Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/3Jl7cHH5HYCQWHO_lzBS2bI2_-4.roa
File: 3Jl7cHH5HYCQWHO_lzBS2bI2_-4.roa (raw, json)
Hash identifier: NIh27RBULowgY3run8fB1cAsNECPa+zXlgTqNLMzoc0=
Subject key identifier: DC:99:7B:70:71:F9:1D:80:90:58:73:BF:97:30:52:D9:B2:36:FF:EE
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0E04
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/3Jl7cHH5HYCQWHO_lzBS2bI2_-4.roa
Signing time: Mon 10 Feb 2025 13:59:20 +0000
ROA not before: Mon 10 Feb 2025 13:59:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 61.61.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3588 (0xe04)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:20 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DC997B7071F91D80905873BF973052D9B236FFEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c5:44:99:a0:97:d3:b4:82:f0:78:ef:18:40:
4a:69:0d:31:45:80:24:fb:da:75:16:34:46:28:e2:
c2:6d:16:ba:5b:b0:de:d8:4b:49:70:c2:cc:6d:27:
bc:e8:17:2e:c9:54:5a:c8:71:11:18:35:30:a9:af:
1a:b5:cb:f7:a8:23:8b:33:47:50:db:43:33:c2:9a:
1d:aa:6a:a8:ab:5d:83:bb:63:e0:8a:90:58:70:a8:
ec:05:93:2f:c8:c2:8b:28:7c:78:88:eb:81:85:67:
fb:b1:0a:5d:8a:15:5f:54:53:3a:b5:92:ff:a1:0f:
c8:90:dd:c4:1b:65:22:d0:d7:5f:bd:17:63:68:b7:
53:38:49:59:95:0b:6d:ec:15:0c:e9:bc:ff:a0:e4:
89:cc:4d:1a:58:a5:ed:79:0c:89:7f:9a:26:05:ef:
be:46:07:e1:31:f0:54:cf:0c:ab:aa:ea:39:9f:56:
0f:be:ec:a6:ce:d0:1a:74:ca:be:58:71:fe:0d:7d:
84:0b:83:3b:58:ee:bb:17:ed:39:5a:fc:1d:5c:fb:
72:48:94:e4:21:2d:e1:aa:70:f3:42:62:89:96:84:
bd:1b:58:a3:21:66:81:3d:4d:66:23:de:cf:88:3e:
78:f1:49:1f:8d:ca:6f:43:4f:ac:20:14:b1:c1:3b:
81:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:99:7B:70:71:F9:1D:80:90:58:73:BF:97:30:52:D9:B2:36:FF:EE
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/3Jl7cHH5HYCQWHO_lzBS2bI2_-4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.8.0/21
Signature Algorithm: sha256WithRSAEncryption
5a:c4:8d:41:43:9b:c8:fb:92:83:90:6f:b3:a2:32:ec:32:89:
d1:3c:64:b7:e8:03:9d:8f:c3:d3:69:fe:d7:11:d7:c2:cc:f9:
fd:5f:58:62:82:29:31:10:b5:03:1b:32:78:e9:b6:8a:63:c1:
82:51:2c:3d:f0:b6:f7:fa:28:18:0a:c0:e5:9c:dd:2d:f8:b7:
ec:17:07:b8:1c:48:50:f0:b4:89:33:66:87:7a:cb:90:ce:cd:
b2:43:8d:cb:e2:8d:88:28:0d:57:d0:ed:72:85:f8:f6:a7:3c:
9d:3b:42:3d:50:11:07:4d:76:9f:23:5e:2b:63:23:49:e4:94:
e2:14:66:da:53:2c:f9:17:5e:e7:54:ec:30:a6:e3:c0:0a:24:
20:f5:ff:4b:70:5d:bc:da:44:3a:0e:d4:7c:d1:91:a7:44:b3:
c2:d0:a4:5d:da:a7:cd:6a:cb:28:0d:7a:09:53:a3:d9:db:50:
39:70:3d:ef:5d:fe:d3:d8:5e:6d:58:c3:b5:6a:d3:ab:0e:69:
d2:ee:96:14:59:14:07:1c:0a:60:ea:8f:e6:e3:3f:df:92:47:
55:99:3a:13:0b:2b:0d:0e:5e:20:57:4f:d9:7d:20:ad:22:6e:
b6:08:2f:54:f8:87:3b:e9:28:e3:45:56:e6:24:37:65:cc:b9:
ff:b4:cf:3a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDgQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDOTk3QjcwNzFGOTFE
ODA5MDU4NzNCRjk3MzA1MkQ5QjIzNkZGRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfxUSZoJfTtILweO8YQEppDTFFgCT72nUWNEYo4sJtFrpbsN7Y
S0lwwsxtJ7zoFy7JVFrIcREYNTCprxq1y/eoI4szR1DbQzPCmh2qaqirXYO7Y+CK
kFhwqOwFky/IwosofHiI64GFZ/uxCl2KFV9UUzq1kv+hD8iQ3cQbZSLQ11+9F2No
t1M4SVmVC23sFQzpvP+g5InMTRpYpe15DIl/miYF775GB+Ex8FTPDKuq6jmfVg++
7KbO0Bp0yr5Ycf4NfYQLgztY7rsX7Tla/B1c+3JIlOQhLeGqcPNCYomWhL0bWKMh
ZoE9TWYj3s+IPnjxSR+Nym9DT6wgFLHBO4HLAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU3Jl7cHH5HYCQWHO/lzBS2bI2/+4wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dULzNKbDdjSEg1SFlDUVdIT19sekJTMmJJ
Ml8tNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PQgwDQYJ
KoZIhvcNAQELBQADggEBAFrEjUFDm8j7koOQb7OiMuwyidE8ZLfoA52Pw9Np/tcR
18LM+f1fWGKCKTEQtQMbMnjptopjwYJRLD3wtvf6KBgKwOWc3S34t+wXB7gcSFDw
tIkzZod6y5DOzbJDjcvijYgoDVfQ7XKF+PanPJ07Qj1QEQdNdp8jXitjI0nklOIU
ZtpTLPkXXudU7DCm48AKJCD1/0twXbzaRDoO1HzRkadEs8LQpF3ap81qyygNeglT
o9nbUDlwPe9d/tPYXm1Yw7Vq06sOadLulhRZFAccCmDqj+bjP9+SR1WZOhMLKw0O
XiBXT9l9IK0ibrYIL1T4hzvpKONFVuYkN2XMuf+0zzo=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:07:35 2025 by rpki-client