Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/pNn5VEJ1MN8-pFvkKCFYnuu7RVY.roa
File: pNn5VEJ1MN8-pFvkKCFYnuu7RVY.roa (raw, json)
Hash identifier: l6XI+3FPVrylaAj2670BOkkOS6bMBd0qPwboSUJNNNo=
Subject key identifier: A4:D9:F9:54:42:75:30:DF:3E:A4:5B:E4:28:21:58:9E:EB:BB:45:56
Certificate issuer: /CN=3BF441B57C86BD9D193451A005D26CE1A3C6DEE7
Certificate serial: 02AA
Authority key identifier: 3B:F4:41:B5:7C:86:BD:9D:19:34:51:A0:05:D2:6C:E1:A3:C6:DE:E7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/pNn5VEJ1MN8-pFvkKCFYnuu7RVY.roa
Signing time: Mon 10 Feb 2025 14:05:17 +0000
ROA not before: Mon 10 Feb 2025 14:05:17 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18041
IP address blocks: 2406:ee40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 682 (0x2aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BF441B57C86BD9D193451A005D26CE1A3C6DEE7
Validity
Not Before: Feb 10 14:05:17 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A4D9F954427530DF3EA45BE42821589EEBBB4556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:1b:07:58:ed:00:13:1e:c4:67:23:f4:65:f1:
cf:a6:0a:1c:b4:fc:2a:19:28:be:4d:74:62:5b:c4:
ac:6a:23:a0:02:3a:f3:f0:05:a5:90:3b:3d:35:c8:
ad:43:06:83:08:77:12:b9:51:7e:33:de:aa:35:70:
6b:f8:06:ea:3a:c3:92:71:48:b8:b2:34:fe:68:04:
e9:47:b8:4e:94:53:e7:37:0a:0e:03:a0:1e:ed:b2:
9c:4f:8d:a8:e5:df:c5:b5:10:ae:99:74:09:5f:17:
e0:21:45:64:06:40:bb:32:ac:ca:d1:b1:1d:1d:a3:
1f:94:ff:26:88:6a:3e:57:78:1a:be:21:07:a7:10:
b0:ea:22:18:db:0c:e6:12:30:b6:58:fc:3e:db:a6:
55:9b:bd:7c:d9:19:24:84:6a:bf:f5:cc:7d:5d:53:
e1:97:39:cd:f4:75:11:d4:f1:34:50:3e:c6:f5:1a:
66:55:89:3d:5c:d7:9a:fa:08:23:88:98:2c:64:af:
a2:6d:b2:eb:9c:ad:be:2e:98:6a:2c:1f:db:45:50:
53:54:dc:7f:5c:30:e2:4d:c8:c1:42:83:46:2e:1d:
a3:04:3f:65:d5:48:38:87:db:d1:86:ff:80:b3:bb:
97:8e:ac:44:de:51:13:38:3a:ad:f5:60:3c:5d:97:
59:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:D9:F9:54:42:75:30:DF:3E:A4:5B:E4:28:21:58:9E:EB:BB:45:56
X509v3 Authority Key Identifier:
keyid:3B:F4:41:B5:7C:86:BD:9D:19:34:51:A0:05:D2:6C:E1:A3:C6:DE:E7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/pNn5VEJ1MN8-pFvkKCFYnuu7RVY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:ee40::/32
Signature Algorithm: sha256WithRSAEncryption
53:fa:e5:e8:61:0a:68:3f:4f:81:d1:43:25:c7:1c:0b:5c:aa:
0e:2f:4a:8c:8b:0e:10:9b:a8:7d:20:75:d5:97:1b:72:1d:31:
a4:8c:7b:83:48:0c:8a:43:85:44:23:5c:01:16:de:06:a6:ad:
34:12:b6:28:69:c3:6f:2f:12:79:69:6a:ad:7d:80:bd:93:27:
8e:5e:81:be:26:56:6d:31:7c:67:bd:98:9b:85:8e:c6:e2:f0:
e3:df:76:30:3d:a9:ad:30:2d:d0:f8:49:f7:74:2e:c5:87:7e:
4b:b0:09:ec:7f:7c:48:a1:aa:1c:77:79:12:ad:23:96:f2:12:
87:5c:e7:53:f4:3c:77:fb:06:4c:34:e3:f4:a0:3f:68:a4:b4:
bc:bf:2e:ad:3d:4b:f7:c5:df:61:59:9b:3a:f3:f6:f3:b5:16:
54:1e:62:25:79:97:84:22:33:a0:04:89:c1:53:58:f9:14:fa:
08:b9:7f:6f:0a:20:02:a8:4a:7e:48:b5:53:ba:64:4c:01:b2:
d9:8d:a7:1d:09:48:ae:96:8a:fc:a7:a9:01:07:57:f4:f3:66:
c7:bc:7a:73:49:34:8c:ad:66:44:af:ca:db:1a:1e:00:79:e6:
29:ef:10:16:2d:ee:7a:13:65:46:42:ef:c6:4e:cc:e3:86:c4:
21:8f:2b:6b
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAqowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JG
NDQxQjU3Qzg2QkQ5RDE5MzQ1MUEwMDVEMjZDRTFBM0M2REVFNzAeFw0yNTAyMTAx
NDA1MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE0RDlGOTU0NDI3NTMw
REYzRUE0NUJFNDI4MjE1ODlFRUJCQjQ1NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9GwdY7QATHsRnI/Rl8c+mChy0/CoZKL5NdGJbxKxqI6ACOvPw
BaWQOz01yK1DBoMIdxK5UX4z3qo1cGv4Buo6w5JxSLiyNP5oBOlHuE6UU+c3Cg4D
oB7tspxPjajl38W1EK6ZdAlfF+AhRWQGQLsyrMrRsR0dox+U/yaIaj5XeBq+IQen
ELDqIhjbDOYSMLZY/D7bplWbvXzZGSSEar/1zH1dU+GXOc30dRHU8TRQPsb1GmZV
iT1c15r6CCOImCxkr6Jtsuucrb4umGosH9tFUFNU3H9cMOJNyMFCg0YuHaMEP2XV
SDiH29GG/4Czu5eOrETeURM4Oq31YDxdl1mLAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUpNn5VEJ1MN8+pFvkKCFYnuu7RVYwHwYDVR0jBBgwFoAUO/RBtXyGvZ0ZNFGg
BdJs4aPG3ucwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRVJBWUlO
Rk8vT19SQnRYeUd2WjBaTkZHZ0JkSnM0YVBHM3VjLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PX1JCdFh5R3ZaMFpORkdnQmRKczRhUEczdWMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FUkFZSU5GTy9wTm41VkVKMU1OOC1w
RnZrS0NGWW51dTdSVlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAbuQDANBgkqhkiG9w0BAQsFAAOCAQEAU/rl6GEKaD9PgdFDJcccC1yqDi9K
jIsOEJuofSB11Zcbch0xpIx7g0gMikOFRCNcARbeBqatNBK2KGnDby8SeWlqrX2A
vZMnjl6BviZWbTF8Z72Ym4WOxuLw4992MD2prTAt0PhJ93QuxYd+S7AJ7H98SKGq
HHd5Eq0jlvISh1znU/Q8d/sGTDTj9KA/aKS0vL8urT1L98XfYVmbOvP287UWVB5i
JXmXhCIzoASJwVNY+RT6CLl/bwogAqhKfki1U7pkTAGy2Y2nHQlIrpaK/KepAQdX
9PNmx7x6c0k0jK1mRK/K2xoeAHnmKe8QFi3uehNlRkLvxk7M44bEIY8raw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:35:25 2025 by rpki-client