Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/V9jfrW-2LBd3jTmCkA9440y3h6U.roa
File: V9jfrW-2LBd3jTmCkA9440y3h6U.roa (raw, json)
Hash identifier: 2neVV67SNuw1WyydqtbeaE0+9QWkGZkBrWrVx+On+Pw=
Subject key identifier: 57:D8:DF:AD:6F:B6:2C:17:77:8D:39:82:90:0F:78:E3:4C:B7:87:A5
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0D71
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/V9jfrW-2LBd3jTmCkA9440y3h6U.roa
Signing time: Mon 26 Aug 2024 05:19:49 +0000
ROA not before: Mon 26 Aug 2024 05:19:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 211.78.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3441 (0xd71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Aug 26 05:19:49 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=57D8DFAD6FB62C17778D3982900F78E34CB787A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9e:65:b6:5b:bb:c6:79:f4:dc:01:2a:03:dc:
f6:7e:44:f7:af:6f:51:2c:94:83:f9:89:c7:db:60:
e1:20:e1:0e:66:54:c7:59:33:da:a3:d8:6e:fb:28:
47:72:05:a3:f7:f0:7f:01:e2:09:63:a9:6e:c9:8f:
d3:b8:80:8c:76:b5:35:2b:62:09:9f:10:93:f0:a7:
8c:54:8d:a1:27:b0:32:34:67:19:14:b3:5f:e8:4f:
8b:b0:23:10:a3:3d:4c:58:94:de:e9:4d:6b:4c:53:
d5:cf:88:2b:f1:20:d8:57:58:c1:d5:ce:8f:c5:97:
9f:bd:19:95:d0:94:99:03:c2:04:a2:f3:4a:d7:55:
96:db:bf:f6:98:9b:bb:ed:b0:69:d8:61:bb:3d:bc:
42:9c:df:6f:4e:5b:d1:73:ec:99:00:43:3c:6f:6a:
84:70:a3:00:2f:c3:cb:be:36:35:cf:6e:ea:34:7a:
ba:1e:e2:70:0b:86:ac:61:15:0c:4e:f1:b7:d8:4b:
b9:9a:09:47:3b:8a:e0:60:ef:d5:cf:59:e2:17:68:
50:71:3c:09:4f:0a:53:d4:4e:4c:36:0e:95:d5:ed:
9e:81:77:05:4d:02:0f:f6:0c:fe:0d:a0:42:d0:d5:
7f:82:9e:7f:50:fd:85:79:d1:99:0b:1c:c5:53:0b:
1f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:D8:DF:AD:6F:B6:2C:17:77:8D:39:82:90:0F:78:E3:4C:B7:87:A5
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/V9jfrW-2LBd3jTmCkA9440y3h6U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.8.0/22
Signature Algorithm: sha256WithRSAEncryption
19:d4:56:fe:43:0a:e1:7a:a8:00:03:22:e1:74:b8:7c:66:1b:
75:9b:96:c3:30:c1:f8:3f:79:dd:5d:78:4e:da:3a:43:41:f5:
5c:cd:f7:96:07:1f:32:b8:ae:49:40:0f:24:18:92:8e:f6:9c:
cc:05:2f:65:90:ac:77:04:92:2e:e4:43:3a:47:60:6a:f7:1a:
9f:2b:f8:63:b4:61:02:ab:43:c6:04:49:20:a1:0d:f9:29:18:
1b:0d:23:2b:98:2b:df:13:6c:cf:73:37:58:1f:d1:25:9f:7f:
76:53:65:cd:05:02:48:7a:23:be:5e:8b:14:2a:12:10:58:7c:
72:e1:89:ec:ee:22:bc:d1:99:52:35:85:04:11:ef:cf:62:e9:
51:29:a0:82:40:a5:f9:a1:c6:62:4a:68:76:53:c4:8f:8a:f5:
54:f0:94:81:50:29:57:27:d3:77:33:68:59:d3:d1:72:49:7c:
e6:b4:a9:f1:51:97:27:cf:fa:34:ea:89:47:1f:3d:03:5b:a6:
80:94:c3:6a:c7:f8:53:1a:81:d2:0d:6b:aa:13:98:64:8e:e9:
28:7f:d0:f6:18:bb:36:75:5a:a9:bf:07:4b:6e:5b:22:08:b9:
39:74:11:d0:ae:74:cc:f9:5c:bf:bf:60:6a:d8:3b:36:e0:64:
e6:41:1b:1c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw
NTE5NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU3RDhERkFENkZCNjJD
MTc3NzhEMzk4MjkwMEY3OEUzNENCNzg3QTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqnmW2W7vGefTcASoD3PZ+RPevb1EslIP5icfbYOEg4Q5mVMdZ
M9qj2G77KEdyBaP38H8B4gljqW7Jj9O4gIx2tTUrYgmfEJPwp4xUjaEnsDI0ZxkU
s1/oT4uwIxCjPUxYlN7pTWtMU9XPiCvxINhXWMHVzo/Fl5+9GZXQlJkDwgSi80rX
VZbbv/aYm7vtsGnYYbs9vEKc329OW9Fz7JkAQzxvaoRwowAvw8u+NjXPbuo0eroe
4nALhqxhFQxO8bfYS7maCUc7iuBg79XPWeIXaFBxPAlPClPUTkw2DpXV7Z6BdwVN
Ag/2DP4NoELQ1X+Cnn9Q/YV50ZkLHMVTCx9NAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUV9jfrW+2LBd3jTmCkA9440y3h6UwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Y5amZyVy0yTEJkM2pUbUNrQTk0NDB5
M2g2VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTggwDQYJ
KoZIhvcNAQELBQADggEBABnUVv5DCuF6qAADIuF0uHxmG3WblsMwwfg/ed1deE7a
OkNB9VzN95YHHzK4rklADyQYko72nMwFL2WQrHcEki7kQzpHYGr3Gp8r+GO0YQKr
Q8YESSChDfkpGBsNIyuYK98TbM9zN1gf0SWff3ZTZc0FAkh6I75eixQqEhBYfHLh
iezuIrzRmVI1hQQR789i6VEpoIJApfmhxmJKaHZTxI+K9VTwlIFQKVcn03czaFnT
0XJJfOa0qfFRlyfP+jTqiUcfPQNbpoCUw2rH+FMagdINa6oTmGSO6Sh/0PYYuzZ1
Wqm/B0tuWyIIuTl0EdCudMz5XL+/YGrYOzbgZOZBGxw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:18:11 2025 by rpki-client