Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/yFln9FJcU5QAoqJuY7gN6gAiaEc.roa
File: yFln9FJcU5QAoqJuY7gN6gAiaEc.roa (raw, json)
Hash identifier: SSJ2fK40/h8DTM4X4rrCEU36uY5lJHxE2iQnR1vgY20=
Subject key identifier: C8:59:67:F4:52:5C:53:94:00:A2:A2:6E:63:B8:0D:EA:00:22:68:47
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0DF1
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/yFln9FJcU5QAoqJuY7gN6gAiaEc.roa
Signing time: Mon 10 Feb 2025 13:59:16 +0000
ROA not before: Mon 10 Feb 2025 13:59:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18049
IP address blocks: 61.61.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3569 (0xdf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Feb 10 13:59:16 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C85967F4525C539400A2A26E63B80DEA00226847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:75:b1:e3:1c:76:eb:e1:c1:5a:ed:44:59:df:
bb:68:26:e3:1f:8b:02:e0:94:43:a2:29:fa:c0:2d:
8e:22:59:3c:0b:24:87:2e:38:87:2b:f6:bf:0a:98:
e1:8b:8c:72:05:69:e8:2e:5a:a0:d7:e9:30:12:9e:
e5:2f:1d:03:b8:e3:1f:3b:f5:a0:a7:e0:17:fb:61:
4e:4a:f5:76:34:3f:28:ff:83:59:90:32:78:8e:1f:
b8:95:4e:72:f9:1a:cc:2e:9f:2b:2d:03:a9:6a:ac:
b3:94:c6:7c:24:78:e6:3c:74:96:2a:77:90:73:4a:
83:e7:11:1a:40:8c:ca:16:44:52:c0:7a:95:1a:de:
db:9c:29:58:ed:9e:18:ab:cd:bd:4a:70:56:2b:af:
c8:bc:d1:24:a6:6d:99:a3:94:91:09:63:a9:2c:59:
0e:6d:d3:08:c2:f6:b6:11:f3:14:26:87:97:67:9c:
3c:27:2f:19:7b:86:b5:02:12:2c:f5:a8:07:08:62:
63:8a:e9:dd:30:f3:fc:45:fc:2f:fa:66:bc:02:65:
b1:3a:b4:a5:14:bc:41:5a:33:59:f1:4d:94:ce:40:
4c:b7:2f:6d:d6:3b:a0:bb:f7:95:41:dd:7b:76:53:
f9:bc:28:e9:0f:83:94:99:a4:12:c6:61:74:2c:49:
7e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:59:67:F4:52:5C:53:94:00:A2:A2:6E:63:B8:0D:EA:00:22:68:47
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/yFln9FJcU5QAoqJuY7gN6gAiaEc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.72.0/22
Signature Algorithm: sha256WithRSAEncryption
11:87:b3:3c:c2:57:03:9d:49:4d:68:8b:0f:a1:bd:51:8d:42:
92:11:39:4f:d2:c0:be:82:c6:15:fb:61:fe:31:ca:15:c9:a1:
94:36:07:f0:b3:b7:02:a0:ad:db:69:9f:7c:9b:79:37:0a:ec:
dd:ae:c2:e1:2d:bf:f7:cf:aa:a0:2d:e7:0a:60:55:4b:66:19:
40:15:a9:da:60:12:c8:2d:34:8d:bd:33:87:38:e7:5a:74:37:
d8:75:11:9a:2e:bd:82:04:b4:08:d1:30:71:f6:82:46:8f:e9:
c2:28:65:ca:3a:f0:62:8a:7e:42:6b:48:44:fd:b1:f6:44:d0:
cf:14:f4:3e:8d:eb:f8:c5:43:6a:f8:07:f1:60:c0:41:4e:94:
e7:7f:ef:90:5d:a5:c7:f6:8a:8b:68:62:6d:1d:08:ac:73:65:
58:8f:7b:58:21:83:26:76:04:f7:83:02:a1:48:0d:46:46:6d:
d2:d0:f3:bf:01:10:95:d5:cd:2c:2e:1a:54:e8:d2:49:4b:41:
de:a0:44:9d:c1:3a:0c:01:c9:45:97:73:aa:c4:cb:5d:85:8f:
24:9c:1a:92:9d:80:bb:50:21:d5:16:6f:08:74:00:f8:6f:dc:
79:69:ce:5a:ef:5d:6c:15:ee:f8:01:6d:c6:d5:f7:0a:d3:96:
81:fb:87:19
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDfEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNTAyMTAx
MzU5MTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM4NTk2N0Y0NTI1QzUz
OTQwMEEyQTI2RTYzQjgwREVBMDAyMjY4NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCldbHjHHbr4cFa7URZ37toJuMfiwLglEOiKfrALY4iWTwLJIcu
OIcr9r8KmOGLjHIFaeguWqDX6TASnuUvHQO44x879aCn4Bf7YU5K9XY0Pyj/g1mQ
MniOH7iVTnL5GswunystA6lqrLOUxnwkeOY8dJYqd5BzSoPnERpAjMoWRFLAepUa
3tucKVjtnhirzb1KcFYrr8i80SSmbZmjlJEJY6ksWQ5t0wjC9rYR8xQmh5dnnDwn
Lxl7hrUCEiz1qAcIYmOK6d0w8/xF/C/6ZrwCZbE6tKUUvEFaM1nxTZTOQEy3L23W
O6C795VB3Xt2U/m8KOkPg5SZpBLGYXQsSX5zAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUyFln9FJcU5QAoqJuY7gN6gAiaEcwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3lGbG45RkpjVTVRQW9xSnVZN2dONmdB
aWFFYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAI9PUgwDQYJ
KoZIhvcNAQELBQADggEBABGHszzCVwOdSU1oiw+hvVGNQpIROU/SwL6CxhX7Yf4x
yhXJoZQ2B/CztwKgrdtpn3ybeTcK7N2uwuEtv/fPqqAt5wpgVUtmGUAVqdpgEsgt
NI29M4c451p0N9h1EZouvYIEtAjRMHH2gkaP6cIoZco68GKKfkJrSET9sfZE0M8U
9D6N6/jFQ2r4B/FgwEFOlOd/75Bdpcf2iotoYm0dCKxzZViPe1ghgyZ2BPeDAqFI
DUZGbdLQ878BEJXVzSwuGlTo0klLQd6gRJ3BOgwByUWXc6rEy12FjyScGpKdgLtQ
IdUWbwh0APhv3HlpzlrvXWwV7vgBbcbV9wrTloH7hxk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:01:43 2025 by rpki-client