Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XcIhSEmu_2jgZyz7C2ghJnY2MpI.roa
File: XcIhSEmu_2jgZyz7C2ghJnY2MpI.roa (raw, json)
Hash identifier: TCx27DciaJNGwWZYglznXQ4CMYutiViZJQ2hCYqSx1Y=
Subject key identifier: 5D:C2:21:48:49:AE:FF:68:E0:67:2C:FB:0B:68:21:26:76:36:32:92
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 1160
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XcIhSEmu_2jgZyz7C2ghJnY2MpI.roa
Signing time: Mon 26 Aug 2024 05:10:43 +0000
ROA not before: Mon 26 Aug 2024 05:10:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38851
IP address blocks: 150.117.0.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4448 (0x1160)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Aug 26 05:10:43 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5DC2214849AEFF68E0672CFB0B68212676363292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:9d:b9:1c:cb:46:78:3a:32:70:7c:ef:6e:20:
f5:c0:6a:61:19:ea:1e:06:eb:bc:17:de:7b:88:6b:
c7:39:83:11:99:9b:6a:f1:68:4a:09:5d:f9:78:41:
98:49:4f:39:e8:75:f4:fb:94:c7:9d:c2:a8:4f:91:
53:8a:01:28:06:63:50:9f:f5:fd:ba:e2:18:76:61:
06:98:fd:1b:7c:93:38:90:34:f0:0e:07:07:27:f1:
52:30:7a:d8:83:d3:54:f3:28:32:a0:78:61:05:4c:
2b:a7:64:bb:e9:08:26:97:49:01:02:82:30:8f:8f:
f2:66:40:93:31:59:22:1c:26:21:e3:2c:25:e5:c1:
7e:47:a6:ec:f1:11:c0:d2:90:29:55:d2:2b:91:82:
9d:45:9e:b1:4f:4e:0c:f6:d0:2c:74:3e:2a:e8:1c:
d9:b2:ad:84:3d:02:8b:45:d5:ce:ca:2a:8c:77:c4:
eb:f7:f8:bb:f1:03:4a:98:77:cb:65:c8:3c:b2:74:
b0:35:f3:63:e2:1a:e9:f1:a5:64:9e:5a:c4:4c:b0:
d3:80:93:5d:ee:fb:dd:66:cd:c8:69:ea:b6:58:9f:
a7:26:3c:ef:03:41:88:6b:bc:28:64:19:67:a0:3f:
4b:cf:ff:e5:aa:66:59:04:a6:5c:2d:94:13:56:e4:
cb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C2:21:48:49:AE:FF:68:E0:67:2C:FB:0B:68:21:26:76:36:32:92
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/XcIhSEmu_2jgZyz7C2ghJnY2MpI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.0.0/20
Signature Algorithm: sha256WithRSAEncryption
b2:d1:5b:53:5b:da:23:14:45:54:04:1c:0a:09:7d:4c:0a:4a:
a6:a3:d8:08:74:ad:66:bb:a6:92:17:5c:73:77:bc:fe:b4:b3:
c7:7e:d4:22:f8:a7:97:9c:ba:c5:d6:d3:dd:0e:a4:f8:54:fb:
31:a8:81:8b:c6:9c:a3:9e:77:98:73:08:b9:25:c5:42:56:af:
62:74:ad:db:15:da:6c:68:c4:f9:b9:d5:bd:01:ed:ee:1e:2a:
11:d6:46:30:73:bf:ab:49:bb:aa:64:ca:f1:a7:44:72:4d:a6:
d5:09:ec:a3:b1:12:19:be:7b:ce:ab:fb:19:b3:73:13:a6:43:
dc:4e:ad:1d:77:2c:2d:b2:06:6c:44:63:0a:5b:93:ae:fb:3e:
4a:77:04:b3:51:b4:25:83:dc:f5:29:61:13:49:be:04:ce:03:
90:bc:f7:e8:45:c7:95:9b:be:e5:00:36:0b:0d:fd:e1:34:9d:
f9:83:1a:74:75:ea:3f:5c:f1:7f:92:6c:24:55:a6:08:53:5b:
57:9e:21:d5:4c:b4:ba:26:04:ad:18:25:cd:61:99:ed:8d:06:
e8:9b:86:74:bd:dd:45:8d:13:45:78:82:ea:93:ec:f3:a5:5d:
b7:6e:ee:7b:a0:00:d3:fd:d5:e5:67:c6:e2:47:29:ad:70:d3:
00:52:21:c6
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEWAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNDA4MjYw
NTEwNDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVEQzIyMTQ4NDlBRUZG
NjhFMDY3MkNGQjBCNjgyMTI2NzYzNjMyOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRnbkcy0Z4OjJwfO9uIPXAamEZ6h4G67wX3nuIa8c5gxGZm2rx
aEoJXfl4QZhJTznodfT7lMedwqhPkVOKASgGY1Cf9f264hh2YQaY/Rt8kziQNPAO
Bwcn8VIwetiD01TzKDKgeGEFTCunZLvpCCaXSQECgjCPj/JmQJMxWSIcJiHjLCXl
wX5HpuzxEcDSkClV0iuRgp1FnrFPTgz20Cx0PiroHNmyrYQ9AotF1c7KKox3xOv3
+LvxA0qYd8tlyDyydLA182PiGunxpWSeWsRMsNOAk13u+91mzchp6rZYn6cmPO8D
QYhrvChkGWegP0vP/+WqZlkEplwtlBNW5MtnAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUXcIhSEmu/2jgZyz7C2ghJnY2MpIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9YY0loU0VtdV8yamda
eXo3QzJnaEpuWTJNcEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQElnUAMA0GCSqGSIb3DQEBCwUAA4IBAQCy0VtTW9ojFEVUBBwKCX1MCkqmo9gI
dK1mu6aSF1xzd7z+tLPHftQi+KeXnLrF1tPdDqT4VPsxqIGLxpyjnneYcwi5JcVC
Vq9idK3bFdpsaMT5udW9Ae3uHioR1kYwc7+rSbuqZMrxp0RyTabVCeyjsRIZvnvO
q/sZs3MTpkPcTq0ddywtsgZsRGMKW5Ou+z5KdwSzUbQlg9z1KWETSb4EzgOQvPfo
RceVm77lADYLDf3hNJ35gxp0deo/XPF/kmwkVaYIU1tXniHVTLS6JgStGCXNYZnt
jQbom4Z0vd1FjRNFeILqk+zzpV23bu57oADT/dXlZ8biRymtcNMAUiHG
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:59:13 2025 by rpki-client