Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKH/4MVa8Bgeojn13JFYKB9uNhxbkJY.roa
File: 4MVa8Bgeojn13JFYKB9uNhxbkJY.roa (raw, json)
Hash identifier: uM8H5AvyJfh3GZ6KP8cGt1A+Q73AfSDDex//tkbpprI=
Subject key identifier: E0:C5:5A:F0:18:1E:A2:39:F5:DC:91:58:28:1F:6E:36:1C:5B:90:96
Certificate issuer: /CN=BBF8E5352240971787806A3E53A8904859A9F0E7
Certificate serial: 09
Authority key identifier: BB:F8:E5:35:22:40:97:17:87:80:6A:3E:53:A8:90:48:59:A9:F0:E7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/4MVa8Bgeojn13JFYKB9uNhxbkJY.roa
Signing time: Sat 11 Jan 2025 15:11:37 +0000
ROA not before: Sat 11 Jan 2025 15:11:37 +0000
ROA not after: Fri 09 Jan 2026 15:30:20 +0000
asID: 131645
IP address blocks: 161.248.128.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BBF8E5352240971787806A3E53A8904859A9F0E7
Validity
Not Before: Jan 11 15:11:37 2025 GMT
Not After : Jan 9 15:30:20 2026 GMT
Subject: CN=E0C55AF0181EA239F5DC9158281F6E361C5B9096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f1:4e:02:a6:c9:a2:b7:f0:de:43:f5:e1:6f:
e1:77:4e:cd:d7:45:a9:c7:00:9b:08:10:12:35:c4:
2f:1f:67:5b:93:a0:90:a0:e0:e4:8b:b9:93:70:93:
c1:2c:c8:d6:2c:d4:73:8b:70:fc:16:7e:17:63:59:
10:6f:55:12:32:3a:39:06:20:b1:eb:d1:25:a6:ab:
83:0d:3a:ac:46:16:27:bf:0d:61:cf:97:d2:9b:3e:
37:98:33:82:44:0d:f4:c1:cf:c0:75:42:86:11:ef:
14:6c:0e:f4:b6:0f:0f:af:ba:dc:49:16:7a:11:45:
35:43:e9:1b:b3:7d:0d:aa:77:09:ba:25:cf:b6:0d:
4b:f7:7e:21:07:b0:07:2e:be:68:26:ff:2f:60:84:
d7:9b:4f:11:6c:39:89:3c:2e:2d:6a:d9:a6:53:b9:
06:3d:b4:d5:8c:08:29:ed:e2:32:54:1c:1f:44:93:
7a:d4:7f:2d:60:16:aa:b4:ba:7e:57:45:9c:c4:9d:
ef:ef:c2:25:85:bd:e9:25:c1:28:14:34:59:ed:a9:
b0:34:68:95:2e:59:e6:79:ab:59:f3:cc:26:78:51:
32:20:53:f2:52:5d:5c:0f:af:7c:6d:f3:92:52:15:
f5:01:c4:97:93:9c:a5:35:76:18:42:17:69:f5:2e:
ef:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C5:5A:F0:18:1E:A2:39:F5:DC:91:58:28:1F:6E:36:1C:5B:90:96
X509v3 Authority Key Identifier:
keyid:BB:F8:E5:35:22:40:97:17:87:80:6A:3E:53:A8:90:48:59:A9:F0:E7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/4MVa8Bgeojn13JFYKB9uNhxbkJY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.128.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:aa:a3:07:ca:8c:5b:83:e2:71:7a:f9:cd:54:d8:e5:be:8b:
e2:75:f6:94:28:58:5b:84:6f:e4:2c:1e:a9:0e:29:17:d5:00:
f8:99:70:c7:26:28:2a:e0:0f:1c:1c:6b:48:76:d4:f0:17:3c:
9a:bc:f2:31:e4:3c:60:81:f6:e4:e2:cc:9f:96:ae:7a:88:c5:
b1:fc:e7:18:d8:cb:0e:3b:39:d0:18:ba:6e:ee:04:4d:03:64:
1c:f8:69:fe:71:5a:96:3d:1a:ed:53:49:63:98:cd:a8:ac:dd:
0d:9d:e7:94:32:bc:7d:da:09:50:da:77:aa:49:f3:4a:f3:ea:
1c:f4:4d:23:2f:64:26:13:5d:20:eb:aa:30:b3:d6:ab:39:f6:
d5:23:2a:93:b8:dd:24:c9:6c:06:62:90:98:f1:e9:72:da:6a:
cd:3f:ca:55:3c:15:f5:cb:65:b4:ae:14:44:e3:7a:df:3b:b7:
4f:e8:81:bf:4c:fd:c0:69:69:47:f2:bd:31:9f:92:37:20:4f:
c0:5d:4d:23:ed:78:58:94:6b:c9:e9:68:7a:33:08:cf:29:a8:
61:2f:a2:64:0d:5d:46:a0:25:21:b7:66:4c:4e:13:ea:6f:ed:
31:72:28:c2:69:c2:56:9f:8f:ed:51:75:ef:e6:92:ae:35:c7:
c1:e5:59:03
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCQkY4
RTUzNTIyNDA5NzE3ODc4MDZBM0U1M0E4OTA0ODU5QTlGMEU3MB4XDTI1MDExMTE1
MTEzN1oXDTI2MDEwOTE1MzAyMFowMzExMC8GA1UEAxMoRTBDNTVBRjAxODFFQTIz
OUY1REM5MTU4MjgxRjZFMzYxQzVCOTA5NjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM/xTgKmyaK38N5D9eFv4XdOzddFqccAmwgQEjXELx9nW5OgkKDg
5Iu5k3CTwSzI1izUc4tw/BZ+F2NZEG9VEjI6OQYgsevRJaargw06rEYWJ78NYc+X
0ps+N5gzgkQN9MHPwHVChhHvFGwO9LYPD6+63EkWehFFNUPpG7N9Dap3Cbolz7YN
S/d+IQewBy6+aCb/L2CE15tPEWw5iTwuLWrZplO5Bj201YwIKe3iMlQcH0STetR/
LWAWqrS6fldFnMSd7+/CJYW96SXBKBQ0We2psDRolS5Z5nmrWfPMJnhRMiBT8lJd
XA+vfG3zklIV9QHEl5OcpTV2GEIXafUu78UCAwEAAaOCAegwggHkMB0GA1UdDgQW
BBTgxVrwGB6iOfXckVgoH242HFuQljAfBgNVHSMEGDAWgBS7+OU1IkCXF4eAaj5T
qJBIWanw5zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFkGA1UdHwRSMFAwTqBM
oEqGSHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS0gvdV9q
bE5TSkFseGVIZ0dvLVU2aVFTRm1wOE9jLmNybDBgBggrBgEFBQcBAQRUMFIwUAYI
KwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS91
X2psTlNKQWx4ZUhnR28tVTZpUVNGbXA4T2MuY2VyMA4GA1UdDwEB/wQEAwIHgDCB
mQYIKwYBBQUHAQsEgYwwgYkwVAYIKwYBBQUHMAuGSHJzeW5jOi8vcnBraWNhLnR3
bmljLnR3L3Jwa2kvVFdOSUNDQS9LS0gvNE1WYThCZ2Vvam4xM0pGWUtCOXVOaHhi
a0pZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3JyZHAv
bm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAaH4gDANBgkq
hkiG9w0BAQsFAAOCAQEATqqjB8qMW4PicXr5zVTY5b6L4nX2lChYW4Rv5CweqQ4p
F9UA+JlwxyYoKuAPHBxrSHbU8Bc8mrzyMeQ8YIH25OLMn5aueojFsfznGNjLDjs5
0Bi6bu4ETQNkHPhp/nFalj0a7VNJY5jNqKzdDZ3nlDK8fdoJUNp3qknzSvPqHPRN
Iy9kJhNdIOuqMLPWqzn21SMqk7jdJMlsBmKQmPHpctpqzT/KVTwV9ctltK4URON6
3zu3T+iBv0z9wGlpR/K9MZ+SNyBPwF1NI+14WJRryeloejMIzymoYS+iZA1dRqAl
IbdmTE4T6m/tMXIowmnCVp+P7VF17+aSrjXHweVZAw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:59:33 2025 by rpki-client