Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/FKTrtItqP0qppNjpFSegFGUxp4I.roa
File: FKTrtItqP0qppNjpFSegFGUxp4I.roa (raw, json)
Hash identifier: j0EeaGNmCc67ZsrZzwniL/YsDnqKTXij1dpwaXp+Df4=
Subject key identifier: 14:A4:EB:B4:8B:6A:3F:4A:A9:A4:D8:E9:15:27:A0:14:65:31:A7:82
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 17DF
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/FKTrtItqP0qppNjpFSegFGUxp4I.roa
Signing time: Mon 10 Feb 2025 14:07:21 +0000
ROA not before: Mon 10 Feb 2025 14:07:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 220.229.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6111 (0x17df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=14A4EBB48B6A3F4AA9A4D8E91527A0146531A782
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:99:26:3b:f9:ea:19:ab:90:77:9c:7a:c8:f8:
d5:25:72:54:95:37:2e:28:65:92:7e:b7:c9:9a:98:
bc:67:75:da:90:be:fd:76:43:5d:d7:8f:94:eb:c5:
9b:51:62:78:78:af:c7:c9:32:20:cb:38:c3:d6:74:
ad:1b:41:4b:28:e3:5d:34:3d:59:bd:27:75:ec:47:
26:9c:67:1b:ac:9b:da:de:4f:5b:fe:c7:6f:e3:89:
65:36:bb:a4:f9:e2:f4:88:6b:4f:fd:b2:fe:1c:14:
4c:4a:63:07:f1:8c:98:e2:69:52:7d:1a:c4:35:cd:
76:45:40:64:ad:63:76:46:c8:76:b6:78:89:a4:14:
8e:fd:a5:5e:24:84:7a:4c:45:c6:d9:5d:5f:14:a8:
8c:a8:54:c3:34:5e:fe:ac:9f:02:d4:51:d2:ab:25:
2a:ba:16:ca:5f:93:29:76:af:61:db:87:53:b6:a5:
b3:32:95:40:6b:12:a7:3b:0f:b4:16:85:d6:5c:4d:
19:d7:45:79:f4:08:a9:b8:57:26:38:f7:11:43:7f:
e8:aa:d0:68:13:9d:8f:8c:db:09:35:08:8c:21:35:
10:1e:1c:79:e0:a7:18:bb:94:a3:cf:56:4a:29:87:
2f:ad:3d:f7:0d:cc:83:c4:3e:e6:a5:6d:29:46:15:
63:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:A4:EB:B4:8B:6A:3F:4A:A9:A4:D8:E9:15:27:A0:14:65:31:A7:82
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/FKTrtItqP0qppNjpFSegFGUxp4I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.229.0.0/16
Signature Algorithm: sha256WithRSAEncryption
80:7b:5a:14:1d:64:f7:22:80:67:23:de:86:4c:ae:a6:8e:79:
38:ef:51:a4:21:a0:03:f0:e1:44:c2:b5:87:eb:da:7b:8d:d5:
99:91:d3:28:f5:2a:bd:9d:14:81:46:1d:65:54:25:8b:5a:0d:
07:d9:91:6d:f3:4a:95:c4:84:3d:23:f1:2d:57:91:95:45:52:
3b:a9:28:c1:a3:15:d8:f0:70:2f:90:31:3d:f2:8b:3c:4b:8e:
51:7f:a9:d6:fc:eb:57:fa:af:e8:3f:2a:b3:c2:49:9d:2a:ae:
67:27:d3:be:06:d6:32:dc:3f:16:a9:1a:76:48:e6:1a:c9:c7:
2a:de:7a:90:02:78:32:7f:19:b9:bf:f5:08:68:17:72:0e:ea:
39:f1:69:56:e2:5e:ad:22:33:a6:c6:d2:de:69:43:dd:39:a0:
e0:3c:2c:10:14:40:60:80:ca:2c:60:b5:38:16:b2:9a:af:a2:
ea:82:07:97:3f:9d:c3:3d:35:c4:85:cb:9b:9f:65:34:b4:e5:
04:76:57:6d:dd:57:26:38:de:e0:35:88:29:2c:7a:94:e6:6b:
eb:eb:f2:ce:ec:4e:44:c4:d0:e4:e3:5b:b1:f7:2b:fb:cd:91:
4b:a1:e1:88:90:77:9c:15:95:20:ac:c6:f2:28:b5:21:19:dd:
5e:f2:38:e2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICF98wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDE0QTRFQkI0OEI2QTNG
NEFBOUE0RDhFOTE1MjdBMDE0NjUzMUE3ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLmSY7+eoZq5B3nHrI+NUlclSVNy4oZZJ+t8mamLxnddqQvv12
Q13Xj5TrxZtRYnh4r8fJMiDLOMPWdK0bQUso4100PVm9J3XsRyacZxusm9reT1v+
x2/jiWU2u6T54vSIa0/9sv4cFExKYwfxjJjiaVJ9GsQ1zXZFQGStY3ZGyHa2eImk
FI79pV4khHpMRcbZXV8UqIyoVMM0Xv6snwLUUdKrJSq6Fspfkyl2r2Hbh1O2pbMy
lUBrEqc7D7QWhdZcTRnXRXn0CKm4VyY49xFDf+iq0GgTnY+M2wk1CIwhNRAeHHng
pxi7lKPPVkophy+tPfcNzIPEPualbSlGFWMbAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUFKTrtItqP0qppNjpFSegFGUxp4IwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvRktUcnRJdHFQMHFwcE5qcEZTZWdG
R1V4cDRJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANzlMA0G
CSqGSIb3DQEBCwUAA4IBAQCAe1oUHWT3IoBnI96GTK6mjnk471GkIaAD8OFEwrWH
69p7jdWZkdMo9Sq9nRSBRh1lVCWLWg0H2ZFt80qVxIQ9I/EtV5GVRVI7qSjBoxXY
8HAvkDE98os8S45Rf6nW/OtX+q/oPyqzwkmdKq5nJ9O+BtYy3D8WqRp2SOYayccq
3nqQAngyfxm5v/UIaBdyDuo58WlW4l6tIjOmxtLeaUPdOaDgPCwQFEBggMosYLU4
FrKar6LqggeXP53DPTXEhcubn2U0tOUEdldt3VcmON7gNYgpLHqU5mvr6/LO7E5E
xNDk41ux9yv7zZFLoeGIkHecFZUgrMbyKLUhGd1e8jji
-----END CERTIFICATE-----
Generated at Mon Apr 14 07:14:12 2025 by rpki-client