Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/nbk4yP_FagRlgIzIp0e2REItc5M.roa
File: nbk4yP_FagRlgIzIp0e2REItc5M.roa (raw, json)
Hash identifier: ZmhaqYCpA/7e6sQr2IcDeomNEo2PteKz0y1pPD2rSEI=
Subject key identifier: 9D:B9:38:C8:FF:C5:6A:04:65:80:8C:C8:A7:47:B6:44:42:2D:73:93
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0E4A
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/nbk4yP_FagRlgIzIp0e2REItc5M.roa
Signing time: Mon 10 Feb 2025 14:03:23 +0000
ROA not before: Mon 10 Feb 2025 14:03:23 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 61.57.144.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3658 (0xe4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 10 14:03:23 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9DB938C8FFC56A0465808CC8A747B644422D7393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:11:e1:0f:65:6f:6c:a0:3d:21:e1:99:57:2b:
f6:1a:0a:33:37:16:7c:1c:85:d7:0c:76:4e:a1:3b:
57:81:75:c0:a4:88:a8:6a:f0:da:71:c1:0d:6f:7f:
34:ea:2a:10:30:47:82:51:f5:4d:ce:58:fd:e6:d3:
53:fd:c9:d8:8b:3c:88:b4:33:9e:e4:5c:13:a8:dd:
45:3f:f9:68:ea:48:11:28:9a:bc:80:c9:ca:65:5e:
3c:21:b8:1d:f4:98:71:21:82:57:d1:7e:c2:12:33:
b7:70:eb:2f:18:fc:91:06:b3:2d:e2:d6:e8:4c:20:
4d:09:aa:87:69:c8:6c:24:58:f0:4f:1f:3e:80:48:
31:1e:d1:3f:47:14:0e:75:ee:41:d2:96:26:35:77:
3c:24:ee:9a:e1:c5:84:9c:d7:54:a2:c0:f1:ab:9c:
47:89:68:83:77:e4:a6:3d:84:45:48:49:99:de:9f:
64:6a:1e:b9:37:e8:1b:fc:e4:a0:6e:82:d8:19:ea:
03:9b:bc:a6:44:4f:c8:33:e2:9e:ef:c4:e4:75:d4:
dd:23:eb:3f:57:40:5b:f6:73:ba:04:7f:99:ea:8b:
8e:6d:62:53:46:96:e9:30:ae:73:cf:db:e8:29:8e:
ed:b8:eb:85:9d:e2:73:bd:2c:74:8f:66:88:f2:50:
57:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:B9:38:C8:FF:C5:6A:04:65:80:8C:C8:A7:47:B6:44:42:2D:73:93
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/nbk4yP_FagRlgIzIp0e2REItc5M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.144.0/21
Signature Algorithm: sha256WithRSAEncryption
62:28:9b:e0:fe:7c:16:56:66:b5:d2:e5:5f:2b:f4:e4:e5:9c:
0c:c2:3f:1d:a2:b2:eb:fe:f7:e8:f7:c4:e5:19:18:30:27:20:
ab:ea:7b:cc:dd:2b:20:3a:00:b8:a0:72:c8:09:9f:dd:c3:49:
24:1d:3e:04:9a:ca:a2:af:06:7f:6b:10:24:45:b0:ec:e1:60:
84:71:e6:5c:84:ae:ae:96:00:20:23:71:93:b8:a9:f3:7e:95:
6e:c9:6a:f4:19:53:89:e8:50:c5:2f:9a:47:00:9e:71:41:0d:
ca:6a:db:8f:16:25:ff:a7:85:0a:06:04:f9:7a:48:fa:de:c4:
ba:7f:3c:bb:10:d0:43:ed:f8:51:e2:2a:b5:20:a9:d4:94:e4:
19:01:a6:f9:94:c3:35:c5:73:a1:19:5e:a5:99:71:e1:6a:2d:
28:8f:a6:66:ac:76:d0:3a:4f:e5:a1:ee:91:41:79:c7:b5:bf:
6c:66:f6:44:49:88:1d:52:bb:f3:6f:2d:2b:76:86:cb:00:66:
ab:48:a8:ce:71:b1:42:b7:27:a8:5a:e2:20:b3:6a:4c:8e:53:
af:a0:e0:ec:90:cd:2c:b9:20:aa:fc:be:93:53:69:70:94:3e:
29:7d:e5:a5:f4:5e:a1:c3:5a:58:fd:ff:df:fe:ee:d7:d9:77:
ab:c5:3a:a9
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDkowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx
NDAzMjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlEQjkzOEM4RkZDNTZB
MDQ2NTgwOENDOEE3NDdCNjQ0NDIyRDczOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3EeEPZW9soD0h4ZlXK/YaCjM3FnwchdcMdk6hO1eBdcCkiKhq
8NpxwQ1vfzTqKhAwR4JR9U3OWP3m01P9ydiLPIi0M57kXBOo3UU/+WjqSBEomryA
ycplXjwhuB30mHEhglfRfsISM7dw6y8Y/JEGsy3i1uhMIE0JqodpyGwkWPBPHz6A
SDEe0T9HFA517kHSliY1dzwk7prhxYSc11SiwPGrnEeJaIN35KY9hEVISZnen2Rq
Hrk36Bv85KBugtgZ6gObvKZET8gz4p7vxOR11N0j6z9XQFv2c7oEf5nqi45tYlNG
lukwrnPP2+gpju2464Wd4nO9LHSPZojyUFdrAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUnbk4yP/FagRlgIzIp0e2REItc5MwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9uYms0eVBfRmFnUmxnSXpJcDBl
MlJFSXRjNU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBiKJvg/nwWVma10uVfK/Tk5ZwMwj8dorLr/vfo
98TlGRgwJyCr6nvM3SsgOgC4oHLICZ/dw0kkHT4EmsqirwZ/axAkRbDs4WCEceZc
hK6ulgAgI3GTuKnzfpVuyWr0GVOJ6FDFL5pHAJ5xQQ3KatuPFiX/p4UKBgT5ekj6
3sS6fzy7ENBD7fhR4iq1IKnUlOQZAab5lMM1xXOhGV6lmXHhai0oj6ZmrHbQOk/l
oe6RQXnHtb9sZvZESYgdUrvzby0rdobLAGarSKjOcbFCtyeoWuIgs2pMjlOvoODs
kM0suSCq/L6TU2lwlD4pfeWl9F6hw1pY/f/f/u7X2XerxTqp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:46 2025 by rpki-client