Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCCC/_h8CJPQCXwjK99bsTjBq16w5lks.roa
File: _h8CJPQCXwjK99bsTjBq16w5lks.roa (raw, json)
Hash identifier: o4JeJh0dqVWDBjyEIBFnSnpuvSXC43FvUFJ1gPT5vhA=
Subject key identifier: FE:1F:02:24:F4:02:5F:08:CA:F7:D6:EC:4E:30:6A:D7:AC:39:96:4B
Certificate issuer: /CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Certificate serial: FD
Authority key identifier: 07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/_h8CJPQCXwjK99bsTjBq16w5lks.roa
Signing time: Mon 10 Feb 2025 13:45:44 +0000
ROA not before: Mon 10 Feb 2025 13:45:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 150772
IP address blocks: 157.20.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 253 (0xfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Validity
Not Before: Feb 10 13:45:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=FE1F0224F4025F08CAF7D6EC4E306AD7AC39964B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:e3:5f:d3:af:cc:1c:a3:00:5e:f3:dc:2c:13:
a7:1a:3e:14:a5:f0:e5:0a:0b:90:e8:ae:5c:5f:29:
47:43:17:a9:cf:fe:22:1f:2f:c1:91:17:40:4a:5a:
fc:97:e3:f6:3a:fb:1e:bd:14:1e:f5:5a:89:2d:61:
51:63:61:62:36:26:89:3b:67:1c:6c:fe:64:99:22:
48:e3:7b:6e:84:c5:07:05:5a:e0:aa:89:a1:84:b2:
86:2a:1d:e8:20:9a:cd:d8:06:ca:83:62:94:51:44:
fa:94:b3:54:c7:a1:8d:ec:38:08:ad:c0:fc:e4:aa:
6d:36:7c:6c:a5:58:39:85:d1:f0:08:21:aa:eb:17:
8c:52:a9:a5:f4:f5:a2:2d:54:0d:52:9e:c7:12:dc:
cb:e0:91:8b:5e:d4:85:43:b8:86:65:1e:7f:c0:d0:
e6:31:e2:9e:4b:33:b8:d2:81:12:e6:7b:1b:c7:0f:
b9:5d:42:ef:c8:63:e2:ff:08:fe:72:17:05:99:e9:
0e:ec:45:a0:6b:2b:df:14:b4:e3:20:b5:da:b1:9d:
95:10:ce:f4:71:2a:9a:b2:0b:9c:96:11:e4:c0:b0:
fe:f9:6d:c3:91:18:f3:06:7f:4c:3b:19:11:6c:7d:
dc:00:04:44:46:9d:b0:11:96:11:f7:04:19:d7:28:
e6:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:1F:02:24:F4:02:5F:08:CA:F7:D6:EC:4E:30:6A:D7:AC:39:96:4B
X509v3 Authority Key Identifier:
keyid:07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/_h8CJPQCXwjK99bsTjBq16w5lks.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:b2:66:75:0d:a1:f2:ea:2b:c5:4a:9d:ed:5d:86:03:75:a1:
76:a4:ba:64:5d:29:4e:91:b5:6f:12:65:e1:4a:e7:17:ff:3e:
60:fb:4e:da:ca:d6:96:bf:29:b9:30:47:74:01:57:3b:a2:85:
a7:e8:3c:92:82:8d:cc:b6:99:e6:36:09:da:f6:dc:d7:25:6f:
1b:ee:7d:c6:ec:3e:dc:e0:f0:7c:75:c4:dc:09:88:3d:d4:0b:
45:67:1c:0b:ba:29:2b:58:95:6f:79:2d:f6:a8:34:5e:87:69:
31:86:e9:94:e7:df:ac:dd:d3:74:ef:8b:ba:74:e3:05:3a:c5:
0a:c4:fa:2f:e6:e8:58:f2:9e:60:53:fa:71:70:b3:c2:27:04:
f4:71:29:6e:e1:7d:07:0a:d2:73:ce:6a:2c:a8:6c:92:31:14:
28:c2:11:bc:8b:4c:c6:f8:72:f9:f1:4e:be:b0:a7:6e:e3:4c:
4f:d4:45:8c:fe:d1:77:93:40:f8:4f:d9:9f:18:bc:7f:52:7e:
48:bf:fc:97:54:75:44:95:22:2d:d2:7e:6f:85:32:ab:ab:18:
b3:a0:1d:91:cb:fc:ce:ed:e4:c7:67:b9:d8:bf:b0:1e:c0:a9:
81:8b:a2:8a:9d:f4:ce:19:b7:ad:08:29:2b:16:76:ad:59:d1:
5a:55:d2:f1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAP0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdF
MzZBM0QyMTlBOEFGQzg0Rjg4QjMwNTUzRTYzOENFNkMyQ0VDRTAeFw0yNTAyMTAx
MzQ1NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEZFMUYwMjI0RjQwMjVG
MDhDQUY3RDZFQzRFMzA2QUQ3QUMzOTk2NEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDx41/Tr8wcowBe89wsE6caPhSl8OUKC5DorlxfKUdDF6nP/iIf
L8GRF0BKWvyX4/Y6+x69FB71WoktYVFjYWI2Jok7Zxxs/mSZIkjje26ExQcFWuCq
iaGEsoYqHeggms3YBsqDYpRRRPqUs1THoY3sOAitwPzkqm02fGylWDmF0fAIIarr
F4xSqaX09aItVA1SnscS3MvgkYte1IVDuIZlHn/A0OYx4p5LM7jSgRLmexvHD7ld
Qu/IY+L/CP5yFwWZ6Q7sRaBrK98UtOMgtdqxnZUQzvRxKpqyC5yWEeTAsP75bcOR
GPMGf0w7GRFsfdwABERGnbARlhH3BBnXKOaBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU/h8CJPQCXwjK99bsTjBq16w5lkswHwYDVR0jBBgwFoAUB+NqPSGaivyE+Isw
VT5jjObCzs4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNDQy9C
LU5xUFNHYWl2eUUtSXN3VlQ1ampPYkN6czQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0ItTnFQU0dhaXZ5RS1Jc3dWVDVqak9iQ3pzNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DQ0MvX2g4Q0pQUUNYd2pLOTlic1RqQnEx
Nnc1bGtzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0UazAN
BgkqhkiG9w0BAQsFAAOCAQEAPrJmdQ2h8uorxUqd7V2GA3WhdqS6ZF0pTpG1bxJl
4UrnF/8+YPtO2srWlr8puTBHdAFXO6KFp+g8koKNzLaZ5jYJ2vbc1yVvG+59xuw+
3ODwfHXE3AmIPdQLRWccC7opK1iVb3kt9qg0XodpMYbplOffrN3TdO+LunTjBTrF
CsT6L+boWPKeYFP6cXCzwicE9HEpbuF9BwrSc85qLKhskjEUKMIRvItMxvhy+fFO
vrCnbuNMT9RFjP7Rd5NA+E/Znxi8f1J+SL/8l1R1RJUiLdJ+b4Uyq6sYs6Adkcv8
zu3kx2e52L+wHsCpgYuiip30zhm3rQgpKxZ2rVnRWlXS8Q==
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:44:21 2025 by rpki-client