Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/nGGt_1FXjW212J1NlW4LWF04FtM.roa
File: nGGt_1FXjW212J1NlW4LWF04FtM.roa (raw, json)
Hash identifier: JU/uHW0qqtU6y2jTJrIN3YLok0mOFKez9GuKFHuWAL0=
Subject key identifier: 9C:61:AD:FF:51:57:8D:6D:B5:D8:9D:4D:95:6E:0B:58:5D:38:16:D3
Certificate issuer: /CN=8A57D6F0354EA58A149352BF24330D6630702F9B
Certificate serial: D9
Authority key identifier: 8A:57:D6:F0:35:4E:A5:8A:14:93:52:BF:24:33:0D:66:30:70:2F:9B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ilfW8DVOpYoUk1K_JDMNZjBwL5s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/nGGt_1FXjW212J1NlW4LWF04FtM.roa
Signing time: Mon 10 Feb 2025 14:19:45 +0000
ROA not before: Mon 10 Feb 2025 14:19:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131147
IP address blocks: 2401:97e0::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 217 (0xd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8A57D6F0354EA58A149352BF24330D6630702F9B
Validity
Not Before: Feb 10 14:19:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9C61ADFF51578D6DB5D89D4D956E0B585D3816D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bf:e2:d1:9b:8c:d3:d3:7f:dc:d7:17:5d:7c:
0d:5b:0c:f7:c3:43:5d:10:84:1b:96:bc:32:1a:13:
f9:7c:76:cf:80:ae:5c:6b:60:b2:1d:cb:48:f3:c4:
d3:f2:a7:d8:3a:6e:6f:76:de:22:11:4e:cc:fc:3c:
75:63:cf:2c:1e:f1:80:14:9e:32:20:62:17:d4:eb:
11:59:c9:c4:2c:2e:b1:9f:37:f8:43:b0:7b:f0:cb:
68:1f:cc:e4:fd:23:9e:4c:da:52:4a:aa:be:22:a6:
a6:2f:69:92:c4:15:a8:af:87:62:ff:4f:28:8b:cd:
f0:a1:f2:6d:45:99:17:23:41:42:3f:ab:0c:8e:4a:
14:d4:39:b4:08:db:91:0a:25:ee:3d:ed:87:13:64:
5c:33:74:81:dc:c0:c5:cd:32:27:b7:91:a3:38:fc:
08:7b:9f:42:43:7b:fa:2d:5c:8c:d4:0e:2a:6e:e4:
b3:e6:3e:f9:7c:7a:d3:b4:de:20:2a:3e:ec:1c:40:
71:ca:11:a5:75:37:a8:cc:a2:b8:42:fb:15:92:99:
ff:74:ec:ff:a0:48:3b:18:17:b4:2e:f5:bc:1b:ac:
bd:df:88:e9:76:a7:c0:58:61:c9:8b:f0:55:77:cd:
4b:54:12:97:dd:7e:e9:72:4f:9c:c3:e3:2c:04:67:
f0:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:61:AD:FF:51:57:8D:6D:B5:D8:9D:4D:95:6E:0B:58:5D:38:16:D3
X509v3 Authority Key Identifier:
keyid:8A:57:D6:F0:35:4E:A5:8A:14:93:52:BF:24:33:0D:66:30:70:2F:9B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/ilfW8DVOpYoUk1K_JDMNZjBwL5s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ilfW8DVOpYoUk1K_JDMNZjBwL5s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/nGGt_1FXjW212J1NlW4LWF04FtM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:97e0::/48
Signature Algorithm: sha256WithRSAEncryption
50:aa:a9:57:8e:dc:b9:26:ad:3d:aa:fa:29:8d:ab:27:70:3f:
0a:66:97:0a:47:6b:21:23:a7:cd:eb:d7:9b:ea:fe:d4:f5:3a:
28:76:23:0a:5c:fe:06:1c:39:e7:c5:3e:be:d9:15:af:47:61:
55:1c:c5:c3:d4:3e:7d:a3:20:4c:97:cf:9a:40:43:65:f4:ff:
d8:f5:5b:3f:00:17:97:69:62:05:df:dd:77:69:8e:60:0e:0c:
aa:1f:e1:9d:43:72:8f:a6:ad:22:1b:c2:74:3a:e7:95:b4:38:
3d:aa:b3:21:1b:de:73:d9:06:db:ce:3d:40:59:d2:a0:8f:1a:
77:63:d4:60:0c:6c:98:9a:91:d4:af:b6:3a:69:91:d1:5c:b9:
16:e1:a3:00:c7:e2:d0:b2:6c:fd:ac:b8:30:f7:dd:e8:1a:da:
91:9f:08:93:14:c4:0e:7f:d8:e0:ca:d4:53:67:b4:ea:58:d6:
bb:c5:24:26:d5:32:fe:01:a5:b5:35:a3:19:a4:3f:39:50:67:
06:0a:16:9a:42:c8:c9:7f:2c:86:86:04:8c:dc:2f:61:b7:fe:
bf:36:33:21:dd:85:91:21:fa:66:03:4d:b2:47:b8:4c:5f:17:
c5:12:63:4c:57:de:54:10:f6:fa:3c:c8:98:20:7c:55:2e:41:
fd:2c:3d:fd
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICANkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOEE1
N0Q2RjAzNTRFQTU4QTE0OTM1MkJGMjQzMzBENjYzMDcwMkY5QjAeFw0yNTAyMTAx
NDE5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlDNjFBREZGNTE1NzhE
NkRCNUQ4OUQ0RDk1NkUwQjU4NUQzODE2RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFv+LRm4zT03/c1xddfA1bDPfDQ10QhBuWvDIaE/l8ds+Arlxr
YLIdy0jzxNPyp9g6bm923iIRTsz8PHVjzywe8YAUnjIgYhfU6xFZycQsLrGfN/hD
sHvwy2gfzOT9I55M2lJKqr4ipqYvaZLEFaivh2L/TyiLzfCh8m1FmRcjQUI/qwyO
ShTUObQI25EKJe497YcTZFwzdIHcwMXNMie3kaM4/Ah7n0JDe/otXIzUDipu5LPm
Pvl8etO03iAqPuwcQHHKEaV1N6jMorhC+xWSmf907P+gSDsYF7Qu9bwbrL3fiOl2
p8BYYcmL8FV3zUtUEpfdfulyT5zD4ywEZ/CDAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUnGGt/1FXjW212J1NlW4LWF04FtMwHwYDVR0jBBgwFoAUilfW8DVOpYoUk1K/
JDMNZjBwL5swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElSVU4v
aWxmVzhEVk9wWW9VazFLX0pETU5aakJ3TDVzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9pbGZXOERWT3BZb1VrMUtfSkRNTlpqQndMNXMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi9uR0d0XzFGWGpXMjEySjFObFc0
TFdGMDRGdE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAGX
4AAAMA0GCSqGSIb3DQEBCwUAA4IBAQBQqqlXjty5Jq09qvopjasncD8KZpcKR2sh
I6fN69eb6v7U9ToodiMKXP4GHDnnxT6+2RWvR2FVHMXD1D59oyBMl8+aQENl9P/Y
9Vs/ABeXaWIF3913aY5gDgyqH+GdQ3KPpq0iG8J0OueVtDg9qrMhG95z2Qbbzj1A
WdKgjxp3Y9RgDGyYmpHUr7Y6aZHRXLkW4aMAx+LQsmz9rLgw993oGtqRnwiTFMQO
f9jgytRTZ7TqWNa7xSQm1TL+AaW1NaMZpD85UGcGChaaQsjJfyyGhgSM3C9ht/6/
NjMh3YWRIfpmA02yR7hMXxfFEmNMV95UEPb6PMiYIHxVLkH9LD39
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:07:34 2025 by rpki-client