Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/DmcVIRNe6GiZZZVn2nFgnIQ9T4E.roa
File: DmcVIRNe6GiZZZVn2nFgnIQ9T4E.roa (raw, json)
Hash identifier: Mi9q8jMU6PXK5qHVhj1KkAo1lkqnarMjcpsr4D9vJIY=
Subject key identifier: 0E:67:15:21:13:5E:E8:68:99:65:95:67:DA:71:60:9C:84:3D:4F:81
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F6E
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/DmcVIRNe6GiZZZVn2nFgnIQ9T4E.roa
Signing time: Mon 10 Feb 2025 14:08:04 +0000
ROA not before: Mon 10 Feb 2025 14:08:04 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 192.72.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3950 (0xf6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:04 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0E671521135EE86899659567DA71609C843D4F81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c7:f4:60:2c:58:8e:ca:43:a0:70:86:3e:56:
c4:87:d4:89:95:ba:10:68:6b:65:72:7b:06:ab:57:
7b:32:64:5f:d3:9a:96:f6:33:5c:fb:e6:cb:23:f9:
13:a3:a2:ea:ce:1f:e0:9d:6b:14:72:26:8f:8d:a2:
60:fd:26:ff:5a:6e:ea:cd:68:ec:e8:ca:47:2e:be:
63:8e:d4:96:33:2b:b1:3c:72:69:a0:59:7e:80:c4:
78:0b:48:b3:a8:ea:1c:aa:a3:86:92:3d:c7:8b:fc:
f8:78:36:18:35:70:4c:14:f1:f4:a8:fb:a5:2a:6f:
5a:f0:0f:01:44:5d:a3:8e:14:01:28:7d:69:e3:78:
be:16:4c:3b:8d:c6:eb:29:40:8a:51:ff:f2:b1:ac:
20:a9:38:21:46:9d:82:b6:6d:64:6e:f4:8c:8e:6f:
82:16:fd:2d:2c:ce:33:18:8c:d9:cc:97:13:d6:c9:
a0:25:0e:3d:97:15:5a:7f:70:1a:75:2c:1f:c1:5f:
b7:ce:de:f5:65:c4:11:00:62:c9:33:6a:ba:a9:1a:
f2:32:4b:79:2f:92:ba:c2:f3:04:35:76:ed:c7:61:
e7:d2:bc:15:d3:a6:6c:5d:5e:6a:3c:c9:3d:a6:82:
53:d2:31:9d:da:e7:16:d0:6d:01:20:a6:55:d0:3e:
ad:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:67:15:21:13:5E:E8:68:99:65:95:67:DA:71:60:9C:84:3D:4F:81
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/DmcVIRNe6GiZZZVn2nFgnIQ9T4E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.8.0/21
Signature Algorithm: sha256WithRSAEncryption
a7:9c:c6:1d:36:84:42:d8:bc:31:36:ed:12:0f:b4:13:37:c0:
14:fc:b4:a8:d2:54:7b:38:ca:dc:2e:5d:b1:0f:ea:f6:33:09:
32:96:69:13:8c:ac:3d:e3:ad:7a:ba:ec:0b:12:3d:19:1c:87:
4e:1d:cc:40:8f:22:1a:3e:fe:e7:fd:b1:0d:35:f7:04:48:e4:
97:89:bc:d0:5c:af:0e:cd:be:60:03:a6:43:0a:bb:2e:ce:0b:
00:e7:e2:f9:8d:37:07:75:05:6a:bf:6b:7d:ce:42:82:ac:28:
c1:02:19:0c:f1:7b:32:95:8c:16:fe:0e:fd:77:d0:c1:ed:6e:
23:02:33:79:17:79:66:f2:1d:ad:a7:f1:df:0e:22:35:9e:25:
b3:3b:83:37:26:9f:9f:8a:bd:84:59:db:fe:5f:96:e0:8a:db:
8b:0d:93:86:fb:45:f1:62:bb:0d:c8:25:ed:e9:36:de:1b:d3:
5e:36:f4:94:d6:d5:e5:10:d7:f1:c0:1e:0d:45:b4:a7:af:f8:
3e:3a:48:55:4c:f7:67:93:c5:53:fe:0b:6f:c7:e7:0e:2e:bc:
d9:e1:48:80:f5:e9:27:9c:83:12:14:c7:f1:da:ea:38:38:e5:
75:42:60:5c:11:1b:4e:80:2b:3a:df:62:ed:a0:06:32:44:7a:
eb:cc:cf:b5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD24wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBFNjcxNTIxMTM1RUU4
Njg5OTY1OTU2N0RBNzE2MDlDODQzRDRGODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8x/RgLFiOykOgcIY+VsSH1ImVuhBoa2VyewarV3syZF/Tmpb2
M1z75ssj+ROjourOH+CdaxRyJo+NomD9Jv9aburNaOzoykcuvmOO1JYzK7E8cmmg
WX6AxHgLSLOo6hyqo4aSPceL/Ph4Nhg1cEwU8fSo+6Uqb1rwDwFEXaOOFAEofWnj
eL4WTDuNxuspQIpR//KxrCCpOCFGnYK2bWRu9IyOb4IW/S0szjMYjNnMlxPWyaAl
Dj2XFVp/cBp1LB/BX7fO3vVlxBEAYskzarqpGvIyS3kvkrrC8wQ1du3HYefSvBXT
pmxdXmo8yT2mglPSMZ3a5xbQbQEgplXQPq3nAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUDmcVIRNe6GiZZZVn2nFgnIQ9T4EwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvRG1jVklSTmU2R2laWlpWbjJuRmdu
SVE5VDRFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8BICDAN
BgkqhkiG9w0BAQsFAAOCAQEAp5zGHTaEQti8MTbtEg+0EzfAFPy0qNJUezjK3C5d
sQ/q9jMJMpZpE4ysPeOterrsCxI9GRyHTh3MQI8iGj7+5/2xDTX3BEjkl4m80Fyv
Ds2+YAOmQwq7Ls4LAOfi+Y03B3UFar9rfc5CgqwowQIZDPF7MpWMFv4O/XfQwe1u
IwIzeRd5ZvIdrafx3w4iNZ4lszuDNyafn4q9hFnb/l+W4Irbiw2ThvtF8WK7Dcgl
7ek23hvTXjb0lNbV5RDX8cAeDUW0p6/4PjpIVUz3Z5PFU/4Lb8fnDi682eFIgPXp
J5yDEhTH8drqODjldUJgXBEbToArOt9i7aAGMkR668zPtQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:14:10 2025 by rpki-client