Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKIS/-FE4kKpuBA0x9a10aqGfr1zWjsA.roa
File: -FE4kKpuBA0x9a10aqGfr1zWjsA.roa (raw, json)
Hash identifier: 7FXViPK9Mo7mEvh1pYfct+y84m/6kB1MxzG3XToknD4=
Subject key identifier: F8:51:38:90:AA:6E:04:0D:31:F5:AD:74:6A:A1:9F:AF:5C:D6:8E:C0
Certificate issuer: /CN=FB3BEA18F748476BF7FCF84FE43BE4EDBC7C7601
Certificate serial: 0C
Authority key identifier: FB:3B:EA:18:F7:48:47:6B:F7:FC:F8:4F:E4:3B:E4:ED:BC:7C:76:01
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-zvqGPdIR2v3_PhP5Dvk7bx8dgE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/-FE4kKpuBA0x9a10aqGfr1zWjsA.roa
Signing time: Sat 11 Jan 2025 15:09:43 +0000
ROA not before: Sat 11 Jan 2025 15:09:43 +0000
ROA not after: Fri 09 Jan 2026 15:30:29 +0000
asID: 131645
IP address blocks: 2401:e7a0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12 (0xc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB3BEA18F748476BF7FCF84FE43BE4EDBC7C7601
Validity
Not Before: Jan 11 15:09:43 2025 GMT
Not After : Jan 9 15:30:29 2026 GMT
Subject: CN=F8513890AA6E040D31F5AD746AA19FAF5CD68EC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:b5:e1:e5:dc:af:61:c1:74:7d:75:e2:e1:bf:
99:58:da:94:c7:e8:46:42:7e:35:bb:3d:26:d7:c7:
28:74:aa:18:63:02:a6:50:0c:19:70:04:4b:26:e5:
b9:3d:8e:4a:68:9b:c9:7e:2c:72:73:6e:25:d9:75:
73:6d:10:b2:b1:9c:44:3e:8a:c0:06:52:f5:bd:3e:
c2:f3:fc:2b:ba:b4:6f:30:04:88:22:49:37:76:ab:
89:c0:7f:ab:59:28:0e:72:ad:af:12:98:9e:55:eb:
46:88:c7:e9:29:82:90:8e:12:b6:da:94:2f:c7:ff:
d8:b4:74:45:1f:31:a6:7a:ec:04:a6:35:dc:b2:43:
fc:19:77:2b:80:47:da:b0:ec:a7:d3:86:2c:82:c7:
72:5b:bd:19:fa:7b:82:01:5c:fe:56:44:9a:00:5f:
d5:34:95:28:ee:28:e4:2b:67:ed:d6:74:03:f7:51:
b9:37:82:67:9a:d4:14:78:1f:db:0e:6f:b2:ec:df:
29:15:5b:b6:05:12:cf:98:c3:9a:f6:9f:b1:64:10:
a8:67:ae:22:1f:0b:a4:33:35:45:a6:5d:6b:8a:df:
c4:31:bf:d1:ac:c0:21:3e:11:fc:1f:c9:03:d1:9c:
ec:6b:b4:18:6e:82:51:b8:f7:82:03:77:2c:8d:f3:
08:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:51:38:90:AA:6E:04:0D:31:F5:AD:74:6A:A1:9F:AF:5C:D6:8E:C0
X509v3 Authority Key Identifier:
keyid:FB:3B:EA:18:F7:48:47:6B:F7:FC:F8:4F:E4:3B:E4:ED:BC:7C:76:01
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/-zvqGPdIR2v3_PhP5Dvk7bx8dgE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-zvqGPdIR2v3_PhP5Dvk7bx8dgE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/-FE4kKpuBA0x9a10aqGfr1zWjsA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:e7a0::/32
Signature Algorithm: sha256WithRSAEncryption
0f:d4:18:3f:0d:4b:30:08:93:41:65:d0:ab:e9:aa:c5:02:86:
76:be:9b:1b:16:f3:00:bb:76:e1:3a:72:c4:b1:d6:90:72:f8:
b8:35:dc:66:5b:d5:d0:8d:01:a3:f6:54:76:28:c0:96:50:03:
b3:de:c8:7f:aa:9b:2a:10:9d:b9:92:17:1f:54:a1:7e:98:e9:
76:4f:95:75:29:9e:4e:16:38:3a:d5:e9:92:16:07:73:e8:46:
a3:18:90:e1:3d:db:bd:f9:78:25:33:5f:ee:6e:7f:f1:77:24:
6e:73:b6:25:6d:63:e2:ae:47:89:6f:78:f5:90:f5:f8:87:46:
33:ac:25:c5:3d:e6:1a:84:01:80:3d:46:16:0b:a5:e1:89:f7:
71:34:19:21:0f:13:7e:c1:bb:ee:c1:2c:f5:60:a5:74:44:85:
28:87:dd:55:0c:f2:cf:e2:35:32:bb:cd:4a:3a:6d:4d:82:90:
64:47:a9:cf:fc:ce:c7:49:94:b9:db:c3:2c:df:c7:4d:b2:49:
08:7a:fa:2c:c8:20:76:0f:41:2c:47:5d:a1:51:4e:c2:af:8c:
fd:66:80:58:36:f7:60:e4:a9:d3:8a:01:4e:7e:e6:2a:30:42:
f9:a4:cd:4b:2d:ba:25:da:6e:6a:cb:44:64:56:02:24:3c:2f:
15:73:81:c0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgIBDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGQjNC
RUExOEY3NDg0NzZCRjdGQ0Y4NEZFNDNCRTRFREJDN0M3NjAxMB4XDTI1MDExMTE1
MDk0M1oXDTI2MDEwOTE1MzAyOVowMzExMC8GA1UEAxMoRjg1MTM4OTBBQTZFMDQw
RDMxRjVBRDc0NkFBMTlGQUY1Q0Q2OEVDMDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPm14eXcr2HBdH114uG/mVjalMfoRkJ+Nbs9JtfHKHSqGGMCplAM
GXAESybluT2OSmibyX4scnNuJdl1c20QsrGcRD6KwAZS9b0+wvP8K7q0bzAEiCJJ
N3aricB/q1koDnKtrxKYnlXrRojH6SmCkI4SttqUL8f/2LR0RR8xpnrsBKY13LJD
/Bl3K4BH2rDsp9OGLILHclu9Gfp7ggFc/lZEmgBf1TSVKO4o5Ctn7dZ0A/dRuTeC
Z5rUFHgf2w5vsuzfKRVbtgUSz5jDmvafsWQQqGeuIh8LpDM1RaZda4rfxDG/0azA
IT4R/B/JA9Gc7Gu0GG6CUbj3ggN3LI3zCLMCAwEAAaOCAeswggHnMB0GA1UdDgQW
BBT4UTiQqm4EDTH1rXRqoZ+vXNaOwDAfBgNVHSMEGDAWgBT7O+oY90hHa/f8+E/k
O+TtvHx2ATAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS0lTLy16
dnFHUGRJUjJ2M19QaFA1RHZrN2J4OGRnRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
LXp2cUdQZElSMnYzX1BoUDVEdms3Yng4ZGdFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0tJUy8tRkU0a0twdUJBMHg5YTEwYXFHZnIx
eldqc0Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAHnoDAN
BgkqhkiG9w0BAQsFAAOCAQEAD9QYPw1LMAiTQWXQq+mqxQKGdr6bGxbzALt24Tpy
xLHWkHL4uDXcZlvV0I0Bo/ZUdijAllADs97If6qbKhCduZIXH1Shfpjpdk+VdSme
ThY4OtXpkhYHc+hGoxiQ4T3bvfl4JTNf7m5/8XckbnO2JW1j4q5HiW949ZD1+IdG
M6wlxT3mGoQBgD1GFgul4Yn3cTQZIQ8TfsG77sEs9WCldESFKIfdVQzyz+I1MrvN
SjptTYKQZEepz/zOx0mUudvDLN/HTbJJCHr6LMggdg9BLEddoVFOwq+M/WaAWDb3
YOSp04oBTn7mKjBC+aTNSy26JdpuastEZFYCJDwvFXOBwA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:12:44 2025 by rpki-client