Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKH/w_KewT6KWsZuHTgvBMYnYFPhchY.roa
File: w_KewT6KWsZuHTgvBMYnYFPhchY.roa (raw, json)
Hash identifier: vA7vcHpZZT9NqWFZlSoCmScIUZDx16ZMpEGvj2tJDZ0=
Subject key identifier: C3:F2:9E:C1:3E:8A:5A:C6:6E:1D:38:2F:04:C6:27:60:53:E1:72:16
Certificate issuer: /CN=BBF8E5352240971787806A3E53A8904859A9F0E7
Certificate serial: A8
Authority key identifier: BB:F8:E5:35:22:40:97:17:87:80:6A:3E:53:A8:90:48:59:A9:F0:E7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/w_KewT6KWsZuHTgvBMYnYFPhchY.roa
Signing time: Mon 10 Feb 2025 14:24:37 +0000
ROA not before: Mon 10 Feb 2025 14:24:37 +0000
ROA not after: Fri 09 Jan 2026 15:30:20 +0000
asID: 131645
IP address blocks: 161.248.128.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168 (0xa8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BBF8E5352240971787806A3E53A8904859A9F0E7
Validity
Not Before: Feb 10 14:24:37 2025 GMT
Not After : Jan 9 15:30:20 2026 GMT
Subject: CN=C3F29EC13E8A5AC66E1D382F04C6276053E17216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:37:c2:ee:40:03:8c:ef:34:ed:ce:0f:a2:27:
00:12:13:2c:a4:3e:3f:78:4a:3e:e1:26:90:75:d4:
8b:71:20:22:92:cd:34:7d:d2:5b:82:df:1d:cf:28:
78:b0:d7:27:9a:3d:d3:28:af:a6:a7:21:dc:d8:b8:
34:67:d5:e6:20:86:c5:3a:53:14:3f:eb:02:2b:e6:
6c:f9:a7:0c:1a:7b:e5:60:aa:07:7b:2f:29:eb:78:
0a:5d:bd:5c:59:e2:37:4b:f1:3a:18:38:bb:bc:9c:
b5:65:fe:9d:de:07:66:f9:d0:9d:7b:94:b6:47:5b:
6d:10:5c:d0:18:7b:ae:7f:bc:10:0d:f8:9c:d4:18:
04:55:a8:f6:0f:1f:8f:a3:72:57:e3:48:ed:0f:90:
5e:8e:0c:3b:18:60:26:d9:c3:0f:93:70:5d:7b:e9:
78:f6:0d:39:8b:dd:68:5c:9f:12:11:00:3c:30:a5:
61:49:aa:c4:91:25:78:3a:02:70:e0:9f:79:0a:cd:
a4:8b:bf:15:92:cf:62:f0:2c:62:98:f7:b2:dc:54:
20:d8:d7:47:c9:a5:fd:44:49:74:8e:c3:c8:15:c1:
92:fa:c1:67:82:f0:7e:51:cc:81:fa:84:5b:6f:0c:
d8:fc:91:2e:04:f9:32:6a:15:64:fc:5e:2c:0e:a6:
fe:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F2:9E:C1:3E:8A:5A:C6:6E:1D:38:2F:04:C6:27:60:53:E1:72:16
X509v3 Authority Key Identifier:
keyid:BB:F8:E5:35:22:40:97:17:87:80:6A:3E:53:A8:90:48:59:A9:F0:E7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u_jlNSJAlxeHgGo-U6iQSFmp8Oc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKH/w_KewT6KWsZuHTgvBMYnYFPhchY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.128.0/23
Signature Algorithm: sha256WithRSAEncryption
cb:dc:4c:52:f9:d8:d2:d6:6d:e7:d9:1b:4d:2a:44:6b:fc:b2:
90:60:d4:b1:a6:5d:ab:7c:ca:47:63:fd:44:78:6b:5b:b0:13:
b2:7d:20:cb:43:d9:64:2e:1c:c2:69:9a:01:49:e6:5b:f7:d7:
b2:36:0f:95:dc:3b:79:dc:0d:10:ed:84:5f:b3:70:d9:e1:a1:
8c:53:b5:97:7c:a2:7a:f3:d7:f3:18:73:c8:c3:c1:c6:a0:0b:
4f:6d:7d:6f:23:25:76:f2:9a:36:22:ed:25:0c:dd:78:59:69:
53:d8:4b:26:a6:58:aa:f2:8b:ac:ec:85:bd:fc:e8:10:f9:a4:
96:25:c6:fb:dc:b1:0b:18:e3:89:ef:fe:4b:cd:86:98:1b:6f:
b6:ac:dd:55:36:df:c4:dd:cc:a2:e0:fd:85:9c:8b:9a:01:14:
c9:bc:65:0a:99:61:13:17:43:5a:26:f3:b2:34:f2:06:08:a6:
e6:92:78:cc:25:6b:f3:20:3e:14:d9:b2:c5:c8:f0:d6:e4:01:
b8:96:db:60:96:11:ad:b1:29:8c:28:ae:9a:39:de:00:65:59:
5c:17:ec:91:7d:03:44:7e:fa:91:fe:5c:c2:49:dd:01:97:bb:
85:b8:cd:c2:06:70:51:f8:fc:da:58:93:86:e4:0b:0f:42:fd:
fa:6f:93:6f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICAKgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJG
OEU1MzUyMjQwOTcxNzg3ODA2QTNFNTNBODkwNDg1OUE5RjBFNzAeFw0yNTAyMTAx
NDI0MzdaFw0yNjAxMDkxNTMwMjBaMDMxMTAvBgNVBAMTKEMzRjI5RUMxM0U4QTVB
QzY2RTFEMzgyRjA0QzYyNzYwNTNFMTcyMTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeN8LuQAOM7zTtzg+iJwASEyykPj94Sj7hJpB11ItxICKSzTR9
0luC3x3PKHiw1yeaPdMor6anIdzYuDRn1eYghsU6UxQ/6wIr5mz5pwwae+Vgqgd7
LynreApdvVxZ4jdL8ToYOLu8nLVl/p3eB2b50J17lLZHW20QXNAYe65/vBAN+JzU
GARVqPYPH4+jclfjSO0PkF6ODDsYYCbZww+TcF176Xj2DTmL3WhcnxIRADwwpWFJ
qsSRJXg6AnDgn3kKzaSLvxWSz2LwLGKY97LcVCDY10fJpf1ESXSOw8gVwZL6wWeC
8H5RzIH6hFtvDNj8kS4E+TJqFWT8XiwOpv4ZAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUw/KewT6KWsZuHTgvBMYnYFPhchYwHwYDVR0jBBgwFoAUu/jlNSJAlxeHgGo+
U6iQSFmp8OcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tIL3Vf
amxOU0pBbHhlSGdHby1VNmlRU0ZtcDhPYy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
dV9qbE5TSkFseGVIZ0dvLVU2aVFTRm1wOE9jLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0tIL3dfS2V3VDZLV3NadUhUZ3ZCTVluWUZQ
aGNoWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGh+IAwDQYJ
KoZIhvcNAQELBQADggEBAMvcTFL52NLWbefZG00qRGv8spBg1LGmXat8ykdj/UR4
a1uwE7J9IMtD2WQuHMJpmgFJ5lv317I2D5XcO3ncDRDthF+zcNnhoYxTtZd8onrz
1/MYc8jDwcagC09tfW8jJXbymjYi7SUM3XhZaVPYSyamWKryi6zshb386BD5pJYl
xvvcsQsY44nv/kvNhpgbb7as3VU238TdzKLg/YWci5oBFMm8ZQqZYRMXQ1om87I0
8gYIpuaSeMwla/MgPhTZssXI8NbkAbiW22CWEa2xKYworpo53gBlWVwX7JF9A0R+
+pH+XMJJ3QGXu4W4zcIGcFH4/NpYk4bkCw9C/fpvk28=
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:18:52 2025 by rpki-client