Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/ypDmWZ5GV1vYi4bAAXNL4OoUog8.roa
File: ypDmWZ5GV1vYi4bAAXNL4OoUog8.roa (raw, json)
Hash identifier: ZG+SxVZBS0stNbnVFEFUEjl60Ko8ewZTgsKCEgeT24M=
Subject key identifier: CA:90:E6:59:9E:46:57:5B:D8:8B:86:C0:01:73:4B:E0:EA:14:A2:0F
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0D62
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ypDmWZ5GV1vYi4bAAXNL4OoUog8.roa
Signing time: Mon 26 Aug 2024 05:19:45 +0000
ROA not before: Mon 26 Aug 2024 05:19:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9918
IP address blocks: 61.61.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3426 (0xd62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Aug 26 05:19:45 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CA90E6599E46575BD88B86C001734BE0EA14A20F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b1:e3:bd:63:59:ea:10:d4:23:85:96:4d:bd:
ac:d9:4c:12:3e:0c:ca:77:91:61:65:8f:78:fe:c1:
fc:e1:82:ce:22:49:29:5e:ef:45:10:be:21:46:6e:
c0:16:3e:43:08:ce:ed:ae:15:de:67:fe:13:0e:4b:
54:ec:46:ca:67:74:ff:4e:70:2f:13:88:fe:58:b8:
24:97:a8:67:94:e0:15:c4:24:b0:12:5f:dd:1d:fd:
c8:3d:60:e3:d8:93:6d:25:9b:6f:8d:89:48:35:13:
07:ff:83:ae:4b:bd:25:23:39:da:fb:51:6d:51:12:
c9:1e:b0:8b:ea:64:96:a8:0b:ee:aa:83:0b:42:a4:
da:e7:4b:42:c8:a6:54:95:95:54:a5:29:99:39:ac:
fc:1f:63:bf:aa:9d:6e:7d:98:b9:f8:3b:9f:13:ae:
d4:38:9a:0d:92:3b:09:87:58:55:21:ec:fb:e4:26:
5f:c9:93:28:53:cb:e9:34:a2:9f:25:5c:82:31:1c:
54:ff:df:be:d4:97:99:41:87:b6:e7:65:13:a3:5d:
71:ea:f4:1a:b9:1e:37:5e:a5:34:b6:d2:78:6e:0f:
09:21:1b:25:30:eb:dc:df:bd:19:79:a3:8e:de:d3:
08:1e:67:3d:69:c1:4a:92:e3:0f:77:48:31:18:3a:
18:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:90:E6:59:9E:46:57:5B:D8:8B:86:C0:01:73:4B:E0:EA:14:A2:0F
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/ypDmWZ5GV1vYi4bAAXNL4OoUog8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.128.0/18
Signature Algorithm: sha256WithRSAEncryption
6b:9f:b4:97:c4:b3:23:0c:26:9b:44:fe:fc:7b:9e:81:2f:b4:
f6:93:ed:29:9c:c0:06:d5:16:ca:cd:c3:ff:7e:cb:03:40:a7:
4d:ac:ea:b5:b9:e6:48:d7:ea:f7:08:78:96:97:ec:a9:34:0c:
84:77:0b:61:7d:b3:f0:30:37:fa:e3:98:bd:41:0d:7c:2a:7b:
dd:8f:e4:43:3d:17:f4:48:f6:b2:e1:b3:25:bd:45:ba:b5:be:
7d:7e:7a:08:6d:01:19:53:f7:a3:e9:fa:5a:02:ba:24:75:fe:
b7:c7:67:ab:5b:3f:c7:d0:9b:54:b6:e1:6c:92:90:8f:63:6e:
d7:5f:d6:1d:70:91:f2:a4:ec:5f:ef:8c:fa:43:90:05:0e:1a:
f4:20:96:6c:ee:1f:c7:87:99:7a:16:9a:c3:fc:e0:da:76:6a:
3e:5f:d3:bb:09:c9:f3:66:57:89:d8:03:af:8e:dc:fd:ad:53:
fc:d8:82:09:53:20:c0:fa:a9:40:ff:a7:16:a8:df:53:47:a2:
f0:9d:18:f5:de:96:e4:d5:34:4e:c2:e5:bb:85:27:6d:aa:cb:
70:cb:cc:2e:5e:4d:a4:02:02:17:6c:08:cf:cb:20:f3:68:65:
6e:bb:b2:48:d1:a9:6b:60:f7:13:8a:19:8f:47:c3:48:41:cf:
a5:3f:6b:d9
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yNDA4MjYw
NTE5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENBOTBFNjU5OUU0NjU3
NUJEODhCODZDMDAxNzM0QkUwRUExNEEyMEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgseO9Y1nqENQjhZZNvazZTBI+DMp3kWFlj3j+wfzhgs4iSSle
70UQviFGbsAWPkMIzu2uFd5n/hMOS1TsRspndP9OcC8TiP5YuCSXqGeU4BXEJLAS
X90d/cg9YOPYk20lm2+NiUg1Ewf/g65LvSUjOdr7UW1REskesIvqZJaoC+6qgwtC
pNrnS0LIplSVlVSlKZk5rPwfY7+qnW59mLn4O58TrtQ4mg2SOwmHWFUh7PvkJl/J
kyhTy+k0op8lXIIxHFT/377Ul5lBh7bnZROjXXHq9Bq5HjdepTS20nhuDwkhGyUw
69zfvRl5o47e0wgeZz1pwUqS4w93SDEYOhhJAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUypDmWZ5GV1vYi4bAAXNL4OoUog8wHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3lwRG1XWjVHVjF2WWk0YkFBWE5MNE9v
VW9nOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAY9PYAwDQYJ
KoZIhvcNAQELBQADggEBAGuftJfEsyMMJptE/vx7noEvtPaT7SmcwAbVFsrNw/9+
ywNAp02s6rW55kjX6vcIeJaX7Kk0DIR3C2F9s/AwN/rjmL1BDXwqe92P5EM9F/RI
9rLhsyW9Rbq1vn1+eghtARlT96Pp+loCuiR1/rfHZ6tbP8fQm1S24WySkI9jbtdf
1h1wkfKk7F/vjPpDkAUOGvQglmzuH8eHmXoWmsP84Np2aj5f07sJyfNmV4nYA6+O
3P2tU/zYgglTIMD6qUD/pxao31NHovCdGPXeluTVNE7C5buFJ22qy3DLzC5eTaQC
AhdsCM/LIPNoZW67skjRqWtg9xOKGY9Hw0hBz6U/a9k=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:09:54 2025 by rpki-client