Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/2nTTSCm2fpjBJGudHl8IJW3HcJM.roa
File: 2nTTSCm2fpjBJGudHl8IJW3HcJM.roa (raw, json)
Hash identifier: 5pYK8M8BiQ0nMhl8APevik7u6634ukqlOBC0h6GRe8k=
Subject key identifier: DA:74:D3:48:29:B6:7E:98:C1:24:6B:9D:1E:5F:08:25:6D:C7:70:93
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F65
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2nTTSCm2fpjBJGudHl8IJW3HcJM.roa
Signing time: Mon 10 Feb 2025 14:08:02 +0000
ROA not before: Mon 10 Feb 2025 14:08:02 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 192.72.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3941 (0xf65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:02 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DA74D34829B67E98C1246B9D1E5F08256DC77093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:68:df:d9:a1:48:6f:ed:7d:b9:1e:64:6c:47:
f9:c4:60:cc:83:6b:1d:20:26:ff:8b:d2:80:bb:f6:
ee:c3:c6:06:1a:18:38:80:af:50:63:4d:61:ea:48:
14:c1:1a:c3:39:dd:4d:30:88:01:a8:7c:be:b4:b0:
3d:b2:a1:6b:ab:f9:c4:43:c0:60:f6:65:da:bf:b0:
48:78:49:c6:ac:6a:c6:81:67:eb:22:49:b3:54:c7:
54:90:ea:5d:72:4f:77:0d:ba:26:18:ec:b4:90:4d:
a3:b3:34:fb:e4:4a:e1:ba:e9:71:9a:9a:d3:ae:66:
11:81:8e:5b:7d:0f:ec:6f:a0:9f:90:2d:2f:50:5a:
80:cf:10:fe:39:60:72:f9:e5:75:d9:2e:71:13:a3:
d2:40:f6:9c:99:b2:0c:f0:76:5f:0d:55:f8:0a:f0:
77:83:6c:86:a0:55:43:aa:94:ac:75:8e:af:94:8d:
bb:02:8b:8b:02:61:d2:e4:79:59:52:ba:4b:3d:51:
4f:f6:78:e9:fd:8c:ae:9c:48:96:5e:67:fe:93:83:
09:16:62:a2:f2:54:5a:1a:a3:1c:3c:10:98:ef:3a:
5e:7a:fa:ef:27:6d:22:c2:ee:58:ff:6a:a0:3a:5e:
90:91:06:87:5b:0b:ca:68:5d:b1:0c:e0:a0:5b:38:
4f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:74:D3:48:29:B6:7E:98:C1:24:6B:9D:1E:5F:08:25:6D:C7:70:93
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/2nTTSCm2fpjBJGudHl8IJW3HcJM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.240.0/21
Signature Algorithm: sha256WithRSAEncryption
67:1b:41:58:68:0a:07:86:e7:f7:33:2f:02:34:18:14:f1:fa:
d5:01:01:2b:a4:52:eb:10:1d:58:75:55:69:8a:e8:81:47:16:
59:51:b8:51:a8:d7:2c:22:0a:32:58:b6:cc:2c:7f:43:df:22:
55:cb:be:fa:33:fc:3e:f6:5d:fc:78:89:4f:a7:ba:f6:ce:f5:
17:8d:dc:7f:0e:30:aa:c6:34:c7:58:b0:e7:86:ac:70:04:f4:
9f:d5:2e:f5:03:04:38:0d:b7:c4:65:fd:67:17:26:c6:c5:08:
ea:ad:9f:1e:03:01:7b:26:ea:3f:fc:cf:93:1c:9b:64:16:ff:
63:3e:d7:e2:18:47:79:09:1d:ec:00:14:a7:1a:c7:d0:7f:35:
30:ba:19:51:00:c4:fc:ba:74:03:bc:2c:52:e5:36:f1:46:97:
f7:43:d6:cd:c4:86:78:55:a0:a0:bd:e2:5a:ae:18:09:d3:fc:
07:53:a5:68:13:d2:32:53:22:c9:2f:ba:d1:31:26:29:33:32:
6c:5b:c1:ea:3f:06:aa:f6:cb:7d:59:0f:7a:83:ee:e1:2d:b3:
6d:f7:32:fc:e1:c4:2f:a9:6c:27:da:c1:f0:cb:ea:71:45:c7:
2a:50:d7:f1:75:5f:ca:1c:12:ef:b0:ad:6a:82:a4:5b:1b:ac:
14:2b:cd:94
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERBNzREMzQ4MjlCNjdF
OThDMTI0NkI5RDFFNUYwODI1NkRDNzcwOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3aN/ZoUhv7X25HmRsR/nEYMyDax0gJv+L0oC79u7DxgYaGDiA
r1BjTWHqSBTBGsM53U0wiAGofL60sD2yoWur+cRDwGD2Zdq/sEh4ScasasaBZ+si
SbNUx1SQ6l1yT3cNuiYY7LSQTaOzNPvkSuG66XGamtOuZhGBjlt9D+xvoJ+QLS9Q
WoDPEP45YHL55XXZLnETo9JA9pyZsgzwdl8NVfgK8HeDbIagVUOqlKx1jq+UjbsC
i4sCYdLkeVlSuks9UU/2eOn9jK6cSJZeZ/6TgwkWYqLyVFoaoxw8EJjvOl56+u8n
bSLC7lj/aqA6XpCRBodbC8poXbEM4KBbOE/NAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2nTTSCm2fpjBJGudHl8IJW3HcJMwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvMm5UVFNDbTJmcGpCSkd1ZEhsOElK
VzNIY0pNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BI8DAN
BgkqhkiG9w0BAQsFAAOCAQEAZxtBWGgKB4bn9zMvAjQYFPH61QEBK6RS6xAdWHVV
aYrogUcWWVG4UajXLCIKMli2zCx/Q98iVcu++jP8PvZd/HiJT6e69s71F43cfw4w
qsY0x1iw54ascAT0n9Uu9QMEOA23xGX9ZxcmxsUI6q2fHgMBeybqP/zPkxybZBb/
Yz7X4hhHeQkd7AAUpxrH0H81MLoZUQDE/Lp0A7wsUuU28UaX90PWzcSGeFWgoL3i
Wq4YCdP8B1OlaBPSMlMiyS+60TEmKTMybFvB6j8GqvbLfVkPeoPu4S2zbfcy/OHE
L6lsJ9rB8MvqcUXHKlDX8XVfyhwS77CtaoKkWxusFCvNlA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:09:03 2025 by rpki-client