Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/LL1RHCqIWo8TJ3ZyceT21bg1dh0.roa
File: LL1RHCqIWo8TJ3ZyceT21bg1dh0.roa (raw, json)
Hash identifier: 8CnWf961CAc3sHLKlEJOn+kDOiQWv+DaGYxmTUWuGa8=
Subject key identifier: 2C:BD:51:1C:2A:88:5A:8F:13:27:76:72:71:E4:F6:D5:B8:35:76:1D
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0DF3
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/LL1RHCqIWo8TJ3ZyceT21bg1dh0.roa
Signing time: Mon 10 Feb 2025 13:59:16 +0000
ROA not before: Mon 10 Feb 2025 13:59:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 61.61.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3571 (0xdf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:16 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2CBD511C2A885A8F1327767271E4F6D5B835761D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ef:9d:36:38:43:13:9c:f4:fc:31:c8:da:71:
94:1c:e3:fa:40:0f:cb:bb:3f:a0:07:d8:c5:bf:73:
fd:d8:89:03:36:10:18:e7:7d:db:b8:9e:2a:19:e4:
2b:fe:38:20:85:cd:84:a9:4e:27:71:05:d4:aa:91:
36:19:42:31:98:a0:18:51:69:a7:69:00:fc:5f:34:
8c:f6:c0:c9:d1:46:7d:bb:b6:e4:d7:dc:f6:3e:f7:
0a:ed:0e:a3:17:eb:16:05:a6:31:8c:b6:19:01:4c:
2c:33:7b:f8:42:30:50:ba:df:70:e4:69:8f:23:8b:
4e:67:aa:88:10:b0:69:14:a7:61:32:6a:f2:a4:4d:
93:6f:39:01:8b:5d:32:f7:7a:a5:03:ec:2f:7d:d9:
62:98:f2:92:7d:ec:54:b0:d0:d8:ea:f9:7d:3b:30:
1f:0e:55:62:24:65:19:08:2f:7a:43:e4:c5:6d:21:
7e:c4:2a:c0:1f:51:a0:7e:eb:f9:85:5f:c2:17:6e:
64:25:03:57:a6:b6:54:33:e7:18:c4:b9:b5:8f:e4:
9e:80:08:f3:19:9d:73:44:79:34:62:7c:7b:ee:bc:
aa:60:15:29:5c:f6:c8:61:a1:d1:54:80:e7:34:2a:
9a:6f:6b:41:62:65:8e:51:68:21:24:99:d4:d0:a8:
2d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:BD:51:1C:2A:88:5A:8F:13:27:76:72:71:E4:F6:D5:B8:35:76:1D
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/LL1RHCqIWo8TJ3ZyceT21bg1dh0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.16.0/20
Signature Algorithm: sha256WithRSAEncryption
67:65:4f:54:88:88:8a:10:22:cb:e4:90:37:64:fb:b8:42:cf:
c9:83:b4:28:ac:2f:af:44:bf:9c:e8:21:25:43:32:dd:3b:41:
01:80:a9:53:4a:e0:ea:e8:9b:8c:02:a6:9a:b4:e6:f7:a6:79:
b7:29:42:7e:0d:d1:2e:01:31:6c:49:34:0e:54:b2:4b:1f:02:
1e:cc:bf:0c:c6:64:32:6a:c8:58:68:6b:f8:b3:6b:81:54:ce:
f3:10:77:bc:82:eb:a0:36:fa:10:44:89:0c:84:37:e7:74:82:
17:40:9d:1b:53:91:ac:30:ca:4b:1d:7f:2e:b9:a5:25:63:06:
ec:f8:b6:81:d5:ce:59:37:e1:54:a2:a2:8f:eb:d6:f8:27:6d:
25:aa:6b:79:98:ba:04:f2:cc:5d:1d:70:ba:61:59:ee:90:0f:
80:28:c2:a0:61:93:32:72:4e:af:70:7f:23:c8:cc:17:79:5e:
4e:04:29:d3:28:70:07:9b:c6:fc:e4:32:99:d3:eb:a0:90:91:
e3:c0:e4:4e:df:1c:e8:16:20:b2:d1:b2:95:a6:93:af:7e:28:
9f:15:42:e4:db:ba:31:a5:51:17:4e:8f:1d:5e:b1:27:8d:2a:
03:1b:1a:3d:f3:f6:6f:32:b4:ed:df:9d:13:da:40:86:73:02:
34:b6:dc:9b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDfMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJDQkQ1MTFDMkE4ODVB
OEYxMzI3NzY3MjcxRTRGNkQ1QjgzNTc2MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs7502OEMTnPT8McjacZQc4/pAD8u7P6AH2MW/c/3YiQM2EBjn
fdu4nioZ5Cv+OCCFzYSpTidxBdSqkTYZQjGYoBhRaadpAPxfNIz2wMnRRn27tuTX
3PY+9wrtDqMX6xYFpjGMthkBTCwze/hCMFC633DkaY8ji05nqogQsGkUp2EyavKk
TZNvOQGLXTL3eqUD7C992WKY8pJ97FSw0Njq+X07MB8OVWIkZRkIL3pD5MVtIX7E
KsAfUaB+6/mFX8IXbmQlA1emtlQz5xjEubWP5J6ACPMZnXNEeTRifHvuvKpgFSlc
9shhodFUgOc0Kppva0FiZY5RaCEkmdTQqC0dAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQULL1RHCqIWo8TJ3ZyceT21bg1dh0wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL0xMMVJIQ3FJV284VEozWnljZVQyMWJn
MWRoMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9PRAwDQYJ
KoZIhvcNAQELBQADggEBAGdlT1SIiIoQIsvkkDdk+7hCz8mDtCisL69Ev5zoISVD
Mt07QQGAqVNK4Orom4wCppq05vemebcpQn4N0S4BMWxJNA5UsksfAh7MvwzGZDJq
yFhoa/iza4FUzvMQd7yC66A2+hBEiQyEN+d0ghdAnRtTkawwyksdfy65pSVjBuz4
toHVzlk34VSioo/r1vgnbSWqa3mYugTyzF0dcLphWe6QD4AowqBhkzJyTq9wfyPI
zBd5Xk4EKdMocAebxvzkMpnT66CQkePA5E7fHOgWILLRspWmk69+KJ8VQuTbujGl
URdOjx1esSeNKgMbGj3z9m8ytO3fnRPaQIZzAjS23Js=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:14:34 2025 by rpki-client