Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/NMII0UYsbApHrPNh2zIies_FORM.roa
File: NMII0UYsbApHrPNh2zIies_FORM.roa (raw, json)
Hash identifier: WPRdensKKIyL+m9Z/7KhIxQ3zlqzhNdHk3sVP7b3RXo=
Subject key identifier: 34:C2:08:D1:46:2C:6C:0A:47:AC:F3:61:DB:32:22:7A:CF:C5:39:13
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0DA4
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/NMII0UYsbApHrPNh2zIies_FORM.roa
Signing time: Mon 10 Feb 2025 14:06:08 +0000
ROA not before: Mon 10 Feb 2025 14:06:08 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18042
IP address blocks: 124.155.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3492 (0xda4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Feb 10 14:06:08 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=34C208D1462C6C0A47ACF361DB32227ACFC53913
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d9:9d:7f:f7:63:7b:35:12:66:49:71:1e:c2:
f6:55:1a:03:cb:4d:3e:4a:77:0b:00:48:f2:0e:29:
6b:b5:c8:20:d4:41:50:4a:b4:c9:fd:11:28:e9:16:
89:ce:16:89:09:88:4a:fa:82:17:d8:02:21:cb:c8:
89:aa:f4:59:30:42:07:76:dd:9f:43:c9:a0:1d:78:
22:dd:52:26:45:7e:34:d7:4f:fc:b6:45:71:0f:7c:
7a:74:e8:ab:f0:64:f4:20:5f:d5:15:bc:36:ed:1f:
16:1f:62:97:a4:69:17:e5:27:8e:16:80:80:4d:7e:
b4:92:56:a6:c9:0b:a5:f5:44:a3:62:7d:44:86:a6:
c0:52:d1:ea:ee:02:d0:98:37:26:e3:08:ff:31:b2:
f3:94:b0:7e:f3:d8:ee:ab:36:0f:4c:8b:9d:7c:0f:
76:dd:b9:df:e2:32:fe:b8:54:c0:2c:29:6d:ee:75:
62:db:15:46:6c:b3:ab:0d:ea:50:59:f3:64:2a:b9:
27:6c:83:bc:5c:fc:73:fc:3c:d1:1c:9b:c5:dd:9a:
db:d5:c0:2a:61:89:91:bf:46:5f:40:8a:bb:fc:0c:
c6:57:50:e8:88:0a:ed:cf:34:b3:7e:cb:b2:5a:6e:
19:d1:23:fe:d0:90:2d:e8:61:db:9d:16:30:99:d4:
5b:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C2:08:D1:46:2C:6C:0A:47:AC:F3:61:DB:32:22:7A:CF:C5:39:13
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/NMII0UYsbApHrPNh2zIies_FORM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.128.0/19
Signature Algorithm: sha256WithRSAEncryption
47:ec:ff:9c:3f:4e:69:65:e5:72:a7:2e:03:dd:25:9f:04:bc:
2c:bb:55:7f:61:31:7a:43:8b:e4:ff:67:f1:68:9a:90:8a:80:
8c:69:a7:cf:f4:e8:c2:05:59:66:c3:97:ba:88:fe:b1:67:c7:
e3:66:35:82:0b:2f:3e:62:c1:41:67:5a:12:1e:4c:4b:8d:dd:
d0:2c:6b:ac:2a:40:90:64:f3:d0:cc:4d:df:36:81:e6:89:0d:
d8:f5:82:9f:1d:f7:31:35:8e:9d:f1:0b:f5:f9:0a:07:22:ee:
7e:7b:7d:82:0b:91:73:c0:ca:ce:01:fc:53:1a:5c:6b:9c:66:
2c:d7:9b:62:9e:46:fd:af:3c:93:0e:c9:37:fa:84:73:e7:34:
77:d6:05:6d:bb:b6:7c:11:0e:81:58:02:be:54:57:99:83:3d:
2d:5d:b9:8e:16:67:cd:59:d5:b0:4f:38:e5:3f:06:c0:32:4b:
37:2e:6f:88:f7:bd:d6:48:51:23:d1:6e:82:8f:3c:a1:1f:2c:
64:f1:66:58:cc:d3:40:c5:c9:80:fa:46:2e:b0:00:a1:2e:d8:
96:ee:4f:4f:d9:3b:b5:0e:ba:b2:6f:d0:8b:fc:31:5a:dd:bd:
c6:1e:e7:d7:b9:9e:9b:21:f5:e1:f3:53:23:66:54:3b:1a:a4:
a4:e9:e4:c5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDaQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTAyMTAx
NDA2MDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM0QzIwOEQxNDYyQzZD
MEE0N0FDRjM2MURCMzIyMjdBQ0ZDNTM5MTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC82Z1/92N7NRJmSXEewvZVGgPLTT5KdwsASPIOKWu1yCDUQVBK
tMn9ESjpFonOFokJiEr6ghfYAiHLyImq9FkwQgd23Z9DyaAdeCLdUiZFfjTXT/y2
RXEPfHp06KvwZPQgX9UVvDbtHxYfYpekaRflJ44WgIBNfrSSVqbJC6X1RKNifUSG
psBS0eruAtCYNybjCP8xsvOUsH7z2O6rNg9Mi518D3bdud/iMv64VMAsKW3udWLb
FUZss6sN6lBZ82QquSdsg7xc/HP8PNEcm8XdmtvVwCphiZG/Rl9Airv8DMZXUOiI
Cu3PNLN+y7JabhnRI/7QkC3oYdudFjCZ1FuhAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUNMII0UYsbApHrPNh2zIies/FORMwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL05NSUkwVVlzYkFwSHJQTmgy
eklpZXNfRk9STS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAV8
m4AwDQYJKoZIhvcNAQELBQADggEBAEfs/5w/Tmll5XKnLgPdJZ8EvCy7VX9hMXpD
i+T/Z/FompCKgIxpp8/06MIFWWbDl7qI/rFnx+NmNYILLz5iwUFnWhIeTEuN3dAs
a6wqQJBk89DMTd82geaJDdj1gp8d9zE1jp3xC/X5Cgci7n57fYILkXPAys4B/FMa
XGucZizXm2KeRv2vPJMOyTf6hHPnNHfWBW27tnwRDoFYAr5UV5mDPS1duY4WZ81Z
1bBPOOU/BsAySzcub4j3vdZIUSPRboKPPKEfLGTxZljM00DFyYD6Ri6wAKEu2Jbu
T0/ZO7UOurJv0Iv8MVrdvcYe59e5npsh9eHzUyNmVDsapKTp5MU=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:10 2025 by rpki-client