtTCqKIzhxbpt40PHeLhrOEvnRD
P/PMu7ADXId+3bKQ5gZ4mHc1CeYTiEq0zRGt7yZ/ffaieatu
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:17 2025 by rpki-client