Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCCC/MoDbNxQueNrZx2csYvqM3uSJQ3A.roa
File: MoDbNxQueNrZx2csYvqM3uSJQ3A.roa (raw, json)
Hash identifier: yBbKvbcs4DdnFn9ce3ZLOYEJq8dLX3ZdCHpyK5+D3/M=
Subject key identifier: 32:80:DB:37:14:2E:78:DA:D9:C7:67:2C:62:FA:8C:DE:E4:89:43:70
Certificate issuer: /CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Certificate serial: FE
Authority key identifier: 07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/MoDbNxQueNrZx2csYvqM3uSJQ3A.roa
Signing time: Mon 10 Feb 2025 13:45:44 +0000
ROA not before: Mon 10 Feb 2025 13:45:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 150772
IP address blocks: 157.20.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254 (0xfe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Validity
Not Before: Feb 10 13:45:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3280DB37142E78DAD9C7672C62FA8CDEE4894370
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:83:fa:a0:b6:de:e3:36:d0:bd:03:a5:ec:07:
ce:6d:25:0f:79:d0:9d:15:ce:d5:34:96:a9:ac:ff:
24:0b:6d:5c:4e:19:fa:be:2c:5f:a5:23:0d:c3:4e:
56:30:d3:7b:c0:db:cc:e0:f6:5d:1e:0e:06:cd:0b:
21:b8:af:d0:af:f1:a3:04:e0:ab:ce:a3:53:7a:3a:
db:8a:14:b6:60:47:34:2d:23:e2:26:e0:b7:39:03:
ff:a1:6f:f5:8f:60:5d:ec:10:72:4c:b6:d2:b9:32:
70:cd:c4:60:1d:d6:92:8a:9d:10:99:c3:58:55:90:
b5:d8:fe:43:b9:31:9f:af:3e:f7:12:52:5f:7c:31:
27:51:6b:9f:7e:ac:b8:bf:ab:e9:51:a3:82:86:a4:
84:db:10:e0:64:cc:93:2c:f3:4e:48:92:27:a1:9a:
8f:b3:c3:85:46:10:0d:fd:e9:62:0f:23:6d:67:3f:
a7:b0:45:7b:4e:a3:1f:75:3a:a6:dc:d3:12:96:52:
ad:6b:b9:8c:ef:c0:3d:2a:eb:11:bc:42:2e:ca:30:
8b:dc:64:6c:a5:5c:df:e8:aa:29:5e:6a:de:b8:90:
98:fd:c6:71:d1:95:c5:a2:60:0b:bb:f1:ac:3d:70:
c8:07:68:a2:b9:e5:ce:29:6c:a2:14:74:f1:75:ce:
c1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:80:DB:37:14:2E:78:DA:D9:C7:67:2C:62:FA:8C:DE:E4:89:43:70
X509v3 Authority Key Identifier:
keyid:07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/MoDbNxQueNrZx2csYvqM3uSJQ3A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.106.0/24
Signature Algorithm: sha256WithRSAEncryption
49:98:56:19:f7:6b:a4:cb:da:bc:3b:e3:dc:b3:04:e9:b4:88:
32:7a:fd:02:8b:27:f8:3c:ab:e0:95:9b:18:3e:53:c8:36:3d:
3f:ca:eb:58:a2:21:b4:f3:a1:e3:64:43:2e:e1:8e:f3:ab:65:
fa:d6:9b:66:06:94:90:6b:e1:19:b4:c7:b5:14:be:57:8e:89:
85:31:cc:30:e5:3a:ff:aa:a2:ee:8f:0d:c5:db:05:55:c0:6b:
e7:a6:c0:30:cb:01:8a:21:c6:ab:b9:f5:1d:80:39:46:53:11:
c3:69:38:1a:ba:2a:9b:bc:fd:24:c9:1c:97:74:41:2a:ea:47:
19:f7:47:01:f8:3c:ed:cf:28:8f:26:e8:f5:2e:d9:93:64:0c:
39:56:ff:8d:c2:e9:18:97:3f:fe:4c:98:af:9d:b2:c0:36:ee:
69:2e:eb:85:6f:6b:27:41:95:97:0a:48:a6:e5:14:e6:74:86:
9f:34:10:01:6f:3c:bc:a1:99:0e:6b:86:79:e0:c1:73:7a:18:
38:ee:41:a5:1a:31:01:a3:b3:9f:8a:2c:38:18:74:7f:73:3b:
b0:01:a2:26:2b:a3:f8:67:87:b3:7a:eb:91:84:cd:27:c8:9b:
1e:b5:c8:c4:79:9f:33:b8:73:b8:1d:81:22:5a:e8:b6:f9:58:
70:6e:2a:a4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAP4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdF
MzZBM0QyMTlBOEFGQzg0Rjg4QjMwNTUzRTYzOENFNkMyQ0VDRTAeFw0yNTAyMTAx
MzQ1NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMyODBEQjM3MTQyRTc4
REFEOUM3NjcyQzYyRkE4Q0RFRTQ4OTQzNzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSg/qgtt7jNtC9A6XsB85tJQ950J0VztU0lqms/yQLbVxOGfq+
LF+lIw3DTlYw03vA28zg9l0eDgbNCyG4r9Cv8aME4KvOo1N6OtuKFLZgRzQtI+Im
4Lc5A/+hb/WPYF3sEHJMttK5MnDNxGAd1pKKnRCZw1hVkLXY/kO5MZ+vPvcSUl98
MSdRa59+rLi/q+lRo4KGpITbEOBkzJMs805Ikiehmo+zw4VGEA396WIPI21nP6ew
RXtOox91Oqbc0xKWUq1ruYzvwD0q6xG8Qi7KMIvcZGylXN/oqileat64kJj9xnHR
lcWiYAu78aw9cMgHaKK55c4pbKIUdPF1zsHPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMoDbNxQueNrZx2csYvqM3uSJQ3AwHwYDVR0jBBgwFoAUB+NqPSGaivyE+Isw
VT5jjObCzs4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNDQy9C
LU5xUFNHYWl2eUUtSXN3VlQ1ampPYkN6czQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0ItTnFQU0dhaXZ5RS1Jc3dWVDVqak9iQ3pzNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DQ0MvTW9EYk54UXVlTnJaeDJjc1l2cU0z
dVNKUTNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0UajAN
BgkqhkiG9w0BAQsFAAOCAQEASZhWGfdrpMvavDvj3LME6bSIMnr9Aosn+Dyr4JWb
GD5TyDY9P8rrWKIhtPOh42RDLuGO86tl+tabZgaUkGvhGbTHtRS+V46JhTHMMOU6
/6qi7o8NxdsFVcBr56bAMMsBiiHGq7n1HYA5RlMRw2k4Groqm7z9JMkcl3RBKupH
GfdHAfg87c8ojybo9S7Zk2QMOVb/jcLpGJc//kyYr52ywDbuaS7rhW9rJ0GVlwpI
puUU5nSGnzQQAW88vKGZDmuGeeDBc3oYOO5BpRoxAaOzn4osOBh0f3M7sAGiJiuj
+GeHs3rrkYTNJ8ibHrXIxHmfM7hzuB2BIlrotvlYcG4qpA==
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:39:32 2025 by rpki-client