Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/04_hKA3FS7y4qIecu-jOU0hL6uU.roa
File: 04_hKA3FS7y4qIecu-jOU0hL6uU.roa (raw, json)
Hash identifier: RXYYDTETSDt2HL0g8FPUEPFcyHqYWz0f16k/4Ht1AXc=
Subject key identifier: D3:8F:E1:28:0D:C5:4B:BC:B8:A8:87:9C:BB:E8:CE:53:48:4B:EA:E5
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0E13
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/04_hKA3FS7y4qIecu-jOU0hL6uU.roa
Signing time: Mon 10 Feb 2025 13:59:24 +0000
ROA not before: Mon 10 Feb 2025 13:59:24 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 61.61.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3603 (0xe13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:24 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D38FE1280DC54BBCB8A8879CBBE8CE53484BEAE5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:22:5e:a1:02:0b:65:15:4a:83:56:6a:9f:74:
88:eb:b8:5d:56:b1:a9:11:8b:2c:58:eb:14:53:ff:
5e:77:c3:58:71:ee:49:34:3a:a9:52:bd:bd:2f:49:
f4:7f:72:ca:da:15:dd:ab:84:5c:ee:5e:d6:e0:e9:
f1:7a:6e:85:22:38:35:71:71:53:40:db:5d:c4:06:
bf:31:9f:5c:18:60:11:a3:7e:d5:6c:f4:10:97:72:
e1:52:7a:82:10:73:25:19:4a:09:ad:a6:a6:e7:06:
15:e4:cf:01:d3:73:7c:47:61:8c:d5:35:a6:c6:9f:
c7:9a:ca:98:10:cb:3e:8e:3f:8f:37:c7:3e:c5:3e:
e2:4c:66:a2:b2:45:8a:3d:ff:42:ee:c2:1d:d8:52:
30:2d:23:03:ce:9b:7b:a9:0b:e3:81:45:18:37:1d:
f5:93:08:52:0d:0a:e1:48:30:1b:60:10:fa:d5:6f:
c6:ae:97:81:21:f5:95:33:a1:ed:91:61:21:f9:fc:
4c:0f:5d:e8:19:51:75:88:01:b0:69:7e:8f:4c:ee:
74:0f:c9:45:e8:5f:76:2b:88:c8:2b:70:75:3d:cc:
79:99:4d:90:51:1e:72:1c:8b:a7:f4:11:c3:2a:37:
be:d9:70:28:35:d3:25:4d:16:5a:40:d8:1e:87:6b:
8a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:8F:E1:28:0D:C5:4B:BC:B8:A8:87:9C:BB:E8:CE:53:48:4B:EA:E5
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/04_hKA3FS7y4qIecu-jOU0hL6uU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3e:a7:d7:9e:a5:ae:41:80:0a:c4:aa:12:e6:91:8b:f3:c3:67:
f9:38:18:76:f4:1f:00:67:d0:bc:2b:a5:95:c4:27:e3:e6:3c:
9e:65:62:c4:80:4e:48:9b:86:59:b4:75:8b:e6:6f:88:6e:88:
e5:8e:09:67:09:1b:77:c5:01:2b:6b:c8:28:ca:b7:33:0d:80:
1e:04:ae:19:8c:7f:04:a8:6d:00:c0:b4:ca:4b:b8:ad:43:90:
d9:41:14:7c:8d:14:86:73:4d:cb:86:63:f8:0c:0e:98:a9:6a:
34:1a:2d:ab:9f:d7:8f:9b:d8:d7:f7:39:b3:e8:c4:4b:59:f5:
e0:7d:5a:ba:cd:d3:21:a2:64:d4:54:6a:54:ec:42:7c:3b:54:
a6:9e:d8:8a:2d:ed:b7:7f:cb:cb:6e:64:99:0f:4b:8e:77:ce:
4d:b4:d8:c8:80:55:d4:9c:78:2b:53:c9:b1:9e:06:28:b0:69:
51:73:b3:ba:42:53:5e:f2:62:46:df:24:6a:6d:5b:79:af:af:
fd:5a:f5:72:31:f4:c5:e4:b8:5b:99:2a:13:7e:f0:1f:f0:35:
49:62:53:09:80:b2:1e:29:08:4e:b4:a7:4e:ec:a5:fd:b8:92:
40:7f:a2:87:26:09:df:09:d1:31:57:06:2b:51:33:cb:55:59:
3c:31:53:da
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDhMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQzOEZFMTI4MERDNTRC
QkNCOEE4ODc5Q0JCRThDRTUzNDg0QkVBRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpIl6hAgtlFUqDVmqfdIjruF1WsakRiyxY6xRT/153w1hx7kk0
OqlSvb0vSfR/csraFd2rhFzuXtbg6fF6boUiODVxcVNA213EBr8xn1wYYBGjftVs
9BCXcuFSeoIQcyUZSgmtpqbnBhXkzwHTc3xHYYzVNabGn8eaypgQyz6OP483xz7F
PuJMZqKyRYo9/0Luwh3YUjAtIwPOm3upC+OBRRg3HfWTCFINCuFIMBtgEPrVb8au
l4Eh9ZUzoe2RYSH5/EwPXegZUXWIAbBpfo9M7nQPyUXoX3YriMgrcHU9zHmZTZBR
HnIci6f0EcMqN77ZcCg10yVNFlpA2B6Ha4pHAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU04/hKA3FS7y4qIecu+jOU0hL6uUwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzA0X2hLQTNGUzd5NHFJZWN1LWpPVTBo
TDZ1VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAc9PQAwDQYJ
KoZIhvcNAQELBQADggEBAD6n156lrkGACsSqEuaRi/PDZ/k4GHb0HwBn0LwrpZXE
J+PmPJ5lYsSATkibhlm0dYvmb4huiOWOCWcJG3fFAStryCjKtzMNgB4ErhmMfwSo
bQDAtMpLuK1DkNlBFHyNFIZzTcuGY/gMDpipajQaLauf14+b2Nf3ObPoxEtZ9eB9
WrrN0yGiZNRUalTsQnw7VKae2Iot7bd/y8tuZJkPS453zk202MiAVdSceCtTybGe
BiiwaVFzs7pCU17yYkbfJGptW3mvr/1a9XIx9MXkuFuZKhN+8B/wNUliUwmAsh4p
CE60p07spf24kkB/oocmCd8J0TFXBitRM8tVWTwxU9o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:14:10 2025 by rpki-client