Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/SvCcwLhpRBTiWHh211lecakvBRM.roa
File: SvCcwLhpRBTiWHh211lecakvBRM.roa (raw, json)
Hash identifier: OxkPqsD+feAec/6vEFwtw2M+ftnbOinLnRcNGULT6XQ=
Subject key identifier: 4A:F0:9C:C0:B8:69:44:14:E2:58:78:76:D7:59:5E:71:A9:2F:05:13
Certificate issuer: /CN=75BD930C745D23E9EA585C04D6B99F95A96322E5
Certificate serial: 0C4C
Authority key identifier: 75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/SvCcwLhpRBTiWHh211lecakvBRM.roa
Signing time: Mon 10 Feb 2025 14:25:47 +0000
ROA not before: Mon 10 Feb 2025 14:25:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131143
IP address blocks: 175.184.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3148 (0xc4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75BD930C745D23E9EA585C04D6B99F95A96322E5
Validity
Not Before: Feb 10 14:25:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4AF09CC0B8694414E2587876D7595E71A92F0513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fa:26:97:f4:99:85:e4:b5:02:d1:a3:cf:8b:
b4:0d:3f:3e:26:8c:c5:30:f7:dc:2c:98:f2:28:ab:
b3:83:d0:51:b3:c8:16:15:96:91:df:d1:f8:51:07:
66:94:e6:07:bb:e7:e6:e4:bb:69:fa:e3:23:55:86:
a6:08:a3:d2:c5:7b:bf:12:84:c7:5c:61:2a:cb:cd:
16:5d:d2:94:ef:4d:78:8c:5b:3d:b1:a5:7e:96:c6:
12:7c:41:50:79:60:2b:b6:52:60:d9:23:ac:8e:6d:
cb:76:de:90:e1:9f:3a:ab:dd:59:c7:66:ad:05:0a:
96:c7:b6:06:3d:cb:8e:1c:bc:18:52:cd:d0:b5:d3:
fd:13:58:18:34:64:e3:42:1a:c5:5f:e7:4e:e3:28:
f3:71:2f:c5:55:5f:59:fb:00:0c:2b:ca:7f:89:f9:
8a:3f:b1:a8:cb:8d:a4:c8:ff:43:6e:3d:63:7b:bc:
d2:dd:43:f6:39:04:43:52:93:ab:03:c4:82:cd:2a:
28:dd:dc:6e:90:66:7a:25:88:03:11:a6:cc:e5:f7:
ee:07:2e:d3:55:57:3b:e1:6a:c6:72:49:78:0a:68:
f0:c0:57:1d:4a:24:b2:a0:03:df:66:15:44:ab:ba:
b2:d2:a4:65:56:3f:12:11:f6:cf:cb:35:e7:ca:f5:
93:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:F0:9C:C0:B8:69:44:14:E2:58:78:76:D7:59:5E:71:A9:2F:05:13
X509v3 Authority Key Identifier:
keyid:75:BD:93:0C:74:5D:23:E9:EA:58:5C:04:D6:B9:9F:95:A9:63:22:E5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/db2TDHRdI-nqWFwE1rmflaljIuU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/db2TDHRdI-nqWFwE1rmflaljIuU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINATRUST/SvCcwLhpRBTiWHh211lecakvBRM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
175.184.240.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:75:8d:7d:db:c1:ff:18:2d:c5:90:b8:50:8d:2e:b1:a7:2f:
f4:ae:ba:86:12:be:f6:3a:e0:e1:d3:03:fe:2a:22:00:a7:b2:
17:d8:d8:48:95:98:b0:82:f4:20:4a:a5:36:bf:73:0a:6d:ce:
1c:83:57:e5:e9:24:d0:79:bf:3b:7e:56:b9:3b:6e:10:74:70:
a2:bb:73:54:05:80:45:a2:01:68:ad:b5:45:75:82:c3:fc:38:
73:51:be:6c:98:40:68:13:23:92:e4:5a:f4:36:a0:70:14:fd:
c7:c7:d6:94:0a:64:32:c0:8c:8f:b6:29:b6:18:49:fc:1b:72:
86:82:48:fb:fd:b6:74:ea:70:d0:32:86:a3:93:f8:88:aa:e0:
48:b3:27:5c:7b:32:0b:c0:e6:c4:2a:01:d9:fd:6b:f6:14:2a:
94:27:d1:c7:02:74:0d:90:91:85:1c:f9:f6:16:b2:c7:bd:46:
ee:b5:97:07:8a:b8:e1:b8:22:aa:5a:89:ab:f1:04:76:d2:86:
3a:c2:9f:e9:53:eb:5c:f7:be:c7:75:33:56:7d:53:37:25:4e:
b5:59:5b:6b:86:45:78:82:8d:18:03:c3:22:83:7f:a6:32:b8:
d6:eb:53:04:54:1b:0a:bd:e0:a3:76:70:91:4c:fb:46:7e:e8:
21:ca:99:a4
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICDEwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVC
RDkzMEM3NDVEMjNFOUVBNTg1QzA0RDZCOTlGOTVBOTYzMjJFNTAeFw0yNTAyMTAx
NDI1NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRBRjA5Q0MwQjg2OTQ0
MTRFMjU4Nzg3NkQ3NTk1RTcxQTkyRjA1MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2+iaX9JmF5LUC0aPPi7QNPz4mjMUw99wsmPIoq7OD0FGzyBYV
lpHf0fhRB2aU5ge75+bku2n64yNVhqYIo9LFe78ShMdcYSrLzRZd0pTvTXiMWz2x
pX6WxhJ8QVB5YCu2UmDZI6yObct23pDhnzqr3VnHZq0FCpbHtgY9y44cvBhSzdC1
0/0TWBg0ZONCGsVf507jKPNxL8VVX1n7AAwryn+J+Yo/sajLjaTI/0NuPWN7vNLd
Q/Y5BENSk6sDxILNKijd3G6QZnoliAMRpszl9+4HLtNVVzvhasZySXgKaPDAVx1K
JLKgA99mFUSrurLSpGVWPxIR9s/LNefK9ZPTAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUSvCcwLhpRBTiWHh211lecakvBRMwHwYDVR0jBBgwFoAUdb2TDHRdI+nqWFwE
1rmflaljIuUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFU
UlVTVC9kYjJUREhSZEktbnFXRndFMXJtZmxhbGpJdVUuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL2RiMlRESFJkSS1ucVdGd0Uxcm1mbGFsakl1VS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NISU5BVFJVU1QvU3ZDY3dMaHBS
QlRpV0hoMjExbGVjYWt2QlJNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEA6+48DANBgkqhkiG9w0BAQsFAAOCAQEAOnWNfdvB/xgtxZC4UI0usacv
9K66hhK+9jrg4dMD/ioiAKeyF9jYSJWYsIL0IEqlNr9zCm3OHINX5ekk0Hm/O35W
uTtuEHRwortzVAWARaIBaK21RXWCw/w4c1G+bJhAaBMjkuRa9DagcBT9x8fWlApk
MsCMj7YpthhJ/BtyhoJI+/22dOpw0DKGo5P4iKrgSLMnXHsyC8DmxCoB2f1r9hQq
lCfRxwJ0DZCRhRz59hayx71G7rWXB4q44bgiqlqJq/EEdtKGOsKf6VPrXPe+x3Uz
Vn1TNyVOtVlba4ZFeIKNGAPDIoN/pjK41utTBFQbCr3go3ZwkUz7Rn7oIcqZpA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:32 2025 by rpki-client