Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ciwUCyfdSgncOgXVZux4JdhOF4.roa
File: 3ciwUCyfdSgncOgXVZux4JdhOF4.roa (raw, json)
Hash identifier: 03b7LLjg2o9HFq5fPVF3VnnNnRF7Zu6QC8Ia0f5odB4=
Subject key identifier: DD:C8:B0:50:2C:9F:75:28:27:70:E8:17:55:9B:B1:E0:97:61:38:5E
Certificate issuer: /CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Certificate serial: 14
Authority key identifier: DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ciwUCyfdSgncOgXVZux4JdhOF4.roa
Signing time: Sun 24 Mar 2024 13:25:56 +0000
ROA not before: Sun 24 Mar 2024 13:25:56 +0000
ROA not after: Fri 21 Feb 2025 15:30:22 +0000
asID: 150771
IP address blocks: 157.20.68.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20 (0x14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DE872BAD262D18F0A6749E0272D975261D949EC3
Validity
Not Before: Mar 24 13:25:56 2024 GMT
Not After : Feb 21 15:30:22 2025 GMT
Subject: CN=DDC8B0502C9F75282770E817559BB1E09761385E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d4:12:23:f0:26:9b:58:e1:b9:38:e7:34:93:
cf:20:90:9a:ec:3a:10:cd:db:9a:be:21:c1:dd:cd:
55:5b:1d:a5:68:b1:48:a8:81:dc:81:1a:08:9e:15:
0b:59:21:87:2e:af:4b:c1:c4:0e:35:01:e3:63:0f:
94:c4:9c:c7:f4:f6:8f:88:37:f1:d7:90:d6:1b:25:
70:9d:e5:bf:db:3f:57:38:f6:1e:93:80:e5:b8:41:
e0:c1:d7:81:04:d3:79:55:21:3e:97:4e:90:f0:6b:
14:7f:13:13:c0:b3:50:f3:bd:cd:12:22:33:ff:5f:
23:f6:78:e4:51:e0:89:21:c3:67:4e:17:97:68:a4:
a2:72:8f:b4:4c:31:9c:28:fb:7c:0b:f4:6d:12:2c:
8f:47:56:12:d4:53:37:66:53:8c:63:9c:c9:2a:0d:
06:03:50:31:25:bb:31:81:b7:05:87:56:5a:d2:dc:
c0:57:a0:05:11:44:43:a0:4b:1f:70:fc:1d:1c:de:
36:ca:0a:c5:7b:de:45:05:aa:4f:fc:fe:d5:77:9e:
8a:bc:cf:6b:05:6c:ac:8b:38:4f:45:a3:61:8c:f3:
6b:fb:e3:7b:3f:f9:8b:9e:2b:91:e1:cd:0f:ea:39:
d0:de:52:a4:bf:c3:09:d9:a8:79:8c:07:09:f2:83:
9b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:C8:B0:50:2C:9F:75:28:27:70:E8:17:55:9B:B1:E0:97:61:38:5E
X509v3 Authority Key Identifier:
keyid:DE:87:2B:AD:26:2D:18:F0:A6:74:9E:02:72:D9:75:26:1D:94:9E:C3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3ocrrSYtGPCmdJ4Cctl1Jh2UnsM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FUYU/3ciwUCyfdSgncOgXVZux4JdhOF4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.68.0/23
Signature Algorithm: sha256WithRSAEncryption
65:27:5e:d9:44:c2:4e:33:a9:51:e2:0a:e0:ba:2f:25:02:79:
28:e5:2b:2e:71:9e:d3:2f:bc:ae:26:54:bf:92:94:77:8c:2e:
22:39:3f:28:ab:07:36:82:84:df:b0:8d:aa:56:f9:67:ef:43:
6e:d6:74:2d:e4:ef:9d:ee:56:99:dd:e7:7d:62:87:69:5a:cf:
db:3a:15:2a:13:f5:0e:4e:9e:77:e8:39:ce:71:9f:42:18:eb:
2c:c9:64:6f:9d:c0:7d:bd:d0:45:e1:c7:ff:22:f5:f6:d4:8b:
29:78:16:a3:b0:81:51:6c:d9:9e:b9:02:4c:a0:82:fc:3c:93:
5e:28:f8:3c:99:9c:ce:c9:29:c8:fd:66:51:1f:0d:01:74:74:
41:45:24:c5:57:44:34:c4:be:61:31:06:97:fc:35:16:6d:32:
53:f4:23:23:bb:72:7d:3b:6d:6c:2b:08:93:aa:0d:08:60:0f:
91:e2:fe:04:55:87:65:ba:de:e8:52:eb:08:02:a1:48:3c:8d:
e1:aa:f5:86:45:57:65:18:c2:11:86:d7:b2:ab:dc:dc:c7:11:
e4:90:b4:ab:70:f9:b4:3b:28:d9:39:07:eb:d7:06:be:3c:69:
1f:be:10:7f:4c:1f:13:19:57:0c:ab:d1:7f:7a:db:8e:1d:56:
87:c5:9e:78
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhERTg3
MkJBRDI2MkQxOEYwQTY3NDlFMDI3MkQ5NzUyNjFEOTQ5RUMzMB4XDTI0MDMyNDEz
MjU1NloXDTI1MDIyMTE1MzAyMlowMzExMC8GA1UEAxMoRERDOEIwNTAyQzlGNzUy
ODI3NzBFODE3NTU5QkIxRTA5NzYxMzg1RTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALTUEiPwJptY4bk45zSTzyCQmuw6EM3bmr4hwd3NVVsdpWixSKiB
3IEaCJ4VC1khhy6vS8HEDjUB42MPlMScx/T2j4g38deQ1hslcJ3lv9s/Vzj2HpOA
5bhB4MHXgQTTeVUhPpdOkPBrFH8TE8CzUPO9zRIiM/9fI/Z45FHgiSHDZ04Xl2ik
onKPtEwxnCj7fAv0bRIsj0dWEtRTN2ZTjGOcySoNBgNQMSW7MYG3BYdWWtLcwFeg
BRFEQ6BLH3D8HRzeNsoKxXveRQWqT/z+1XeeirzPawVsrIs4T0WjYYzza/vjez/5
i54rkeHND+o50N5SpL/DCdmoeYwHCfKDm7sCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBTdyLBQLJ91KCdw6BdVm7Hgl2E4XjAfBgNVHSMEGDAWgBTehyutJi0Y8KZ0ngJy
2XUmHZSewzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9GVVlVLzNv
Y3JyU1l0R1BDbWRKNENjdGwxSmgyVW5zTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
M29jcnJTWXRHUENtZEo0Q2N0bDFKaDJVbnNNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRlVZVS8zY2l3VUN5ZmRTZ25jT2dYVlp1eDRK
ZGhPRjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRREMA0G
CSqGSIb3DQEBCwUAA4IBAQBlJ17ZRMJOM6lR4grgui8lAnko5SsucZ7TL7yuJlS/
kpR3jC4iOT8oqwc2goTfsI2qVvln70Nu1nQt5O+d7laZ3ed9YodpWs/bOhUqE/UO
Tp536DnOcZ9CGOssyWRvncB9vdBF4cf/IvX21IspeBajsIFRbNmeuQJMoIL8PJNe
KPg8mZzOySnI/WZRHw0BdHRBRSTFV0Q0xL5hMQaX/DUWbTJT9CMju3J9O21sKwiT
qg0IYA+R4v4EVYdlut7oUusIAqFIPI3hqvWGRVdlGMIRhteyq9zcxxHkkLSrcPm0
OyjZOQfr1wa+PGkfvhB/TB8TGVcMq9F/etuOHVaHxZ54
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:16:42 2025 by rpki-client