Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/cS-04cQPLephKphOnVfz1geMx0o.roa
File: cS-04cQPLephKphOnVfz1geMx0o.roa (raw, json)
Hash identifier: IU4f9lpN9NvvQKMAweGLxBVPgLMy1JssOAa/e+tvQHI=
Subject key identifier: 71:2F:B4:E1:C4:0F:2D:EA:61:2A:98:4E:9D:57:F3:D6:07:8C:C7:4A
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0DEF
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/cS-04cQPLephKphOnVfz1geMx0o.roa
Signing time: Mon 10 Feb 2025 13:59:15 +0000
ROA not before: Mon 10 Feb 2025 13:59:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 61.61.56.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3567 (0xdef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:15 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=712FB4E1C40F2DEA612A984E9D57F3D6078CC74A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c6:b0:42:e4:28:31:a8:b2:05:db:59:b8:c7:
c9:3a:7e:64:90:b0:e9:c3:6b:26:47:f2:ba:23:48:
b9:80:fe:78:6a:86:7a:29:e4:93:56:a9:02:32:54:
31:b1:73:22:13:12:25:78:23:1b:44:ea:30:5c:cc:
79:37:06:60:de:ef:58:aa:f2:d4:93:0d:79:31:a1:
1c:42:be:83:1f:98:24:a0:82:29:9f:a1:8c:3c:71:
a1:3d:d4:29:e8:e8:02:1c:51:98:bf:da:6b:38:e9:
4f:47:3c:b0:5e:75:4e:bd:90:ef:fb:e2:0c:2c:b2:
ea:72:6d:b9:cf:84:c3:84:c8:45:11:d1:5b:c8:48:
76:92:14:f9:9e:17:41:af:58:d7:2a:35:5d:71:95:
94:da:ca:d3:df:4d:49:7a:67:36:cc:51:f2:12:9f:
e1:e7:91:b3:0e:16:45:3e:1f:47:13:48:4d:e4:5c:
c8:18:dc:c3:29:e3:9e:11:9b:5a:94:db:9b:1c:2f:
5a:77:60:fc:64:4f:7b:f3:b1:8e:05:a6:51:ff:19:
7e:a4:24:ab:0e:e5:61:11:ee:ca:a2:76:15:4a:91:
aa:12:7e:1e:ad:a2:76:48:1d:32:26:14:f0:54:e1:
0d:b7:22:2b:79:4b:93:7e:45:7d:3e:f0:f9:c4:bc:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:2F:B4:E1:C4:0F:2D:EA:61:2A:98:4E:9D:57:F3:D6:07:8C:C7:4A
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/cS-04cQPLephKphOnVfz1geMx0o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.56.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:12:8f:27:04:51:3a:52:d8:3e:4e:22:4e:d5:e8:bf:4c:d4:
48:b0:f3:78:41:2c:0c:1f:e7:d3:fd:8d:75:f7:5d:d0:f8:cc:
17:24:a6:3f:49:d5:4b:89:c4:1a:ba:a9:ba:33:32:40:74:51:
26:84:05:c1:92:59:c5:32:71:50:59:4e:5e:67:a9:3c:92:39:
0b:99:de:59:0a:f4:59:b7:c1:5a:35:39:36:2d:4d:0f:3f:95:
11:ca:fb:3c:c7:a3:71:09:b2:f7:59:54:74:f1:d3:dd:98:c1:
b8:21:7c:42:a6:41:24:06:94:6b:44:ee:2e:92:db:1f:50:ba:
8d:48:41:6d:b2:16:0f:75:4e:4d:68:43:76:f8:1a:99:e0:d5:
37:23:b9:08:0d:24:1a:83:59:e6:58:69:d2:16:b8:e2:3f:15:
9f:d1:35:62:2a:37:63:ae:ac:62:c5:a8:92:05:35:71:17:ce:
f7:45:6d:50:28:be:58:9f:18:64:ef:94:5b:de:8b:23:f5:33:
b3:a9:24:84:ed:4f:f1:4d:64:85:8d:ab:c8:87:b5:41:f8:a7:
66:18:09:1b:28:15:fb:ae:05:f8:d6:6b:b9:ac:63:ae:07:49:
4b:46:59:97:7a:3e:13:38:60:e8:0e:6a:0b:94:48:56:99:4e:
9c:99:2f:ec
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcxMkZCNEUxQzQwRjJE
RUE2MTJBOTg0RTlENTdGM0Q2MDc4Q0M3NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKxrBC5CgxqLIF21m4x8k6fmSQsOnDayZH8rojSLmA/nhqhnop
5JNWqQIyVDGxcyITEiV4IxtE6jBczHk3BmDe71iq8tSTDXkxoRxCvoMfmCSggimf
oYw8caE91Cno6AIcUZi/2ms46U9HPLBedU69kO/74gwssupybbnPhMOEyEUR0VvI
SHaSFPmeF0GvWNcqNV1xlZTaytPfTUl6ZzbMUfISn+HnkbMOFkU+H0cTSE3kXMgY
3MMp454Rm1qU25scL1p3YPxkT3vzsY4FplH/GX6kJKsO5WER7sqidhVKkaoSfh6t
onZIHTImFPBU4Q23Iit5S5N+RX0+8PnEvNgDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUcS+04cQPLephKphOnVfz1geMx0owHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2NTLTA0Y1FQTGVwaEtwaE9uVmZ6MWdl
TXgwby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PTgwDQYJ
KoZIhvcNAQELBQADggEBAFwSjycEUTpS2D5OIk7V6L9M1Eiw83hBLAwf59P9jXX3
XdD4zBckpj9J1UuJxBq6qbozMkB0USaEBcGSWcUycVBZTl5nqTySOQuZ3lkK9Fm3
wVo1OTYtTQ8/lRHK+zzHo3EJsvdZVHTx092YwbghfEKmQSQGlGtE7i6S2x9Quo1I
QW2yFg91Tk1oQ3b4Gpng1TcjuQgNJBqDWeZYadIWuOI/FZ/RNWIqN2OurGLFqJIF
NXEXzvdFbVAovlifGGTvlFveiyP1M7OpJITtT/FNZIWNq8iHtUH4p2YYCRsoFfuu
BfjWa7msY64HSUtGWZd6PhM4YOgOaguUSFaZTpyZL+w=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:18:11 2025 by rpki-client