Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCCC/cwDG2qnoaRX4766CyWQ-r37eams.roa
File: cwDG2qnoaRX4766CyWQ-r37eams.roa (raw, json)
Hash identifier: U0rXWJNFG7rpbTQS5Nfk3fftmM/gCPJSZ6J3tUnx/cg=
Subject key identifier: 73:00:C6:DA:A9:E8:69:15:F8:EF:AE:82:C9:64:3E:AF:7E:DE:6A:6B
Certificate issuer: /CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Certificate serial: FF
Authority key identifier: 07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/cwDG2qnoaRX4766CyWQ-r37eams.roa
Signing time: Mon 10 Feb 2025 13:45:44 +0000
ROA not before: Mon 10 Feb 2025 13:45:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 150772
IP address blocks: 157.20.106.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 255 (0xff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Validity
Not Before: Feb 10 13:45:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7300C6DAA9E86915F8EFAE82C9643EAF7EDE6A6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:8b:74:2c:b4:70:3e:42:42:ec:38:f1:d9:e5:
79:15:2f:09:14:13:4e:80:a1:c3:01:8b:af:c9:91:
c1:57:fe:3c:7e:0f:cc:ea:ee:f6:90:02:82:8d:d3:
49:f0:ed:d9:73:84:a3:62:58:85:20:c6:30:4c:2e:
c4:6e:d4:0c:2e:3d:b2:6a:f3:24:5e:38:d6:31:e0:
9a:f3:15:f2:75:dc:e2:6b:f4:e4:40:dd:e7:5d:1b:
41:70:27:f0:2c:46:e7:cf:7e:fa:ff:d2:28:01:13:
2e:ac:c1:01:30:8b:53:1c:2a:7f:b4:a5:ff:4f:62:
e8:e2:98:0f:b4:3c:df:cb:4f:7c:d5:7f:68:19:89:
ae:a9:33:b2:55:82:1e:80:20:68:fe:38:dd:73:a3:
f7:04:9f:0e:f9:94:7c:bc:51:e3:16:00:c0:d8:e6:
82:01:59:90:76:76:14:9a:c6:6a:32:29:17:16:22:
8d:41:18:0a:1f:d2:38:60:e0:84:33:0c:e2:7f:0b:
8b:95:e2:27:79:34:81:67:bb:30:35:44:e1:19:8f:
f4:37:e3:5d:f9:6d:80:9b:c4:38:12:da:a6:38:45:
c8:2f:93:4a:fc:ca:2a:46:98:37:e4:f5:b2:4b:43:
48:1b:38:ff:26:98:2e:71:38:2e:9a:9e:db:ed:b3:
a1:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:00:C6:DA:A9:E8:69:15:F8:EF:AE:82:C9:64:3E:AF:7E:DE:6A:6B
X509v3 Authority Key Identifier:
keyid:07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/cwDG2qnoaRX4766CyWQ-r37eams.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.106.0/23
Signature Algorithm: sha256WithRSAEncryption
37:44:e5:c5:d3:02:0c:f0:0c:69:0a:fd:65:8b:0c:91:bd:79:
e3:ce:cb:16:78:cb:b7:9e:ce:1a:22:4d:e2:88:6c:10:e6:64:
ca:4c:c9:8b:3c:b1:03:c2:dd:a2:4e:9d:3a:39:10:c9:81:17:
56:cc:55:79:ee:31:fe:5f:f5:a9:14:52:15:1b:4e:54:d0:f8:
81:0d:df:7d:a9:e5:25:7e:c4:21:2f:fe:b2:e7:29:e3:f8:08:
7a:08:51:45:74:02:22:d4:69:92:d0:84:7d:35:18:48:df:dc:
00:49:7a:9d:c9:b9:5a:47:8e:40:0a:41:f9:28:d5:77:a9:76:
0a:32:0e:3d:39:67:c5:be:26:78:87:28:15:42:71:2d:3a:00:
e2:f2:71:3b:32:dd:0f:af:ae:ec:82:75:e7:a2:8c:c6:cf:56:
1b:ec:70:a8:ec:60:0d:00:ee:19:f9:bb:9f:cc:d0:7a:5f:1c:
d1:0f:12:b5:6f:36:51:e8:7e:96:e8:e3:b0:a7:d9:ba:59:6a:
15:a8:1f:42:76:b2:ea:27:e3:3d:3b:ae:74:ea:e9:f2:91:ee:
05:90:90:13:39:2e:81:58:89:09:b7:30:f5:fc:f5:fd:93:5c:
8b:78:cb:65:3a:41:86:5f:29:bb:5a:6c:07:8c:de:46:5b:39:
ad:95:d6:e0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAP8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdF
MzZBM0QyMTlBOEFGQzg0Rjg4QjMwNTUzRTYzOENFNkMyQ0VDRTAeFw0yNTAyMTAx
MzQ1NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDczMDBDNkRBQTlFODY5
MTVGOEVGQUU4MkM5NjQzRUFGN0VERTZBNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDni3QstHA+QkLsOPHZ5XkVLwkUE06AocMBi6/JkcFX/jx+D8zq
7vaQAoKN00nw7dlzhKNiWIUgxjBMLsRu1AwuPbJq8yReONYx4JrzFfJ13OJr9ORA
3eddG0FwJ/AsRufPfvr/0igBEy6swQEwi1McKn+0pf9PYujimA+0PN/LT3zVf2gZ
ia6pM7JVgh6AIGj+ON1zo/cEnw75lHy8UeMWAMDY5oIBWZB2dhSaxmoyKRcWIo1B
GAof0jhg4IQzDOJ/C4uV4id5NIFnuzA1ROEZj/Q34135bYCbxDgS2qY4Rcgvk0r8
yipGmDfk9bJLQ0gbOP8mmC5xOC6antvts6FPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcwDG2qnoaRX4766CyWQ+r37eamswHwYDVR0jBBgwFoAUB+NqPSGaivyE+Isw
VT5jjObCzs4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNDQy9C
LU5xUFNHYWl2eUUtSXN3VlQ1ampPYkN6czQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0ItTnFQU0dhaXZ5RS1Jc3dWVDVqak9iQ3pzNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DQ0MvY3dERzJxbm9hUlg0NzY2Q3lXUS1y
MzdlYW1zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZ0UajAN
BgkqhkiG9w0BAQsFAAOCAQEAN0TlxdMCDPAMaQr9ZYsMkb15487LFnjLt57OGiJN
4ohsEOZkykzJizyxA8Ldok6dOjkQyYEXVsxVee4x/l/1qRRSFRtOVND4gQ3ffanl
JX7EIS/+sucp4/gIeghRRXQCItRpktCEfTUYSN/cAEl6ncm5WkeOQApB+SjVd6l2
CjIOPTlnxb4meIcoFUJxLToA4vJxOzLdD6+u7IJ156KMxs9WG+xwqOxgDQDuGfm7
n8zQel8c0Q8StW82Ueh+lujjsKfZullqFagfQnay6ifjPTuudOrp8pHuBZCQEzku
gViJCbcw9fz1/ZNci3jLZTpBhl8pu1psB4zeRls5rZXW4A==
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:34:56 2025 by rpki-client