Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/rh0kdNZd_CwdrGnyNgt2bKWyqrc.roa
File: rh0kdNZd_CwdrGnyNgt2bKWyqrc.roa (raw, json)
Hash identifier: BNXUq5aEqvSPLHcb2exUSAfZN1uay+0ggWQSftVMBlI=
Subject key identifier: AE:1D:24:74:D6:5D:FC:2C:1D:AC:69:F2:36:0B:76:6C:A5:B2:AA:B7
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0D57
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/rh0kdNZd_CwdrGnyNgt2bKWyqrc.roa
Signing time: Mon 26 Aug 2024 05:19:43 +0000
ROA not before: Mon 26 Aug 2024 05:19:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 61.61.176.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3415 (0xd57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Aug 26 05:19:43 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=AE1D2474D65DFC2C1DAC69F2360B766CA5B2AAB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:e0:6f:16:64:05:23:50:94:74:b2:61:aa:81:
eb:f0:60:0b:8a:c0:d1:a0:11:ae:00:1a:1d:e9:69:
07:0e:c1:39:e3:c8:9b:b9:6c:7d:48:14:c9:75:88:
a4:68:b0:95:d8:79:7a:44:91:7c:72:27:39:e4:5d:
0e:54:9d:e3:f1:f6:62:42:22:0f:32:ec:c8:51:76:
da:45:81:f8:1e:cb:fc:cc:8e:a7:e4:83:ad:60:69:
e6:20:72:55:cc:f0:80:6d:87:ea:8f:d7:7b:9a:f9:
d2:56:44:6f:2d:8f:77:6e:c1:f6:40:06:e4:27:6c:
7d:e1:b4:cb:00:0f:1c:82:be:a0:c9:d1:45:80:e7:
38:5e:f7:73:4c:ef:e9:9b:b5:c9:d8:86:3a:dd:63:
4e:85:9f:1e:f4:32:63:e0:bf:28:40:b3:7c:df:bb:
c0:e6:e5:91:ae:be:7e:61:b3:5b:e9:70:dd:1c:89:
7e:eb:eb:22:95:4e:9e:de:5c:6f:b9:fd:2e:96:fc:
39:59:16:0e:1e:9a:8d:4f:5b:a4:27:a7:e0:23:de:
e2:28:4a:c5:c8:7a:8f:86:7f:ea:41:4a:c9:2e:57:
5c:34:28:8a:7b:d8:c5:f3:55:78:ac:df:25:8a:99:
e3:07:03:93:bb:1b:10:82:15:e2:2a:87:f1:57:a9:
15:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1D:24:74:D6:5D:FC:2C:1D:AC:69:F2:36:0B:76:6C:A5:B2:AA:B7
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/rh0kdNZd_CwdrGnyNgt2bKWyqrc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.176.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:51:dc:49:39:d3:3a:93:97:cc:4a:eb:3b:f4:7e:fe:04:3e:
11:2d:3b:2e:03:31:31:24:22:f3:47:62:2f:9d:e1:a8:00:b2:
77:64:e7:8d:35:71:f5:7f:78:09:5e:0d:c8:98:67:17:dd:2b:
b1:28:1f:b9:dd:b5:77:9e:0e:b2:82:ca:cb:56:22:23:68:85:
63:de:97:d0:50:bb:05:82:dd:56:2d:77:4e:1b:f7:9c:b4:85:
ba:26:f8:44:d9:a2:c2:c6:69:b0:73:e4:41:c3:79:cb:07:5f:
5f:1a:2b:6f:52:45:bd:13:0a:e4:01:b9:1a:9d:65:c6:8b:55:
dc:e9:33:07:b1:df:f0:1f:37:31:f4:19:1b:54:ae:c6:c7:18:
13:a6:9c:3a:3c:b3:81:7a:7c:72:0a:5d:ae:7c:ff:bf:5e:21:
fe:60:13:fa:30:d9:31:d6:cc:19:5b:82:b9:e2:20:fb:83:d1:
d0:a4:e4:e1:52:cb:06:a2:34:47:96:f9:b7:6a:2d:e1:2f:35:
01:d9:04:ce:5f:a1:d1:3e:6e:f8:fa:15:1c:41:fd:0e:71:27:
76:aa:7e:fd:e6:b7:e2:76:a5:c1:b2:c4:f2:fa:98:52:45:2a:
9b:46:64:94:70:fa:93:96:45:97:81:16:7c:93:d4:61:e2:d9:
da:3b:fe:eb
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDVcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw
NTE5NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFFMUQyNDc0RDY1REZD
MkMxREFDNjlGMjM2MEI3NjZDQTVCMkFBQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ4G8WZAUjUJR0smGqgevwYAuKwNGgEa4AGh3paQcOwTnjyJu5
bH1IFMl1iKRosJXYeXpEkXxyJznkXQ5UnePx9mJCIg8y7MhRdtpFgfgey/zMjqfk
g61gaeYgclXM8IBth+qP13ua+dJWRG8tj3duwfZABuQnbH3htMsADxyCvqDJ0UWA
5zhe93NM7+mbtcnYhjrdY06Fnx70MmPgvyhAs3zfu8Dm5ZGuvn5hs1vpcN0ciX7r
6yKVTp7eXG+5/S6W/DlZFg4emo1PW6Qnp+Aj3uIoSsXIeo+Gf+pBSskuV1w0KIp7
2MXzVXis3yWKmeMHA5O7GxCCFeIqh/FXqRW5AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUrh0kdNZd/CwdrGnyNgt2bKWyqrcwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3JoMGtkTlpkX0N3ZHJHbnlOZ3QyYktX
eXFyYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAQ9PbAwDQYJ
KoZIhvcNAQELBQADggEBAH9R3Ek50zqTl8xK6zv0fv4EPhEtOy4DMTEkIvNHYi+d
4agAsndk5401cfV/eAleDciYZxfdK7EoH7ndtXeeDrKCystWIiNohWPel9BQuwWC
3VYtd04b95y0hbom+ETZosLGabBz5EHDecsHX18aK29SRb0TCuQBuRqdZcaLVdzp
Mwex3/AfNzH0GRtUrsbHGBOmnDo8s4F6fHIKXa58/79eIf5gE/ow2THWzBlbgrni
IPuD0dCk5OFSywaiNEeW+bdqLeEvNQHZBM5fodE+bvj6FRxB/Q5xJ3aqfv3mt+J2
pcGyxPL6mFJFKptGZJRw+pOWRZeBFnyT1GHi2do7/us=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:20:28 2025 by rpki-client