Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/UWE6Y-Z-FmnPUHd0TgMgjUf6HCE.roa
File: UWE6Y-Z-FmnPUHd0TgMgjUf6HCE.roa (raw, json)
Hash identifier: xMB587U8kNzkblGnwvJ4ziMyvQIpLmqwOvNgYFgT6rI=
Subject key identifier: 51:61:3A:63:E6:7E:16:69:CF:50:77:74:4E:03:20:8D:47:FA:1C:21
Certificate issuer: /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial: 0386
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/UWE6Y-Z-FmnPUHd0TgMgjUf6HCE.roa
Signing time: Mon 10 Feb 2025 14:05:05 +0000
ROA not before: Mon 10 Feb 2025 14:05:05 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18428
IP address blocks: 2407:d240::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 902 (0x386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Validity
Not Before: Feb 10 14:05:05 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=51613A63E67E1669CF5077744E03208D47FA1C21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:bf:b7:d3:d6:ac:b6:21:f2:c9:1f:96:a7:83:
a1:f3:84:5f:6c:1d:c9:d7:6c:0f:1d:88:31:7d:bd:
97:e3:2b:1c:24:19:b0:e8:32:0d:b3:e4:d3:45:23:
80:8b:f0:2a:bb:4f:8e:f2:72:c1:79:fa:a6:4b:10:
5f:29:2f:f2:d0:59:a2:9e:3a:01:98:22:c1:66:0a:
88:50:3f:15:be:46:90:ee:5a:ee:5d:fb:0b:87:d8:
8f:a0:4b:fc:67:ef:80:49:da:db:ec:93:a5:a4:ac:
59:78:dc:24:38:e3:5a:a2:d4:0d:d2:f7:52:2f:ec:
c2:10:04:c3:26:f0:9a:9d:17:8a:c1:f6:ed:37:98:
41:e0:cf:1e:ee:4c:6e:ec:19:9f:58:86:c1:13:0f:
77:0b:f1:17:8b:a4:00:18:e4:88:a2:5c:12:09:89:
17:dd:5d:8c:3a:54:6f:f6:cb:2f:8f:a6:48:2c:cb:
e9:b7:33:2d:39:93:ef:77:7e:85:d4:ec:fb:c7:be:
94:b0:13:6d:74:85:e7:50:dd:84:3e:2f:f5:33:af:
73:98:88:36:64:b2:99:5a:27:d7:11:cd:33:f9:ee:
31:34:a0:6b:d9:47:ac:a5:27:3a:0b:6b:14:82:44:
98:a8:0a:7f:8d:87:33:28:20:09:33:da:34:85:f4:
b9:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:61:3A:63:E6:7E:16:69:CF:50:77:74:4E:03:20:8D:47:FA:1C:21
X509v3 Authority Key Identifier:
keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/UWE6Y-Z-FmnPUHd0TgMgjUf6HCE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:d240::/32
Signature Algorithm: sha256WithRSAEncryption
0c:0d:65:bf:08:ab:4f:f7:d8:7c:c8:55:3f:2f:9e:d1:97:87:
9b:8b:75:4a:02:f9:47:29:09:ec:8e:19:88:e7:fd:90:47:82:
ed:ee:3b:95:86:60:8b:0d:b6:4f:ef:28:b1:d6:1b:ad:44:e5:
68:c0:9a:d7:2f:ed:b9:e5:ae:2e:ee:b2:4d:fc:32:db:4b:61:
89:08:b1:46:f2:b0:83:54:d3:25:3b:5c:c1:af:4f:36:01:6e:
44:e9:ef:6c:04:59:74:4a:91:80:2c:d9:2f:cc:77:b8:61:2b:
49:7f:d5:96:bd:8a:c7:ab:1c:bd:c7:0c:fe:57:c5:a2:59:e2:
5a:a1:35:cb:08:d6:16:1c:c2:3b:a9:81:b0:22:03:9c:23:ca:
60:6f:a2:0a:8d:13:6e:3c:2a:27:d6:ac:16:d3:23:50:2b:8e:
c6:1a:c3:67:51:38:dc:d4:6a:af:67:95:9e:8d:0b:4f:84:ec:
f9:54:40:6b:a7:70:fc:25:15:49:c4:19:9f:53:65:b6:36:bf:
75:bf:a7:a5:bd:46:14:f5:e9:6b:bb:24:f1:04:84:f8:8e:ef:
09:14:13:c1:26:73:0d:70:42:96:68:1e:d7:55:c7:cf:ed:df:
4b:3d:6e:72:4c:ac:6d:8a:0e:2b:f3:56:e9:07:3f:3a:2f:b7:
fa:4b:94:b0
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICA4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yNTAyMTAx
NDA1MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUxNjEzQTYzRTY3RTE2
NjlDRjUwNzc3NDRFMDMyMDhENDdGQTFDMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDv7fT1qy2IfLJH5ang6HzhF9sHcnXbA8diDF9vZfjKxwkGbDo
Mg2z5NNFI4CL8Cq7T47ycsF5+qZLEF8pL/LQWaKeOgGYIsFmCohQPxW+RpDuWu5d
+wuH2I+gS/xn74BJ2tvsk6WkrFl43CQ441qi1A3S91Iv7MIQBMMm8JqdF4rB9u03
mEHgzx7uTG7sGZ9YhsETD3cL8ReLpAAY5IiiXBIJiRfdXYw6VG/2yy+Ppkgsy+m3
My05k+93foXU7PvHvpSwE210hedQ3YQ+L/Uzr3OYiDZksplaJ9cRzTP57jE0oGvZ
R6ylJzoLaxSCRJioCn+NhzMoIAkz2jSF9Lm5AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUUWE6Y+Z+FmnPUHd0TgMgjUf6HCEwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC9VV0U2WS1aLUZtblBV
SGQwVGdNZ2pVZjZIQ0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAfSQDANBgkqhkiG9w0BAQsFAAOCAQEADA1lvwirT/fYfMhVPy+e0ZeHm4t1
SgL5RykJ7I4ZiOf9kEeC7e47lYZgiw22T+8osdYbrUTlaMCa1y/tueWuLu6yTfwy
20thiQixRvKwg1TTJTtcwa9PNgFuROnvbARZdEqRgCzZL8x3uGErSX/Vlr2Kx6sc
vccM/lfFolniWqE1ywjWFhzCO6mBsCIDnCPKYG+iCo0TbjwqJ9asFtMjUCuOxhrD
Z1E43NRqr2eVno0LT4Ts+VRAa6dw/CUVScQZn1Nltja/db+npb1GFPXpa7sk8QSE
+I7vCRQTwSZzDXBClmge11XHz+3fSz1uckysbYoOK/NW6Qc/Oi+3+kuUsA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:01:51 2025 by rpki-client