Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/TtiggzP710c5H4D8DA3CePcI1sI.roa
File: TtiggzP710c5H4D8DA3CePcI1sI.roa (raw, json)
Hash identifier: R2JglWFnvOLDbXtgP9Wbs6IR+16uNuKhoJXVaj3VkM8=
Subject key identifier: 4E:D8:A0:83:33:FB:D7:47:39:1F:80:FC:0C:0D:C2:78:F7:08:D6:C2
Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Certificate serial: 0C9A
Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/TtiggzP710c5H4D8DA3CePcI1sI.roa
Signing time: Mon 10 Feb 2025 14:24:21 +0000
ROA not before: Mon 10 Feb 2025 14:24:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 103.123.190.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3226 (0xc9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Validity
Not Before: Feb 10 14:24:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4ED8A08333FBD747391F80FC0C0DC278F708D6C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5d:27:d8:19:04:c0:c2:9f:9d:65:3b:b4:29:
fe:59:f2:0a:50:7b:0c:0e:ce:f6:f0:16:96:b3:19:
7d:09:cb:0d:68:df:f3:e1:c3:31:52:31:70:95:98:
c5:5a:4c:b7:e9:61:ec:81:7f:00:ef:8e:57:d0:46:
0e:98:40:0e:a4:21:39:20:2e:ed:c3:37:d1:d1:38:
66:e5:b9:88:5d:3c:0d:0a:12:0f:47:a8:fd:97:3a:
7b:81:84:24:eb:8b:8f:8f:11:fe:74:8b:fb:b4:74:
79:c7:6d:a0:3a:eb:dd:5c:1a:60:96:30:42:a0:2d:
f7:68:2f:6c:f7:3b:67:4e:17:19:e9:79:54:9b:b5:
55:18:fc:62:7e:dd:e3:a3:1f:fa:0d:7e:c2:06:df:
7e:b2:6d:7a:d0:e2:8b:e0:36:f6:65:8f:a3:0c:25:
80:3b:16:e4:d4:da:f8:0d:ac:06:57:b5:cd:6e:26:
a9:08:2d:ac:ce:36:79:53:ea:e7:aa:7e:61:a1:5d:
f4:3a:cc:6b:1b:20:3e:38:b7:b0:61:b8:23:c8:d8:
c0:41:e4:8b:ef:11:64:50:28:00:76:64:23:3c:e1:
5e:35:c5:1a:9b:67:59:18:87:e8:d0:0a:2b:50:3e:
10:ad:1b:1c:55:70:2c:40:14:5d:d1:cd:ac:1f:87:
4d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D8:A0:83:33:FB:D7:47:39:1F:80:FC:0C:0D:C2:78:F7:08:D6:C2
X509v3 Authority Key Identifier:
keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/TtiggzP710c5H4D8DA3CePcI1sI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.190.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:a8:e9:e0:32:9b:20:5d:8e:81:d7:89:a5:07:ad:19:77:5f:
ea:c1:18:a8:5e:4b:02:fa:d1:00:f6:da:a9:d4:58:43:31:a3:
ea:ec:41:d1:16:92:73:cd:9d:fd:6c:81:a1:9d:9c:90:d6:2e:
82:d1:20:31:65:97:9c:29:c2:58:80:08:ec:82:42:74:e6:6a:
6b:95:72:4e:61:bf:13:2f:c2:19:1f:0c:ea:fa:67:df:82:a9:
2f:e7:22:ab:ee:a1:cb:cc:7f:17:0e:91:26:29:38:94:71:62:
b6:5e:74:a3:47:9f:7d:76:e3:18:3a:04:b8:84:01:ac:0c:31:
2c:32:41:7d:5d:45:8d:3e:61:84:a6:8c:b3:48:a4:23:85:6c:
d0:ba:af:3d:b8:c7:3c:89:1c:0d:16:4e:0a:18:cf:0e:a3:2c:
ab:cc:ef:ee:f8:9c:45:8d:58:69:8e:f2:fb:ff:97:d0:cb:f5:
4b:f0:d5:d2:2d:b6:07:b2:db:21:a1:06:25:01:0a:93:dd:23:
d9:21:be:e4:c0:5f:80:3a:ed:42:97:c1:99:27:8e:45:42:f8:
39:00:dd:f4:39:6d:17:bd:88:21:ab:fd:7c:3f:67:7c:09:88:
96:99:1f:92:11:ad:c4:22:42:54:1a:27:a6:51:55:66:aa:a6:
e3:3d:5d:1e
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDJowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2
QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yNTAyMTAx
NDI0MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRFRDhBMDgzMzNGQkQ3
NDczOTFGODBGQzBDMERDMjc4RjcwOEQ2QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnXSfYGQTAwp+dZTu0Kf5Z8gpQewwOzvbwFpazGX0Jyw1o3/Ph
wzFSMXCVmMVaTLfpYeyBfwDvjlfQRg6YQA6kITkgLu3DN9HROGbluYhdPA0KEg9H
qP2XOnuBhCTri4+PEf50i/u0dHnHbaA6691cGmCWMEKgLfdoL2z3O2dOFxnpeVSb
tVUY/GJ+3eOjH/oNfsIG336ybXrQ4ovgNvZlj6MMJYA7FuTU2vgNrAZXtc1uJqkI
LazONnlT6ueqfmGhXfQ6zGsbID44t7BhuCPI2MBB5IvvEWRQKAB2ZCM84V41xRqb
Z1kYh+jQCitQPhCtGxxVcCxAFF3Rzawfh03PAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUTtiggzP710c5H4D8DA3CePcI1sIwHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4
TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM
SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFL1R0aWdnelA3MTBj
NUg0RDhEQTNDZVBjSTFzSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABne74wDQYJKoZIhvcNAQELBQADggEBAEuo6eAymyBdjoHXiaUHrRl3X+rB
GKheSwL60QD22qnUWEMxo+rsQdEWknPNnf1sgaGdnJDWLoLRIDFll5wpwliACOyC
QnTmamuVck5hvxMvwhkfDOr6Z9+CqS/nIqvuocvMfxcOkSYpOJRxYrZedKNHn312
4xg6BLiEAawMMSwyQX1dRY0+YYSmjLNIpCOFbNC6rz24xzyJHA0WTgoYzw6jLKvM
7+74nEWNWGmO8vv/l9DL9Uvw1dIttgey2yGhBiUBCpPdI9khvuTAX4A67UKXwZkn
jkVC+DkA3fQ5bRe9iCGr/Xw/Z3wJiJaZH5IRrcQiQlQaJ6ZRVWaqpuM9XR4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:41:18 2025 by rpki-client