Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/oxiAI_suwUCbN30UP6WXTaglH98.roa
File: oxiAI_suwUCbN30UP6WXTaglH98.roa (raw, json)
Hash identifier: jhpGVzop8UsaxjwkxTb9KryQxlGIoV0dsvPYmOsAtB0=
Subject key identifier: A3:18:80:23:FB:2E:C1:40:9B:37:7D:14:3F:A5:97:4D:A8:25:1F:DF
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 1295
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/oxiAI_suwUCbN30UP6WXTaglH98.roa
Signing time: Mon 10 Feb 2025 14:15:01 +0000
ROA not before: Mon 10 Feb 2025 14:15:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 118.150.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4757 (0x1295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:15:01 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A3188023FB2EC1409B377D143FA5974DA8251FDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:17:35:b0:b3:a4:00:1b:2a:a1:d5:bd:2c:e8:
fe:27:0e:84:03:c3:0c:ac:bb:1f:2d:cb:cf:bd:ff:
26:87:2f:79:e2:f2:ab:44:db:b1:12:3e:26:6b:b5:
86:35:89:eb:13:0c:7d:31:37:b8:dd:06:1c:a0:4a:
ee:22:c6:08:b0:dd:44:d9:fa:a8:79:7e:af:da:73:
05:31:5d:d8:86:f1:58:74:e8:2a:b4:82:9f:82:4e:
1b:69:dc:17:1e:12:aa:ea:0a:4a:13:2b:1b:26:cb:
41:c3:1b:4f:9c:e9:94:8a:ac:b3:dd:f7:a8:ca:7b:
d1:51:46:b5:89:11:e0:40:2e:25:13:8e:38:19:97:
82:1e:f8:69:3f:e9:fe:ba:61:dc:dc:7d:31:02:08:
6a:c5:f5:41:87:e0:6c:f8:08:c7:7c:ee:29:6c:c0:
25:78:f8:dd:22:7e:23:cd:0b:04:42:e3:b0:54:8d:
d4:66:01:ab:55:5f:64:cb:5b:bc:5f:fe:75:c5:61:
c4:06:22:0d:ea:54:3d:36:71:80:89:6b:82:c6:d9:
bf:1e:64:f9:f2:20:d1:a7:8b:f7:20:5a:82:0d:0a:
e5:4a:a4:09:2b:09:f8:3a:cb:7c:e2:a6:f9:46:98:
77:89:8e:cb:50:71:b8:aa:14:ae:b8:43:f8:38:73:
df:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:18:80:23:FB:2E:C1:40:9B:37:7D:14:3F:A5:97:4D:A8:25:1F:DF
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/oxiAI_suwUCbN30UP6WXTaglH98.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.150.0.0/17
Signature Algorithm: sha256WithRSAEncryption
8b:7c:6d:78:1b:0f:81:b4:92:72:01:58:68:70:24:ab:5b:f6:
64:90:b9:85:cd:74:73:f6:26:e3:d4:c6:82:64:4b:1f:4c:b1:
79:5e:08:df:a1:59:82:3c:3c:0d:5c:ec:f7:7d:68:5c:f5:51:
5a:6f:cf:09:d0:31:47:ba:b5:e5:62:ab:a0:92:3e:26:5d:69:
52:41:12:22:ad:20:ad:85:cf:cb:2b:80:82:f3:ff:86:e6:c7:
6d:93:28:29:6d:c2:9d:6a:67:8f:d9:c9:a7:d0:1f:ae:b6:ba:
b7:0b:5b:71:ea:90:66:b0:41:69:3f:37:5f:42:48:c6:6a:4e:
ae:81:e3:d5:a3:bf:27:e2:63:bb:73:fb:f4:d0:ae:72:f3:81:
2b:c1:35:f4:f7:57:11:0c:cb:be:d7:a1:ce:30:39:69:32:93:
30:83:da:0f:32:fc:14:10:da:74:b1:94:1a:d8:65:24:c2:da:
11:7b:5e:b6:13:a7:f4:63:d4:7a:e1:79:e2:ae:c8:b4:42:8d:
0c:44:08:6c:a3:27:fe:14:d0:b0:8c:ea:dd:43:d5:b3:65:82:
1e:9a:2c:a2:a7:a4:4c:b8:f4:01:a8:ab:a5:4e:5d:4d:3d:6c:
80:7b:40:d4:a2:b8:c6:2e:c1:f7:30:44:6e:7c:e8:b5:20:e4:
94:3e:d9:84
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE1MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEzMTg4MDIzRkIyRUMx
NDA5QjM3N0QxNDNGQTU5NzREQTgyNTFGREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwFzWws6QAGyqh1b0s6P4nDoQDwwysux8ty8+9/yaHL3ni8qtE
27ESPiZrtYY1iesTDH0xN7jdBhygSu4ixgiw3UTZ+qh5fq/acwUxXdiG8Vh06Cq0
gp+CThtp3BceEqrqCkoTKxsmy0HDG0+c6ZSKrLPd96jKe9FRRrWJEeBALiUTjjgZ
l4Ie+Gk/6f66YdzcfTECCGrF9UGH4Gz4CMd87ilswCV4+N0ifiPNCwRC47BUjdRm
AatVX2TLW7xf/nXFYcQGIg3qVD02cYCJa4LG2b8eZPnyINGni/cgWoINCuVKpAkr
Cfg6y3zipvlGmHeJjstQcbiqFK64Q/g4c9+TAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUoxiAI/suwUCbN30UP6WXTaglH98wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9veGlBSV9zdXdVQ2JO
MzBVUDZXWFRhZ2xIOTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQHdpYAMA0GCSqGSIb3DQEBCwUAA4IBAQCLfG14Gw+BtJJyAVhocCSrW/ZkkLmF
zXRz9ibj1MaCZEsfTLF5XgjfoVmCPDwNXOz3fWhc9VFab88J0DFHurXlYqugkj4m
XWlSQRIirSCthc/LK4CC8/+G5sdtkygpbcKdameP2cmn0B+utrq3C1tx6pBmsEFp
PzdfQkjGak6ugePVo78n4mO7c/v00K5y84ErwTX091cRDMu+16HOMDlpMpMwg9oP
MvwUENp0sZQa2GUkwtoRe162E6f0Y9R64Xnirsi0Qo0MRAhsoyf+FNCwjOrdQ9Wz
ZYIemiyip6RMuPQBqKulTl1NPWyAe0DUorjGLsH3MERufOi1IOSUPtmE
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:54:35 2025 by rpki-client