Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/JDA/LhE89dIFrYRk-V3MR8m0yM-djtU.roa
File: LhE89dIFrYRk-V3MR8m0yM-djtU.roa (raw, json)
Hash identifier: KCvcKsIp9QgLP1cerjVt6etFLsjrIVGkUb3hzavz+wM=
Subject key identifier: 2E:11:3C:F5:D2:05:AD:84:64:F9:5D:CC:47:C9:B4:C8:CF:9D:8E:D5
Certificate issuer: /CN=86F6D06B4049386A106E5ED22656A93D9F355274
Certificate serial: 0132
Authority key identifier: 86:F6:D0:6B:40:49:38:6A:10:6E:5E:D2:26:56:A9:3D:9F:35:52:74
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/hvbQa0BJOGoQbl7SJlapPZ81UnQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/JDA/LhE89dIFrYRk-V3MR8m0yM-djtU.roa
Signing time: Mon 10 Feb 2025 13:45:01 +0000
ROA not before: Mon 10 Feb 2025 13:45:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18041
IP address blocks: 2401:55e0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 306 (0x132)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86F6D06B4049386A106E5ED22656A93D9F355274
Validity
Not Before: Feb 10 13:45:01 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2E113CF5D205AD8464F95DCC47C9B4C8CF9D8ED5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e7:cd:27:93:24:8c:55:39:33:0f:52:50:3d:
2e:c9:33:6a:de:49:a5:bb:91:b8:19:b1:00:1c:76:
3b:ea:b4:4c:24:59:d9:b5:9d:5a:44:6e:f6:11:6f:
af:f9:cb:01:af:e5:ab:1e:46:7b:4a:27:9d:70:5b:
73:70:d1:24:ef:ec:aa:57:d5:99:fd:ca:98:c4:19:
8b:1c:1b:9e:60:47:b4:a7:56:6f:e9:ee:79:58:15:
35:86:45:a7:82:b9:dd:a5:07:2c:6f:8c:6d:ee:58:
45:d3:60:ca:c0:15:db:aa:02:a5:d4:95:c1:68:82:
e3:e7:af:09:48:2e:24:c1:3b:fb:65:b1:5c:78:c3:
6b:4d:73:b1:ad:6a:5c:7b:f3:c4:5c:5b:04:b2:29:
28:c0:51:5a:3f:59:08:f4:8a:d3:72:53:32:b3:7b:
bb:56:6c:b7:8f:36:35:e7:8b:22:f9:ae:90:1b:d0:
3c:63:73:f2:bf:55:f1:a1:5a:bb:d7:11:b0:6a:3c:
29:34:f5:3f:d1:bb:80:1e:b3:ea:a2:ab:7d:2e:29:
d3:11:5a:38:c7:59:26:ba:04:1c:dc:e0:f7:5d:58:
55:ae:15:c9:07:1a:d1:2b:48:7d:c1:4e:72:e1:02:
6f:1e:93:4e:62:aa:47:5d:e9:08:da:65:af:89:50:
d8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:11:3C:F5:D2:05:AD:84:64:F9:5D:CC:47:C9:B4:C8:CF:9D:8E:D5
X509v3 Authority Key Identifier:
keyid:86:F6:D0:6B:40:49:38:6A:10:6E:5E:D2:26:56:A9:3D:9F:35:52:74
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JDA/hvbQa0BJOGoQbl7SJlapPZ81UnQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/hvbQa0BJOGoQbl7SJlapPZ81UnQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/JDA/LhE89dIFrYRk-V3MR8m0yM-djtU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:55e0::/32
Signature Algorithm: sha256WithRSAEncryption
34:c3:55:15:63:49:d1:ed:7a:7b:b3:da:ba:95:6f:5c:04:b9:
09:04:5a:eb:37:c4:5a:22:7c:7f:76:26:7f:a6:4e:43:ea:26:
65:a2:70:5e:bd:46:75:ed:b3:53:c3:f6:78:dc:fc:03:aa:d1:
31:06:f4:74:64:5c:38:a5:a3:95:42:67:38:9e:c2:4b:1e:b8:
70:a2:28:a3:a2:dd:0f:8c:bb:da:2c:af:35:03:62:57:91:c0:
22:93:45:ae:26:af:1d:be:6e:b1:e8:e6:9d:7e:0b:57:59:01:
fb:4f:46:81:96:67:5b:45:2d:e8:eb:2c:a8:83:54:69:f3:c2:
47:0a:4a:96:2d:ec:e2:19:65:a8:ca:8d:f6:72:8e:ee:70:2b:
f2:71:73:90:7d:b8:1d:7e:c7:0d:ee:74:82:bf:57:39:37:cb:
50:d5:6b:6f:73:28:5c:c9:16:21:a4:d4:e0:28:e2:79:5b:7e:
cb:5e:46:ff:22:07:ea:0b:46:12:14:53:6d:c9:0b:42:a6:80:
b1:ec:eb:9c:ff:d5:c0:4c:4c:1e:e9:0c:80:52:21:a3:44:cf:
f7:8b:7a:3c:ac:8b:d0:3a:21:cb:4e:50:8a:a7:22:d1:c9:12:
8b:8e:3f:4f:76:70:f3:dc:51:08:3d:ce:3b:54:a5:02:90:46:
ce:45:bb:1d
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICATIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODZG
NkQwNkI0MDQ5Mzg2QTEwNkU1RUQyMjY1NkE5M0Q5RjM1NTI3NDAeFw0yNTAyMTAx
MzQ1MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJFMTEzQ0Y1RDIwNUFE
ODQ2NEY5NURDQzQ3QzlCNEM4Q0Y5RDhFRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs580nkySMVTkzD1JQPS7JM2reSaW7kbgZsQAcdjvqtEwkWdm1
nVpEbvYRb6/5ywGv5aseRntKJ51wW3Nw0STv7KpX1Zn9ypjEGYscG55gR7SnVm/p
7nlYFTWGRaeCud2lByxvjG3uWEXTYMrAFduqAqXUlcFoguPnrwlILiTBO/tlsVx4
w2tNc7Gtalx788RcWwSyKSjAUVo/WQj0itNyUzKze7tWbLePNjXniyL5rpAb0Dxj
c/K/VfGhWrvXEbBqPCk09T/Ru4Aes+qiq30uKdMRWjjHWSa6BBzc4PddWFWuFckH
GtErSH3BTnLhAm8ek05iqkdd6QjaZa+JUNh1AgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQULhE89dIFrYRk+V3MR8m0yM+djtUwHwYDVR0jBBgwFoAUhvbQa0BJOGoQbl7S
JlapPZ81UnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSkRBL2h2
YlFhMEJKT0dvUWJsN1NKbGFwUFo4MVVuUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
aHZiUWEwQkpPR29RYmw3U0psYXBQWjgxVW5RLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSkRBL0xoRTg5ZElGcllSay1WM01SOG0weU0t
ZGp0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAVXgMA0G
CSqGSIb3DQEBCwUAA4IBAQA0w1UVY0nR7Xp7s9q6lW9cBLkJBFrrN8RaInx/diZ/
pk5D6iZlonBevUZ17bNTw/Z43PwDqtExBvR0ZFw4paOVQmc4nsJLHrhwoiijot0P
jLvaLK81A2JXkcAik0WuJq8dvm6x6OadfgtXWQH7T0aBlmdbRS3o6yyog1Rp88JH
CkqWLeziGWWoyo32co7ucCvycXOQfbgdfscN7nSCv1c5N8tQ1WtvcyhcyRYhpNTg
KOJ5W37LXkb/IgfqC0YSFFNtyQtCpoCx7Ouc/9XATEwe6QyAUiGjRM/3i3o8rIvQ
OiHLTlCKpyLRyRKLjj9PdnDz3FEIPc47VKUCkEbORbsd
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:38:21 2025 by rpki-client