Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/KfRVmyt6LoekXb0AtYH1KmhQDG4.roa
File: KfRVmyt6LoekXb0AtYH1KmhQDG4.roa (raw, json)
Hash identifier: 2PsCOnYpuMUraxkz+MqhELYVvx4mAwA+gflBGDiVWmU=
Subject key identifier: 29:F4:55:9B:2B:7A:2E:87:A4:5D:BD:00:B5:81:F5:2A:68:50:0C:6E
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0DB2
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/KfRVmyt6LoekXb0AtYH1KmhQDG4.roa
Signing time: Mon 10 Feb 2025 14:06:12 +0000
ROA not before: Mon 10 Feb 2025 14:06:12 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9416
IP address blocks: 115.43.0.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3506 (0xdb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Feb 10 14:06:12 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=29F4559B2B7A2E87A45DBD00B581F52A68500C6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:17:ca:32:80:ef:e1:47:df:5c:5c:0e:a4:e2:
57:3d:0f:bf:86:8c:58:02:0b:f7:33:72:17:b6:b1:
15:57:3f:36:a3:11:d3:f4:00:b5:9a:45:f4:a1:1c:
68:30:ff:32:7e:b7:48:af:7d:75:13:fa:ba:8f:b7:
e6:53:23:3b:3e:8b:f6:eb:30:2f:40:e1:9b:1a:77:
f5:e3:94:a3:7a:da:74:18:bd:b5:5c:76:e2:ab:37:
27:65:e3:36:19:9b:c9:9c:dc:78:f5:c9:48:30:18:
f4:a5:74:09:e9:20:ad:6f:c0:93:a6:5f:8d:b7:be:
62:3b:cd:48:63:f6:f6:2c:53:07:2d:35:1b:7b:87:
60:32:f8:26:82:cb:56:85:c8:25:d6:18:b1:ec:e9:
57:70:03:c6:8f:a9:ed:15:a5:a8:19:bf:8b:9c:32:
cb:d7:76:46:42:a0:96:81:f7:e8:63:f6:1b:9c:14:
d1:70:f0:91:07:8b:08:7f:88:f7:73:5d:9e:0b:b0:
a3:21:ea:3f:a2:e9:08:ff:0e:b1:52:61:4b:ef:53:
5f:0b:f2:0e:5d:22:b5:dd:f3:b9:66:e8:0d:08:2b:
08:d2:fd:7f:ce:e7:ee:fc:dc:e3:21:ec:a8:f0:de:
4a:e3:1b:f1:5b:d1:a6:d6:60:ba:0c:89:5f:c5:45:
c7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F4:55:9B:2B:7A:2E:87:A4:5D:BD:00:B5:81:F5:2A:68:50:0C:6E
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/KfRVmyt6LoekXb0AtYH1KmhQDG4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
115.43.0.0/17
Signature Algorithm: sha256WithRSAEncryption
36:2b:75:e7:41:de:bc:d1:03:ed:49:90:d9:1a:c1:cd:0e:b5:
31:d0:e9:e0:fe:4e:52:05:c3:ed:d3:61:ab:6d:84:48:5e:2d:
8d:da:74:5a:0a:b3:76:53:9f:39:7f:91:ee:f4:77:0c:de:60:
d2:40:69:00:bd:94:65:ec:9c:6b:63:73:18:4f:74:62:83:fa:
17:83:d3:22:1b:a3:c4:52:f4:dc:22:30:c1:b4:7e:a5:5f:a0:
45:6d:cb:da:63:4a:2e:6c:c7:33:71:be:ba:d7:ce:c7:6a:54:
41:a5:1b:43:4e:3d:f0:29:dc:81:b2:35:9c:4c:24:8c:49:34:
8e:c0:91:8f:2c:14:fc:3a:9f:92:ad:45:85:6d:1e:49:62:63:
c1:7d:57:6b:00:62:87:e7:64:7f:5c:0e:f9:38:c8:a8:79:4c:
53:1b:81:04:30:4d:80:34:dc:23:b4:62:34:d9:45:bd:cf:8c:
65:ae:5f:e7:91:36:4f:ed:7b:af:cc:bb:fa:c4:13:a0:93:06:
34:96:f9:f9:e4:ef:5e:f1:bd:6c:38:f7:c7:42:e5:fe:ff:31:
d5:ef:94:9d:fc:1e:1f:d7:e2:51:8f:db:71:a1:5f:60:25:44:
68:90:d7:e9:3a:57:5e:2d:fa:45:2a:44:b5:92:5b:0a:c1:6a:
d3:ef:1b:48
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTAyMTAx
NDA2MTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5RjQ1NTlCMkI3QTJF
ODdBNDVEQkQwMEI1ODFGNTJBNjg1MDBDNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBF8oygO/hR99cXA6k4lc9D7+GjFgCC/czche2sRVXPzajEdP0
ALWaRfShHGgw/zJ+t0ivfXUT+rqPt+ZTIzs+i/brMC9A4Zsad/XjlKN62nQYvbVc
duKrNydl4zYZm8mc3Hj1yUgwGPSldAnpIK1vwJOmX423vmI7zUhj9vYsUwctNRt7
h2Ay+CaCy1aFyCXWGLHs6VdwA8aPqe0VpagZv4ucMsvXdkZCoJaB9+hj9hucFNFw
8JEHiwh/iPdzXZ4LsKMh6j+i6Qj/DrFSYUvvU18L8g5dIrXd87lm6A0IKwjS/X/O
5+783OMh7Kjw3krjG/Fb0abWYLoMiV/FRcdhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKfRVmyt6LoekXb0AtYH1KmhQDG4wHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL0tmUlZteXQ2TG9la1hiMEF0
WUgxS21oUURHNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAdz
KwAwDQYJKoZIhvcNAQELBQADggEBADYrdedB3rzRA+1JkNkawc0OtTHQ6eD+TlIF
w+3TYatthEheLY3adFoKs3ZTnzl/ke70dwzeYNJAaQC9lGXsnGtjcxhPdGKD+heD
0yIbo8RS9NwiMMG0fqVfoEVty9pjSi5sxzNxvrrXzsdqVEGlG0NOPfAp3IGyNZxM
JIxJNI7AkY8sFPw6n5KtRYVtHkliY8F9V2sAYofnZH9cDvk4yKh5TFMbgQQwTYA0
3CO0YjTZRb3PjGWuX+eRNk/te6/Mu/rEE6CTBjSW+fnk717xvWw498dC5f7/MdXv
lJ38Hh/X4lGP23GhX2AlRGiQ1+k6V14t+kUqRLWSWwrBatPvG0g=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:06 2025 by rpki-client