Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3QZAne3OcmEnfreyMhcydmUdin4.roa
File: 3QZAne3OcmEnfreyMhcydmUdin4.roa (raw, json)
Hash identifier: DsIZP6zIcT8Al79JY84V0hkGkNQU6LreJejS3O3/7Ck=
Subject key identifier: DD:06:40:9D:ED:CE:72:61:27:7E:B7:B2:32:17:32:76:65:1D:8A:7E
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 127C
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3QZAne3OcmEnfreyMhcydmUdin4.roa
Signing time: Mon 10 Feb 2025 14:14:54 +0000
ROA not before: Mon 10 Feb 2025 14:14:54 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17408
IP address blocks: 113.21.88.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4732 (0x127c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:14:54 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DD06409DEDCE7261277EB7B232173276651D8A7E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:c3:02:ab:fe:8f:2f:f1:31:bb:c8:83:02:95:
94:8d:66:2c:ae:1a:2c:10:83:be:e8:b8:58:60:bc:
63:97:82:b4:0d:7f:55:8d:a6:5f:6b:af:fa:6d:2f:
1a:64:3b:75:4b:77:97:c4:8a:75:4c:88:3e:e6:08:
3e:19:29:a7:97:a5:d6:77:1d:9f:3b:d1:69:ac:0a:
40:c1:b5:f2:1d:2d:5c:f9:d9:ed:66:be:ee:09:9e:
97:02:22:47:3a:a4:ac:4e:14:be:b8:5a:6f:22:7e:
a7:f1:c0:42:cd:38:89:81:c4:38:27:7b:e8:43:34:
78:df:fc:f6:3d:bb:b0:bb:bb:28:4a:9d:a4:bd:77:
56:7d:2a:05:d8:41:15:66:1c:48:4b:40:43:42:85:
68:ad:2e:da:57:44:55:25:2c:7a:1c:32:c3:b0:c1:
81:a9:11:4e:17:c1:56:b4:7a:f2:03:59:18:a9:ef:
a0:e8:83:1c:36:9c:6e:45:02:01:5e:84:af:ac:5e:
03:9a:2b:f4:aa:3f:68:b5:93:dc:85:03:20:08:72:
cb:40:60:52:81:91:b0:39:70:7c:c7:0e:28:27:a1:
7f:86:1e:9a:ea:ed:d8:54:b1:08:95:b2:fb:27:d8:
d0:39:d3:08:d0:74:55:84:37:f0:4b:00:75:10:8a:
ae:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:06:40:9D:ED:CE:72:61:27:7E:B7:B2:32:17:32:76:65:1D:8A:7E
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3QZAne3OcmEnfreyMhcydmUdin4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.21.88.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:c7:cb:c4:fc:b4:66:58:c6:27:b4:62:47:8d:58:38:c8:4f:
cc:be:a8:0b:9d:78:56:07:22:f4:4b:1f:4e:00:8a:89:3d:5f:
0b:ad:b2:56:94:72:42:d6:ec:57:b9:27:af:fa:41:88:93:4d:
38:40:4e:c8:95:90:02:aa:22:71:88:31:76:d8:c3:2a:47:07:
fa:b4:2d:cf:04:30:d3:78:6d:ad:1f:9d:a1:42:cb:0f:39:2e:
96:f2:28:59:a6:ed:fe:64:fe:95:f7:92:fb:3b:c0:4f:ec:d4:
27:52:90:1f:a6:a1:80:49:d7:6c:23:a9:53:de:3b:55:f2:3a:
02:ac:89:ce:ba:ce:a6:f4:bb:61:95:fd:a9:77:35:74:bb:a2:
53:ec:15:1f:60:05:4e:8d:75:43:c1:84:5a:a3:20:79:9a:4f:
1a:94:79:f5:b5:3c:c0:39:62:80:ba:a9:6f:20:09:6c:11:78:
f8:fb:09:46:b9:0d:21:3f:f8:d7:ec:ab:b2:97:54:16:dc:6f:
87:06:49:57:ef:1a:9c:0f:c3:20:a6:f2:a2:27:6a:e8:df:79:
c6:74:6b:17:d6:83:8a:43:77:c9:34:23:8d:a6:ef:67:22:a1:
73:f4:62:fb:f4:c7:7e:39:a2:94:a6:7a:9c:b5:f1:11:bd:12:
1a:9b:3c:3c
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEnwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE0NTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEREMDY0MDlERURDRTcy
NjEyNzdFQjdCMjMyMTczMjc2NjUxRDhBN0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFwwKr/o8v8TG7yIMClZSNZiyuGiwQg77ouFhgvGOXgrQNf1WN
pl9rr/ptLxpkO3VLd5fEinVMiD7mCD4ZKaeXpdZ3HZ870WmsCkDBtfIdLVz52e1m
vu4JnpcCIkc6pKxOFL64Wm8ifqfxwELNOImBxDgne+hDNHjf/PY9u7C7uyhKnaS9
d1Z9KgXYQRVmHEhLQENChWitLtpXRFUlLHocMsOwwYGpEU4XwVa0evIDWRip76Do
gxw2nG5FAgFehK+sXgOaK/SqP2i1k9yFAyAIcstAYFKBkbA5cHzHDignoX+GHprq
7dhUsQiVsvsn2NA50wjQdFWEN/BLAHUQiq4dAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU3QZAne3OcmEnfreyMhcydmUdin4wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8zUVpBbmUzT2NtRW5m
cmV5TWhjeWRtVWRpbjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDcRVYMA0GCSqGSIb3DQEBCwUAA4IBAQAex8vE/LRmWMYntGJHjVg4yE/MvqgL
nXhWByL0Sx9OAIqJPV8LrbJWlHJC1uxXuSev+kGIk004QE7IlZACqiJxiDF22MMq
Rwf6tC3PBDDTeG2tH52hQssPOS6W8ihZpu3+ZP6V95L7O8BP7NQnUpAfpqGASdds
I6lT3jtV8joCrInOus6m9Lthlf2pdzV0u6JT7BUfYAVOjXVDwYRaoyB5mk8alHn1
tTzAOWKAuqlvIAlsEXj4+wlGuQ0hP/jX7Kuyl1QW3G+HBklX7xqcD8MgpvKiJ2ro
33nGdGsX1oOKQ3fJNCONpu9nIqFz9GL79Md+OaKUpnqctfERvRIamzw8
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:24:53 2025 by rpki-client