Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3I2LCKAv70ys99-P_YeR7kYVXuI.roa
File: 3I2LCKAv70ys99-P_YeR7kYVXuI.roa (raw, json)
Hash identifier: +JHqbQkOnkRmL8Rs88Xln+i5aljBJsjXYeaCnPC7rqs=
Subject key identifier: DC:8D:8B:08:A0:2F:EF:4C:AC:F7:DF:8F:FD:87:91:EE:46:15:5E:E2
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 1293
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3I2LCKAv70ys99-P_YeR7kYVXuI.roa
Signing time: Mon 10 Feb 2025 14:15:00 +0000
ROA not before: Mon 10 Feb 2025 14:15:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17408
IP address blocks: 113.21.95.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4755 (0x1293)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:15:00 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DC8D8B08A02FEF4CACF7DF8FFD8791EE46155EE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:45:40:2e:8c:7f:dc:8f:e4:18:9b:98:fc:b3:
8c:dd:81:54:17:4a:5c:a6:26:76:53:55:0e:01:56:
be:18:d7:34:9c:14:b9:83:d1:94:a9:bf:51:80:5a:
5e:3b:6f:04:62:f9:c5:73:15:72:99:33:f5:a7:5f:
25:6c:ba:a9:00:1b:3b:68:fd:00:36:7c:f2:5f:a2:
a5:9d:ee:06:97:7c:9a:bc:83:8e:1d:42:a9:b8:c3:
e3:33:77:61:9c:b3:58:12:5d:83:4d:0a:17:7b:6b:
33:a0:93:69:90:a2:59:de:72:12:c9:d4:c0:2d:69:
94:db:e8:5f:d1:69:2b:2d:57:81:5d:33:cd:ef:cc:
98:b4:ed:63:19:fe:bb:79:1d:bb:98:c9:c3:3a:f9:
03:0c:46:d8:c1:1b:e0:8b:41:d9:ef:bc:64:10:58:
e0:46:08:19:f0:e8:2e:a8:97:a8:eb:19:cf:a4:8a:
0b:21:6b:25:35:29:ab:7c:67:d0:4f:8c:78:59:b6:
59:ed:86:06:1d:69:07:e4:02:1c:49:19:07:ba:de:
de:07:4e:d4:5c:de:c1:31:fc:80:cf:17:76:c7:2f:
67:c8:b2:7a:0c:dd:52:0b:f1:ab:04:c9:88:7a:e0:
6e:1f:ff:a0:7f:ac:4f:e4:55:73:5a:b5:8c:57:7c:
00:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:8D:8B:08:A0:2F:EF:4C:AC:F7:DF:8F:FD:87:91:EE:46:15:5E:E2
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3I2LCKAv70ys99-P_YeR7kYVXuI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.21.95.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:88:fb:f3:0d:c5:b5:6e:cb:b7:03:9a:df:e0:d4:f5:88:a1:
e0:f5:ca:ef:48:a1:26:7c:72:76:a3:c7:41:1d:70:de:dd:57:
c1:10:b0:ba:d3:99:e7:ad:cb:72:15:5e:99:e4:8e:a6:01:cc:
35:e9:f3:2e:4d:ab:38:06:b1:b1:be:10:69:21:89:94:2b:13:
aa:85:af:e3:87:a7:f4:f8:aa:ab:0e:d5:cc:28:4e:18:28:8d:
f8:cf:c1:b5:cc:54:54:9f:01:c0:fa:a7:91:dc:60:39:25:e6:
0d:3c:27:d8:c7:be:51:65:d6:46:d2:02:95:35:27:84:83:9a:
4d:8c:35:2c:77:6d:9c:f3:b3:45:7e:a0:97:b3:72:77:bb:68:
24:f9:7c:73:7e:6b:fa:8d:22:86:ae:31:05:cf:aa:92:d8:dd:
f6:0e:5d:a8:dd:d7:90:92:98:63:c8:57:bf:9e:a5:c4:ac:4f:
59:5b:44:55:50:39:5f:6e:47:05:47:aa:66:6e:67:20:b3:a6:
52:c9:d6:75:17:7d:ce:31:ff:94:7e:99:c6:02:9a:9d:f1:80:
bb:e5:18:0f:6a:ab:94:28:90:53:3d:64:c4:87:a7:fc:69:0d:
38:1d:33:da:5d:17:28:3d:2e:9a:60:38:f2:58:9e:e6:24:c8:
be:12:3b:32
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEpMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE1MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDOEQ4QjA4QTAyRkVG
NENBQ0Y3REY4RkZEODc5MUVFNDYxNTVFRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsRUAujH/cj+QYm5j8s4zdgVQXSlymJnZTVQ4BVr4Y1zScFLmD
0ZSpv1GAWl47bwRi+cVzFXKZM/WnXyVsuqkAGzto/QA2fPJfoqWd7gaXfJq8g44d
Qqm4w+Mzd2Gcs1gSXYNNChd7azOgk2mQolnechLJ1MAtaZTb6F/RaSstV4FdM83v
zJi07WMZ/rt5HbuYycM6+QMMRtjBG+CLQdnvvGQQWOBGCBnw6C6ol6jrGc+kigsh
ayU1Kat8Z9BPjHhZtlnthgYdaQfkAhxJGQe63t4HTtRc3sEx/IDPF3bHL2fIsnoM
3VIL8asEyYh64G4f/6B/rE/kVXNatYxXfAApAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU3I2LCKAv70ys99+P/YeR7kYVXuIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8zSTJMQ0tBdjcweXM5
OS1QX1llUjdrWVZYdUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAcRVfMA0GCSqGSIb3DQEBCwUAA4IBAQCqiPvzDcW1bsu3A5rf4NT1iKHg9crv
SKEmfHJ2o8dBHXDe3VfBELC605nnrctyFV6Z5I6mAcw16fMuTas4BrGxvhBpIYmU
KxOqha/jh6f0+KqrDtXMKE4YKI34z8G1zFRUnwHA+qeR3GA5JeYNPCfYx75RZdZG
0gKVNSeEg5pNjDUsd22c87NFfqCXs3J3u2gk+Xxzfmv6jSKGrjEFz6qS2N32Dl2o
3deQkphjyFe/nqXErE9ZW0RVUDlfbkcFR6pmbmcgs6ZSydZ1F33OMf+UfpnGApqd
8YC75RgPaquUKJBTPWTEh6f8aQ04HTPaXRcoPS6aYDjyWJ7mJMi+Ejsy
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:00:05 2025 by rpki-client