Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/fvMzsSyVYVhhqHclb_LGnYdxbIo.roa
File: fvMzsSyVYVhhqHclb_LGnYdxbIo.roa (raw, json)
Hash identifier: J+/LKYaTlh/SAfapTTUdFxez43X6jZG6jN8Fbm8BsQw=
Subject key identifier: 7E:F3:33:B1:2C:95:61:58:61:A8:77:25:6F:F2:C6:9D:87:71:6C:8A
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0DEC
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/fvMzsSyVYVhhqHclb_LGnYdxbIo.roa
Signing time: Mon 10 Feb 2025 13:59:14 +0000
ROA not before: Mon 10 Feb 2025 13:59:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 61.61.52.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3564 (0xdec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:14 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7EF333B12C95615861A877256FF2C69D87716C8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b8:be:33:9f:c6:f6:b8:4b:8d:7c:79:bd:d4:
f6:ac:b4:cb:e0:db:c8:0e:03:43:6a:57:86:af:79:
86:8c:3d:99:cb:a7:0a:45:17:cd:7b:70:2c:67:8f:
92:49:53:b3:fa:9e:96:86:9b:48:6d:3d:8b:79:30:
39:c2:35:69:9e:8f:85:32:16:0e:7c:e9:53:a2:56:
7e:1b:d1:90:92:63:76:37:5e:a3:06:63:e8:8e:3d:
26:8d:c2:30:72:f5:80:81:17:a2:30:47:1c:57:5d:
71:8c:ba:5d:67:c3:36:32:0e:9a:21:47:9c:94:b6:
9f:fe:77:ff:ea:bc:63:05:c1:76:09:03:a9:1f:2c:
77:4c:40:12:3b:04:32:d4:9d:03:f9:70:e3:87:17:
2f:01:04:81:35:bb:68:5b:d3:57:fd:02:3c:3e:d9:
48:24:ba:9b:56:27:23:33:01:a3:14:2a:5a:dc:6e:
79:03:06:59:4b:61:24:c4:5e:b8:2c:32:1c:c5:f7:
2f:3f:03:a7:26:1d:ec:94:57:87:41:eb:47:fe:71:
50:8a:14:54:f7:0c:69:a5:81:03:27:08:d1:0f:51:
0d:86:61:17:8d:d7:2f:d3:65:f2:0a:19:a1:d8:9a:
82:1d:88:1a:31:48:1a:91:d5:59:63:c2:08:8e:d2:
42:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:F3:33:B1:2C:95:61:58:61:A8:77:25:6F:F2:C6:9D:87:71:6C:8A
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/fvMzsSyVYVhhqHclb_LGnYdxbIo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:6d:df:24:00:70:77:b0:88:5e:a4:bd:82:7e:8b:5d:1a:d5:
b5:7d:2a:e9:35:e7:e3:4e:3d:6b:86:dd:18:24:dc:8b:46:2d:
c2:94:95:79:a8:cb:64:d2:39:57:87:19:d4:c5:e6:30:b7:24:
c3:32:82:63:30:4c:30:23:52:61:51:2d:6b:96:92:8f:80:ee:
f0:17:8d:fd:f4:25:53:e5:10:e9:91:df:98:2f:bc:c4:de:e5:
cc:a9:b7:06:8d:4d:a4:47:f0:07:26:94:2d:d0:63:cc:b4:6a:
da:4a:63:e5:04:8a:f7:46:27:32:c0:21:63:6d:02:ad:bf:c4:
28:b6:b1:d4:e6:83:4c:08:95:06:b1:79:f0:1a:c4:0b:58:9c:
6b:fc:cb:e7:ed:89:26:c5:eb:4a:a8:41:7a:e1:59:c7:80:43:
44:8d:66:0d:76:c3:60:79:25:a0:12:54:86:d5:b0:21:c4:0f:
18:ee:32:18:7f:f7:d7:f4:c2:c8:db:1a:71:bd:bc:ab:13:eb:
75:e0:d0:d4:a9:16:00:49:68:9e:0b:1c:94:82:ed:92:35:55:
de:42:a1:50:24:bf:7d:ba:65:77:26:f8:98:3a:d0:e7:5a:27:
e1:ae:0c:f0:48:c1:d8:12:fe:4e:fa:a7:01:41:67:d2:11:9e:
04:2b:f4:03
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDewwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDdFRjMzM0IxMkM5NTYx
NTg2MUE4NzcyNTZGRjJDNjlEODc3MTZDOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1uL4zn8b2uEuNfHm91PastMvg28gOA0NqV4aveYaMPZnLpwpF
F817cCxnj5JJU7P6npaGm0htPYt5MDnCNWmej4UyFg586VOiVn4b0ZCSY3Y3XqMG
Y+iOPSaNwjBy9YCBF6IwRxxXXXGMul1nwzYyDpohR5yUtp/+d//qvGMFwXYJA6kf
LHdMQBI7BDLUnQP5cOOHFy8BBIE1u2hb01f9Ajw+2UgkuptWJyMzAaMUKlrcbnkD
BllLYSTEXrgsMhzF9y8/A6cmHeyUV4dB60f+cVCKFFT3DGmlgQMnCNEPUQ2GYReN
1y/TZfIKGaHYmoIdiBoxSBqR1VljwgiO0kLhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUfvMzsSyVYVhhqHclb/LGnYdxbIowHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2Z2TXpzU3lWWVZoaHFIY2xiX0xHbllk
eGJJby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PTQwDQYJ
KoZIhvcNAQELBQADggEBAKRt3yQAcHewiF6kvYJ+i10a1bV9Kuk15+NOPWuG3Rgk
3ItGLcKUlXmoy2TSOVeHGdTF5jC3JMMygmMwTDAjUmFRLWuWko+A7vAXjf30JVPl
EOmR35gvvMTe5cyptwaNTaRH8AcmlC3QY8y0atpKY+UEivdGJzLAIWNtAq2/xCi2
sdTmg0wIlQaxefAaxAtYnGv8y+ftiSbF60qoQXrhWceAQ0SNZg12w2B5JaASVIbV
sCHEDxjuMhh/99f0wsjbGnG9vKsT63Xg0NSpFgBJaJ4LHJSC7ZI1Vd5CoVAkv326
ZXcm+Jg60OdaJ+GuDPBIwdgS/k76pwFBZ9IRngQr9AM=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:14:34 2025 by rpki-client