Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa
File: s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa (raw, json)
Hash identifier: QzsbOEzyGHyu+MaVCnE6ernqsIx6bRtycwY7gv3al5A=
Subject key identifier: B3:C0:86:39:C0:1D:73:70:32:C1:68:39:3D:D2:09:DE:13:6B:43:AE
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0F8E
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa
Signing time: Mon 10 Feb 2025 14:30:51 +0000
ROA not before: Mon 10 Feb 2025 14:30:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24168
IP address blocks: 2404:8cc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3982 (0xf8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Feb 10 14:30:51 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B3C08639C01D737032C168393DD209DE136B43AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:07:20:bc:db:be:4d:d0:d6:61:cb:9f:67:65:
33:0d:06:a7:72:c6:54:4c:4a:f8:ba:fa:18:1d:04:
bb:c5:de:b5:32:87:4a:d0:3c:eb:29:bf:92:25:0e:
19:b5:d1:15:23:6a:a1:b7:51:e2:d5:73:99:d3:8e:
66:49:f9:d2:4b:69:48:01:81:bb:e8:73:95:0e:a8:
d2:86:1a:e8:b8:41:c9:43:20:2c:93:72:5c:9e:c5:
d2:23:4b:64:4b:16:87:b5:54:3b:ca:79:ed:67:91:
5b:51:92:05:ea:d5:98:fc:78:97:16:5a:f7:dc:ba:
83:96:c7:df:50:71:a0:b1:e8:b1:fc:d6:02:88:b1:
2f:9f:3b:bd:51:e2:13:cd:54:1c:cf:5e:b7:98:b3:
f2:6a:93:b5:e1:1e:ab:90:20:be:1e:04:74:c9:59:
c2:0a:16:5f:a9:87:5e:1c:47:1c:4a:ee:ce:f7:5e:
0a:6e:ce:0a:b9:b2:9e:c1:87:55:b2:78:16:88:a7:
04:c5:7a:07:93:5a:ad:5f:30:d5:45:e1:4e:d6:25:
17:70:52:b9:ca:92:d3:51:b5:50:7f:7d:73:08:23:
46:ef:e5:3a:71:a8:78:90:10:08:ea:d9:c4:48:3c:
77:4f:05:45:3d:b2:0d:91:4f:14:b7:e8:dc:37:28:
01:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C0:86:39:C0:1D:73:70:32:C1:68:39:3D:D2:09:DE:13:6B:43:AE
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/s8CGOcAdc3AywWg5PdIJ3hNrQ64.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:8cc0::/32
Signature Algorithm: sha256WithRSAEncryption
7a:1a:1e:6c:67:a8:75:9d:fd:9c:99:e5:ca:d9:e7:30:e6:2e:
50:41:5d:fa:28:ae:2a:60:fe:39:5c:33:6e:90:fc:b7:69:bd:
4a:d4:11:ea:72:d9:6e:e0:e8:92:c6:65:ba:4e:d8:78:3d:3c:
f4:84:21:4c:04:b9:82:16:48:ed:ce:e5:2b:e8:28:db:4c:70:
e0:9b:01:aa:6f:bd:37:6b:1c:49:69:af:29:e1:47:e8:e4:6f:
f9:94:65:54:ca:3a:3b:21:57:bf:98:3e:a4:9e:43:38:d0:ff:
fc:98:5d:48:4e:11:83:5a:b7:de:bf:aa:0f:27:87:15:79:d7:
7f:75:2e:ab:0b:ac:e0:c4:15:69:a9:f0:21:42:89:dc:c0:ef:
4c:53:19:4f:6b:2e:30:e3:ca:e8:94:2f:f0:d9:f9:3e:e9:a7:
95:16:eb:4d:8d:72:c1:df:9a:d7:b4:c7:3f:c0:8a:12:36:d3:
4a:54:68:9c:01:ae:1e:56:26:61:83:86:5f:93:4c:3a:cb:81:
b9:e6:e6:ce:0f:06:d6:af:8e:c9:d3:8e:6a:4a:86:4b:67:1d:
3e:56:20:f6:76:73:ae:98:75:68:1b:4b:ee:da:17:ad:a2:da:
8d:99:aa:de:e7:fa:96:bc:19:bb:26:f9:e3:4c:4f:0f:24:e9:
b0:18:55:a5
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICD44wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTAyMTAx
NDMwNTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIzQzA4NjM5QzAxRDcz
NzAzMkMxNjgzOTNERDIwOURFMTM2QjQzQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDByC8275N0NZhy59nZTMNBqdyxlRMSvi6+hgdBLvF3rUyh0rQ
POspv5IlDhm10RUjaqG3UeLVc5nTjmZJ+dJLaUgBgbvoc5UOqNKGGui4QclDICyT
clyexdIjS2RLFoe1VDvKee1nkVtRkgXq1Zj8eJcWWvfcuoOWx99QcaCx6LH81gKI
sS+fO71R4hPNVBzPXreYs/Jqk7XhHquQIL4eBHTJWcIKFl+ph14cRxxK7s73Xgpu
zgq5sp7Bh1WyeBaIpwTFegeTWq1fMNVF4U7WJRdwUrnKktNRtVB/fXMII0bv5Tpx
qHiQEAjq2cRIPHdPBUU9sg2RTxS36Nw3KAGnAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUs8CGOcAdc3AywWg5PdIJ3hNrQ64wHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL3M4Q0dPY0FkYzNBeXdXZzVQZElKM2hO
clE2NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBIzAMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Gh5sZ6h1nf2cmeXK2ecw5i5QQV36KK4qYP45XDNu
kPy3ab1K1BHqctlu4OiSxmW6Tth4PTz0hCFMBLmCFkjtzuUr6CjbTHDgmwGqb703
axxJaa8p4Ufo5G/5lGVUyjo7IVe/mD6knkM40P/8mF1IThGDWrfev6oPJ4cVedd/
dS6rC6zgxBVpqfAhQoncwO9MUxlPay4w48rolC/w2fk+6aeVFutNjXLB35rXtMc/
wIoSNtNKVGicAa4eViZhg4Zfk0w6y4G55ubODwbWr47J045qSoZLZx0+ViD2dnOu
mHVoG0vu2hetotqNmare5/qWvBm7JvnjTE8PJOmwGFWl
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:38 2025 by rpki-client