Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKH/93RD55Q1LunkHOORn6FyvqkZBhU.roa
File: 93RD55Q1LunkHOORn6FyvqkZBhU.roa (raw, json)
Hash identifier: //NGuXxuMPDrPRTZ5k2lkzoMIFnw8qbaHYQTIpdyYdU=
Subject key identifier: F7:74:43:E7:94:35:2E:E9:E4:1C:E3:91:9F:A1:72:BE:A9:19:06:15
Certificate issuer: /CN=DD87446D4150D1453C4A142A49EBA107DA5D1999
Certificate serial: A7
Authority key identifier: DD:87:44:6D:41:50:D1:45:3C:4A:14:2A:49:EB:A1:07:DA:5D:19:99
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3YdEbUFQ0UU8ShQqSeuhB9pdGZk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/93RD55Q1LunkHOORn6FyvqkZBhU.roa
Signing time: Mon 10 Feb 2025 14:24:36 +0000
ROA not before: Mon 10 Feb 2025 14:24:36 +0000
ROA not after: Fri 09 Jan 2026 15:30:20 +0000
asID: 131645
IP address blocks: 2401:e760::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167 (0xa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DD87446D4150D1453C4A142A49EBA107DA5D1999
Validity
Not Before: Feb 10 14:24:36 2025 GMT
Not After : Jan 9 15:30:20 2026 GMT
Subject: CN=F77443E794352EE9E41CE3919FA172BEA9190615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:92:48:a6:75:79:0a:44:de:75:79:45:9e:6e:
d5:26:6c:c1:3b:b9:aa:10:7d:63:10:03:5f:9f:93:
73:6e:73:24:f8:be:d7:7e:79:3a:27:04:df:09:2a:
21:d8:d6:d6:af:5d:f5:8b:b8:05:41:87:58:21:c5:
0f:40:86:7c:8d:f9:b4:ed:8f:bb:9a:33:f4:0f:90:
e3:22:e2:ae:bf:39:4a:b7:05:34:a8:f6:58:81:23:
03:48:e8:cc:3e:c4:d8:c4:54:cd:48:da:b7:13:3e:
ac:36:4b:3f:72:6c:a2:f5:ce:0b:ce:9e:30:7c:90:
fa:32:69:09:9a:35:d2:7b:45:ac:b9:f7:9b:d5:4d:
02:8b:c7:db:5d:a5:f3:ad:15:57:c6:20:10:47:d6:
49:07:51:8b:9e:b0:2a:d7:f3:cd:39:fe:e3:83:3f:
0a:c5:29:9b:fc:fd:f5:0d:fd:44:42:43:02:e0:b1:
18:05:38:15:75:bc:ab:4b:9f:fe:19:7f:1d:cb:5b:
3b:8a:49:33:a9:45:47:71:9c:35:24:b3:5b:8e:5b:
4c:5d:a8:1c:ef:e8:f4:6c:94:7b:38:29:ea:ab:19:
9c:bf:d4:aa:4e:c4:0b:a5:ca:89:ad:93:ef:31:fc:
d4:5f:c5:4f:a2:95:d2:9f:aa:ad:46:5f:bd:2b:36:
6d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:74:43:E7:94:35:2E:E9:E4:1C:E3:91:9F:A1:72:BE:A9:19:06:15
X509v3 Authority Key Identifier:
keyid:DD:87:44:6D:41:50:D1:45:3C:4A:14:2A:49:EB:A1:07:DA:5D:19:99
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/3YdEbUFQ0UU8ShQqSeuhB9pdGZk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3YdEbUFQ0UU8ShQqSeuhB9pdGZk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/93RD55Q1LunkHOORn6FyvqkZBhU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e760::/32
Signature Algorithm: sha256WithRSAEncryption
a4:b8:28:9d:a0:4e:72:3f:bd:67:4c:aa:62:71:e8:8a:89:00:
ee:bf:6d:45:9f:03:41:64:07:8e:24:0a:32:5f:9e:37:7f:52:
bf:88:a5:33:c7:7a:2b:f8:9d:fb:3d:1f:a7:92:0d:ae:b2:24:
be:e0:e0:7a:e2:a5:98:9e:cb:b2:71:37:2e:be:91:f1:19:cf:
2f:d2:86:b3:96:b2:11:cc:8f:f5:da:fc:46:00:84:0f:53:94:
4b:2a:bc:e0:f3:c5:0c:58:c4:5a:5f:42:3c:d0:31:03:ef:65:
6f:fb:84:a8:2d:45:f2:fa:3c:96:98:3a:31:70:8c:55:eb:75:
b0:0a:5a:f1:b5:aa:22:4f:6b:08:07:87:28:90:b9:f7:6f:f7:
31:0e:17:33:90:29:1d:98:19:a2:fd:f5:2a:ee:ca:c3:9e:7a:
89:63:99:f8:9e:47:de:a9:37:86:78:74:2a:b8:1d:fe:58:e8:
9b:f3:16:cd:cd:91:4a:2d:cc:ad:d3:be:7a:5b:60:7f:fa:a7:
1a:03:3b:61:ff:f1:45:53:92:e1:5a:95:8b:00:ef:31:24:53:
60:2c:34:08:af:3c:5b:88:aa:1a:cc:11:51:61:93:72:d3:f3:
a5:e2:2f:37:bc:fa:c0:77:78:e4:86:fa:33:2e:cb:0d:fe:b6:
16:43:dc:bf
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREQ4
NzQ0NkQ0MTUwRDE0NTNDNEExNDJBNDlFQkExMDdEQTVEMTk5OTAeFw0yNTAyMTAx
NDI0MzZaFw0yNjAxMDkxNTMwMjBaMDMxMTAvBgNVBAMTKEY3NzQ0M0U3OTQzNTJF
RTlFNDFDRTM5MTlGQTE3MkJFQTkxOTA2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3kkimdXkKRN51eUWebtUmbME7uaoQfWMQA1+fk3NucyT4vtd+
eTonBN8JKiHY1tavXfWLuAVBh1ghxQ9AhnyN+bTtj7uaM/QPkOMi4q6/OUq3BTSo
9liBIwNI6Mw+xNjEVM1I2rcTPqw2Sz9ybKL1zgvOnjB8kPoyaQmaNdJ7Ray595vV
TQKLx9tdpfOtFVfGIBBH1kkHUYuesCrX8805/uODPwrFKZv8/fUN/URCQwLgsRgF
OBV1vKtLn/4Zfx3LWzuKSTOpRUdxnDUks1uOW0xdqBzv6PRslHs4KeqrGZy/1KpO
xAulyomtk+8x/NRfxU+ildKfqq1GX70rNm0JAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU93RD55Q1LunkHOORn6FyvqkZBhUwHwYDVR0jBBgwFoAU3YdEbUFQ0UU8ShQq
SeuhB9pdGZkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tILzNZ
ZEViVUZRMFVVOFNoUXFTZXVoQjlwZEdaay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
M1lkRWJVRlEwVVU4U2hRcVNldWhCOXBkR1prLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0tILzkzUkQ1NVExTHVua0hPT1JuNkZ5dnFr
WkJoVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAedgMA0G
CSqGSIb3DQEBCwUAA4IBAQCkuCidoE5yP71nTKpiceiKiQDuv21FnwNBZAeOJAoy
X543f1K/iKUzx3or+J37PR+nkg2usiS+4OB64qWYnsuycTcuvpHxGc8v0oazlrIR
zI/12vxGAIQPU5RLKrzg88UMWMRaX0I80DED72Vv+4SoLUXy+jyWmDoxcIxV63Ww
ClrxtaoiT2sIB4cokLn3b/cxDhczkCkdmBmi/fUq7srDnnqJY5n4nkfeqTeGeHQq
uB3+WOib8xbNzZFKLcyt0756W2B/+qcaAzth//FFU5LhWpWLAO8xJFNgLDQIrzxb
iKoazBFRYZNy0/Ol4i83vPrAd3jkhvozLssN/rYWQ9y/
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:50:34 2025 by rpki-client