Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/kTzY448QgTNhUElbM7IHjS8xBfQ.roa
File: kTzY448QgTNhUElbM7IHjS8xBfQ.roa (raw, json)
Hash identifier: T1p6QfgAgOINOA8sStXRKvWQBmjQObe8lnuarM3Gik8=
Subject key identifier: 91:3C:D8:E3:8F:10:81:33:61:50:49:5B:33:B2:07:8D:2F:31:05:F4
Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807
Certificate serial: 0C55
Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/kTzY448QgTNhUElbM7IHjS8xBfQ.roa
Signing time: Mon 06 Jan 2025 11:45:07 +0000
ROA not before: Mon 06 Jan 2025 11:45:07 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 139637
IP address blocks: 103.119.215.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3157 (0xc55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807
Validity
Not Before: Jan 6 11:45:07 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=913CD8E38F1081336150495B33B2078D2F3105F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b8:96:a3:12:7e:96:6a:f5:bd:42:9f:ec:ef:
e2:d7:82:a1:f9:d1:11:0e:06:e3:91:ca:82:52:85:
cf:10:f6:2f:ee:f9:76:70:49:99:98:46:ea:59:4d:
86:a2:51:3d:7a:8a:ab:59:c6:85:28:8b:14:42:4c:
98:18:5a:4b:c5:3b:df:9d:6a:95:f6:f2:75:19:58:
55:55:7a:45:7c:ee:87:a0:ec:3f:d7:c9:21:ea:9f:
64:37:e8:01:ed:03:93:1d:85:8d:ed:37:97:c6:e6:
99:2d:67:86:14:1a:c4:bb:a0:8c:e1:52:f0:5a:49:
0f:18:88:15:2b:22:01:e0:26:10:94:d2:db:7c:62:
0f:3d:91:2b:0d:8d:30:3d:80:f7:83:81:17:06:30:
08:83:85:c5:a4:87:f5:b3:fe:a0:ce:57:3d:c3:65:
a9:49:a7:a8:f6:19:59:bc:84:39:c9:34:0f:46:70:
c5:9f:b4:80:3d:51:ac:7d:e5:4f:d4:17:41:08:72:
02:03:3a:d8:64:b4:89:a2:5e:ca:8b:65:ba:84:3d:
ee:7e:66:ea:5b:96:0d:c9:63:1a:6c:85:49:ba:38:
23:74:0e:ce:a7:3d:86:52:99:52:4a:b4:e9:95:9a:
e1:2a:91:42:52:c2:84:85:96:dc:f5:d9:b1:66:5e:
04:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:3C:D8:E3:8F:10:81:33:61:50:49:5B:33:B2:07:8D:2F:31:05:F4
X509v3 Authority Key Identifier:
keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/kTzY448QgTNhUElbM7IHjS8xBfQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.215.0/24
Signature Algorithm: sha256WithRSAEncryption
83:3d:98:9b:a9:d2:74:92:be:d3:a0:74:18:78:0c:43:19:77:
0c:b2:99:57:e6:6d:42:2e:83:a5:bf:53:f0:cb:43:1b:78:32:
66:85:12:78:49:8e:09:b7:9c:48:5e:eb:0c:8c:90:a4:71:04:
f7:80:ed:9b:51:d7:be:01:14:63:d1:9a:0f:e5:7a:ed:7f:26:
11:d5:13:34:8a:f6:bb:3d:2d:d9:3c:d6:35:bc:21:6c:e5:3a:
f4:96:75:40:fc:fe:f5:ec:02:e1:b2:76:45:04:03:8a:14:58:
29:24:8f:f8:bd:9a:97:72:ed:23:c1:0c:f4:43:0f:c5:77:87:
d3:92:a5:f4:de:82:8d:2a:3c:61:4d:42:d4:b1:7b:99:d7:b0:
fa:b4:bc:ee:44:2f:ea:fb:b0:90:ae:c7:a9:1a:69:c4:f5:86:
42:64:3d:f7:63:de:36:12:48:ed:f4:90:cd:af:f5:bc:91:45:
78:2d:14:d9:a2:f2:e3:94:92:bd:33:c6:e0:8d:ce:61:ce:05:
29:38:83:e3:ef:0e:8c:c7:66:d6:91:f7:d6:a5:79:03:75:85:
cd:e2:f7:de:83:05:45:6e:57:83:ce:4f:06:ea:bd:f8:31:17:
d0:f7:01:26:ca:6f:7c:53:2f:15:87:5a:24:0f:83:a8:1d:d3:
8f:42:6c:5c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICDFUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE
MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yNTAxMDYx
MTQ1MDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDkxM0NEOEUzOEYxMDgx
MzM2MTUwNDk1QjMzQjIwNzhEMkYzMTA1RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRuJajEn6WavW9Qp/s7+LXgqH50REOBuORyoJShc8Q9i/u+XZw
SZmYRupZTYaiUT16iqtZxoUoixRCTJgYWkvFO9+dapX28nUZWFVVekV87oeg7D/X
ySHqn2Q36AHtA5MdhY3tN5fG5pktZ4YUGsS7oIzhUvBaSQ8YiBUrIgHgJhCU0tt8
Yg89kSsNjTA9gPeDgRcGMAiDhcWkh/Wz/qDOVz3DZalJp6j2GVm8hDnJNA9GcMWf
tIA9Uax95U/UF0EIcgIDOthktImiXsqLZbqEPe5+Zupblg3JYxpshUm6OCN0Ds6n
PYZSmVJKtOmVmuEqkUJSwoSFltz12bFmXgSZAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUkTzY448QgTNhUElbM7IHjS8xBfQwHwYDVR0jBBgwFoAUXNEK1bakd108UE1m
EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF
Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMva1R6WTQ0OFFnVE5oVUVs
Yk03SUhqUzh4QmZRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGd31zANBgkqhkiG9w0BAQsFAAOCAQEAgz2Ym6nSdJK+06B0GHgMQxl3DLKZV+Zt
Qi6Dpb9T8MtDG3gyZoUSeEmOCbecSF7rDIyQpHEE94Dtm1HXvgEUY9GaD+V67X8m
EdUTNIr2uz0t2TzWNbwhbOU69JZ1QPz+9ewC4bJ2RQQDihRYKSSP+L2al3LtI8EM
9EMPxXeH05Kl9N6CjSo8YU1C1LF7mdew+rS87kQv6vuwkK7HqRppxPWGQmQ992Pe
NhJI7fSQza/1vJFFeC0U2aLy45SSvTPG4I3OYc4FKTiD4+8OjMdm1pH31qV5A3WF
zeL33oMFRW5Xg85PBuq9+DEX0PcBJspvfFMvFYdaJA+DqB3Tj0JsXA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:19:44 2025 by rpki-client