Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/itIZSwMsfSM_wDzRNviF8c2Tnk0.roa
File: itIZSwMsfSM_wDzRNviF8c2Tnk0.roa (raw, json)
Hash identifier: VCTHZJnuiO4k/aQ+IBYoXBIzA4RIrVI4vVs0F7+8Qr4=
Subject key identifier: 8A:D2:19:4B:03:2C:7D:23:3F:C0:3C:D1:36:F8:85:F1:CD:93:9E:4D
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0DB1
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/itIZSwMsfSM_wDzRNviF8c2Tnk0.roa
Signing time: Mon 10 Feb 2025 14:06:12 +0000
ROA not before: Mon 10 Feb 2025 14:06:12 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9416
IP address blocks: 202.151.48.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3505 (0xdb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Feb 10 14:06:12 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8AD2194B032C7D233FC03CD136F885F1CD939E4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:0c:c8:04:91:ab:68:2b:77:4e:cd:32:66:b4:
e2:84:40:b8:f7:03:c1:cf:43:a7:31:13:5c:26:41:
6d:af:bc:e2:a9:d8:1c:c4:fb:2c:e2:b3:ca:11:ad:
7e:a6:e5:a0:de:94:f9:37:5f:47:7a:12:c0:64:f0:
2d:17:c6:e0:94:79:31:ed:68:00:cf:68:e1:31:94:
e9:bc:0b:05:f1:97:31:04:18:ed:b5:77:59:d8:ea:
b0:fc:bf:23:5b:71:60:82:61:91:00:be:f9:14:01:
ec:26:5b:c5:d7:13:e7:1c:b3:b6:c3:7c:d8:73:8f:
7d:e8:3e:58:ed:04:8a:e5:f8:41:4c:0a:4c:5d:08:
20:2a:5b:7b:da:76:51:f3:ef:49:19:ab:56:0e:5a:
09:a1:7a:ec:60:e3:6c:90:c1:be:6e:09:a3:1f:99:
6b:bf:5f:2c:49:86:57:6e:ef:9b:9b:6c:a1:16:bf:
c5:21:57:3f:c6:7b:ed:78:3d:c0:9f:0b:74:8d:8c:
eb:28:54:a3:46:6a:a6:2a:ae:86:97:99:91:f2:2c:
cd:a1:72:f0:01:36:f7:0b:4b:95:e2:3c:ae:06:e7:
fa:87:04:f7:e7:b5:a1:83:6e:b3:5e:0d:10:89:cc:
da:2a:e7:55:a2:00:0a:7a:47:54:27:0f:72:a5:62:
a9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D2:19:4B:03:2C:7D:23:3F:C0:3C:D1:36:F8:85:F1:CD:93:9E:4D
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/itIZSwMsfSM_wDzRNviF8c2Tnk0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.151.48.0/20
Signature Algorithm: sha256WithRSAEncryption
09:a5:c1:77:e3:33:af:59:7c:e7:7b:9a:d9:19:86:2d:d9:67:
80:42:7d:84:5c:c0:55:25:8b:ab:42:d0:30:bc:1e:32:21:73:
0f:a7:32:ba:5a:65:7b:2a:f6:ec:fe:43:97:23:56:8d:58:3a:
6e:a8:77:56:a2:dc:a0:8d:5a:3f:7b:54:3d:22:71:9d:5f:dd:
9d:7c:78:81:65:28:cf:ee:b6:2c:fd:eb:44:52:5c:42:b4:4f:
bb:b6:40:e6:20:87:8b:f6:18:24:99:41:67:c6:e3:69:e9:28:
7f:63:0e:9a:88:ce:c0:37:d6:6a:0d:2c:16:bc:30:e9:60:cc:
65:0a:69:58:16:8f:f8:b6:e6:57:c6:e3:67:71:57:ee:a0:f7:
a7:ec:2a:6d:33:cb:d9:c5:25:de:b8:59:d9:8a:0c:7f:ec:68:
c0:32:08:d2:ad:72:0c:71:dc:d7:91:8a:ad:76:84:89:b0:59:
e1:4f:49:87:15:c7:af:c5:02:fb:56:cd:06:17:f1:fe:c7:cc:
16:49:43:a0:9a:49:50:5e:b9:e4:75:71:8e:2b:16:a5:a8:25:
5f:54:9f:6f:dd:93:13:00:01:81:ad:ca:ff:74:d2:1e:67:9c:
7e:67:82:21:c3:51:72:cd:88:88:4c:1c:34:f3:cd:7b:20:ff:
88:d2:c2:10
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDbEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNTAyMTAx
NDA2MTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhBRDIxOTRCMDMyQzdE
MjMzRkMwM0NEMTM2Rjg4NUYxQ0Q5MzlFNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkDMgEkatoK3dOzTJmtOKEQLj3A8HPQ6cxE1wmQW2vvOKp2BzE
+yzis8oRrX6m5aDelPk3X0d6EsBk8C0XxuCUeTHtaADPaOExlOm8CwXxlzEEGO21
d1nY6rD8vyNbcWCCYZEAvvkUAewmW8XXE+ccs7bDfNhzj33oPljtBIrl+EFMCkxd
CCAqW3vadlHz70kZq1YOWgmheuxg42yQwb5uCaMfmWu/XyxJhldu75ubbKEWv8Uh
Vz/Ge+14PcCfC3SNjOsoVKNGaqYqroaXmZHyLM2hcvABNvcLS5XiPK4G5/qHBPfn
taGDbrNeDRCJzNoq51WiAAp6R1QnD3KlYql/AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUitIZSwMsfSM/wDzRNviF8c2Tnk0wHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2l0SVpTd01zZlNNX3dEelJO
dmlGOGMyVG5rMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATK
lzAwDQYJKoZIhvcNAQELBQADggEBAAmlwXfjM69ZfOd7mtkZhi3ZZ4BCfYRcwFUl
i6tC0DC8HjIhcw+nMrpaZXsq9uz+Q5cjVo1YOm6od1ai3KCNWj97VD0icZ1f3Z18
eIFlKM/utiz960RSXEK0T7u2QOYgh4v2GCSZQWfG42npKH9jDpqIzsA31moNLBa8
MOlgzGUKaVgWj/i25lfG42dxV+6g96fsKm0zy9nFJd64WdmKDH/saMAyCNKtcgxx
3NeRiq12hImwWeFPSYcVx6/FAvtWzQYX8f7HzBZJQ6CaSVBeueR1cY4rFqWoJV9U
n2/dkxMAAYGtyv900h5nnH5ngiHDUXLNiIhMHDTzzXsg/4jSwhA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:37 2025 by rpki-client