Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKIS/XYM4JIqiAPGuEu0BYbNbSoZ8Row.roa
File: XYM4JIqiAPGuEu0BYbNbSoZ8Row.roa (raw, json)
Hash identifier: CQGyuI+/aI84xWm63Uob7cl9XaSpyJ11wTH9yFHWGM8=
Subject key identifier: 5D:83:38:24:8A:A2:00:F1:AE:12:ED:01:61:B3:5B:4A:86:7C:46:8C
Certificate issuer: /CN=6FECAE846F41BCC3B24E1327BA21C23053E11C03
Certificate serial: 09
Authority key identifier: 6F:EC:AE:84:6F:41:BC:C3:B2:4E:13:27:BA:21:C2:30:53:E1:1C:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/b-yuhG9BvMOyThMnuiHCMFPhHAM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/XYM4JIqiAPGuEu0BYbNbSoZ8Row.roa
Signing time: Sat 11 Jan 2025 15:08:13 +0000
ROA not before: Sat 11 Jan 2025 15:08:13 +0000
ROA not after: Fri 09 Jan 2026 15:30:29 +0000
asID: 131645
IP address blocks: 161.248.132.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9 (0x9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6FECAE846F41BCC3B24E1327BA21C23053E11C03
Validity
Not Before: Jan 11 15:08:13 2025 GMT
Not After : Jan 9 15:30:29 2026 GMT
Subject: CN=5D8338248AA200F1AE12ED0161B35B4A867C468C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e4:60:dd:e0:ad:b9:aa:c1:30:83:a7:47:5b:
95:85:dd:64:ec:ca:a9:6d:aa:84:85:a8:b5:f3:b8:
d3:bc:d2:18:a1:76:2b:df:d9:3c:2d:94:92:db:0a:
dd:b8:69:48:95:cf:62:f5:f2:26:e0:ba:0e:72:71:
b3:c9:62:91:73:ae:ef:38:f0:8b:b9:e0:97:c7:a0:
82:b7:a3:17:eb:f8:6f:29:6b:f6:a1:f9:bb:86:60:
08:91:8d:d5:92:01:7a:02:45:d4:ca:f0:e3:b3:ae:
60:3f:26:95:0e:9d:08:46:b7:f5:ee:36:a3:03:d7:
99:c2:b2:4b:4f:d6:07:77:90:c0:9c:a1:82:76:d4:
1a:c8:83:93:c0:e5:a6:bf:d8:c6:ac:08:4a:17:b6:
f1:b4:04:4b:a2:5a:3a:ac:cd:c3:8e:28:3f:87:97:
2f:aa:87:55:f9:e9:99:ab:12:5c:b6:5c:b2:01:e1:
8e:f0:1b:b4:e7:79:4d:a1:40:5c:cd:03:48:9b:83:
3e:38:6b:a1:b0:27:24:35:be:c9:d0:08:f9:61:d1:
22:50:7b:90:40:99:2f:10:bb:91:57:cc:e6:8a:eb:
d3:66:80:21:c8:84:ef:ef:1a:1b:fa:d6:99:6d:41:
2a:a5:6d:d3:31:f9:9e:ac:08:22:dd:89:ae:94:c5:
51:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:83:38:24:8A:A2:00:F1:AE:12:ED:01:61:B3:5B:4A:86:7C:46:8C
X509v3 Authority Key Identifier:
keyid:6F:EC:AE:84:6F:41:BC:C3:B2:4E:13:27:BA:21:C2:30:53:E1:1C:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/b-yuhG9BvMOyThMnuiHCMFPhHAM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/b-yuhG9BvMOyThMnuiHCMFPhHAM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKIS/XYM4JIqiAPGuEu0BYbNbSoZ8Row.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
161.248.132.0/23
Signature Algorithm: sha256WithRSAEncryption
0b:bf:7d:49:6d:90:e7:70:9e:28:9e:87:bb:be:9b:75:aa:f0:
14:77:94:7b:62:75:f3:0a:22:8a:ed:05:bf:f1:a9:77:30:93:
0e:57:eb:fc:9a:a0:30:49:4e:3d:b2:86:52:23:98:8e:b8:da:
82:25:27:c3:7b:97:51:42:32:2e:0e:69:ea:a4:7a:fc:80:83:
ce:b0:32:16:22:c4:de:09:b8:ee:70:46:c0:6d:3a:b9:8f:03:
fd:8d:95:3b:a3:c7:00:87:8c:8e:5f:01:8f:d9:f0:c1:ad:b4:
a0:5f:c5:a9:96:5d:49:49:70:59:bd:de:09:97:bd:56:54:20:
60:3c:22:c3:bf:1e:74:72:f8:0f:6e:ed:0c:b7:98:64:2c:f0:
ce:04:32:42:32:ee:f8:53:cd:60:8c:4e:6c:d2:85:1b:9f:83:
c2:ba:c5:63:b7:96:bc:43:e8:dc:44:bc:d1:34:34:5a:85:c2:
c3:cb:b5:62:72:e3:1b:c2:1e:21:57:10:19:39:7f:6d:39:b6:
0e:c9:09:a5:86:a5:4b:d9:2b:ee:d6:d7:06:45:06:f0:91:5d:
22:dc:d9:76:35:26:15:9d:a3:30:33:a6:56:a1:b1:eb:be:58:
35:fe:92:ea:1c:1a:87:72:0e:20:58:01:e0:e0:b9:dc:f5:f2:
02:60:b3:2f
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2RkVD
QUU4NDZGNDFCQ0MzQjI0RTEzMjdCQTIxQzIzMDUzRTExQzAzMB4XDTI1MDExMTE1
MDgxM1oXDTI2MDEwOTE1MzAyOVowMzExMC8GA1UEAxMoNUQ4MzM4MjQ4QUEyMDBG
MUFFMTJFRDAxNjFCMzVCNEE4NjdDNDY4QzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK7kYN3grbmqwTCDp0dblYXdZOzKqW2qhIWotfO407zSGKF2K9/Z
PC2UktsK3bhpSJXPYvXyJuC6DnJxs8likXOu7zjwi7ngl8eggrejF+v4bylr9qH5
u4ZgCJGN1ZIBegJF1Mrw47OuYD8mlQ6dCEa39e42owPXmcKyS0/WB3eQwJyhgnbU
GsiDk8Dlpr/YxqwIShe28bQES6JaOqzNw44oP4eXL6qHVfnpmasSXLZcsgHhjvAb
tOd5TaFAXM0DSJuDPjhrobAnJDW+ydAI+WHRIlB7kECZLxC7kVfM5orr02aAIciE
7+8aG/rWmW1BKqVt0zH5nqwIIt2JrpTFURECAwEAAaOCAeowggHmMB0GA1UdDgQW
BBRdgzgkiqIA8a4S7QFhs1tKhnxGjDAfBgNVHSMEGDAWgBRv7K6Eb0G8w7JOEye6
IcIwU+EcAzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS0lTL2It
eXVoRzlCdk1PeVRoTW51aUhDTUZQaEhBTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Yi15dWhHOUJ2TU95VGhNbnVpSENNRlBoSEFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0tJUy9YWU00SklxaUFQR3VFdTBCWWJOYlNv
WjhSb3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBofiEMA0G
CSqGSIb3DQEBCwUAA4IBAQALv31JbZDncJ4onoe7vpt1qvAUd5R7YnXzCiKK7QW/
8al3MJMOV+v8mqAwSU49soZSI5iOuNqCJSfDe5dRQjIuDmnqpHr8gIPOsDIWIsTe
CbjucEbAbTq5jwP9jZU7o8cAh4yOXwGP2fDBrbSgX8Wpll1JSXBZvd4Jl71WVCBg
PCLDvx50cvgPbu0Mt5hkLPDOBDJCMu74U81gjE5s0oUbn4PCusVjt5a8Q+jcRLzR
NDRahcLDy7VicuMbwh4hVxAZOX9tObYOyQmlhqVL2Svu1tcGRQbwkV0i3Nl2NSYV
naMwM6ZWobHrvlg1/pLqHBqHcg4gWAHg4Lnc9fICYLMv
-----END CERTIFICATE-----
Generated at Mon Apr 14 16:35:57 2025 by rpki-client