Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/Y9oYj49n12Hdk3toPDTQ9XaRsaY.roa
File: Y9oYj49n12Hdk3toPDTQ9XaRsaY.roa (raw, json)
Hash identifier: bcdSkdI+Tu9lltz6meDsQOl6LZn7r6IKbUMY961mnfQ=
Subject key identifier: 63:DA:18:8F:8F:67:D7:61:DD:93:7B:68:3C:34:D0:F5:76:91:B1:A6
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 0F76
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Y9oYj49n12Hdk3toPDTQ9XaRsaY.roa
Signing time: Mon 10 Feb 2025 14:08:06 +0000
ROA not before: Mon 10 Feb 2025 14:08:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 192.72.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3958 (0xf76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Feb 10 14:08:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=63DA188F8F67D761DD937B683C34D0F57691B1A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fa:82:1d:8d:12:1a:fa:fc:ff:53:ae:d1:64:
8e:c9:22:be:22:66:1a:8a:92:91:57:54:d7:e3:84:
41:e0:81:d3:bf:5a:7e:a1:fa:5d:c1:3d:92:9c:c3:
2d:d0:8c:d7:48:eb:f1:d4:ba:c3:38:4a:40:9d:c7:
47:c2:af:4e:56:2d:24:92:06:06:0f:8e:fd:90:fe:
c8:f2:a0:a1:dd:7a:58:80:45:d7:dd:cd:bf:4d:82:
db:8c:0e:27:cf:69:d7:85:d0:0f:50:5f:25:ff:62:
87:54:60:e4:2b:d8:8c:8a:3e:74:a1:ae:a2:9f:79:
bc:9d:88:4b:b2:56:5c:2f:3b:84:a0:11:47:a1:41:
3f:0c:25:9d:78:34:d7:3e:6f:56:50:80:01:3b:19:
6c:ac:bd:8f:3f:d4:82:89:85:6d:da:27:32:49:96:
91:0a:4f:c8:b7:54:ec:38:69:16:4a:e8:bd:54:98:
3e:1d:2f:be:a9:a7:7a:1b:b7:b2:23:9f:04:78:27:
f4:b4:0a:2c:a8:2e:db:28:34:01:4e:b5:05:47:da:
13:7f:57:1a:4b:22:59:dc:01:3c:e7:9c:c2:c7:e1:
d5:53:c1:f2:8f:01:04:d1:2e:e7:d1:14:10:55:9b:
97:a5:5a:d2:98:4e:c5:50:62:7c:13:b7:49:a9:ea:
f6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DA:18:8F:8F:67:D7:61:DD:93:7B:68:3C:34:D0:F5:76:91:B1:A6
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/Y9oYj49n12Hdk3toPDTQ9XaRsaY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.3.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:4f:5e:e9:5a:c3:d5:de:62:7b:1d:83:57:43:4c:6d:d3:dd:
15:f1:64:35:30:75:d7:b2:45:f3:75:7a:0e:4d:da:da:72:32:
ea:a3:81:1f:57:83:ed:01:3d:49:6e:80:5d:13:a4:06:bd:49:
ac:0d:97:cb:1c:a7:61:e4:41:95:be:9e:53:0c:20:25:ec:65:
db:4d:26:b2:88:33:db:6e:ef:68:b1:5b:ac:80:cc:88:2b:0b:
71:c8:4f:f7:31:b3:e2:7a:c7:e4:13:a7:dc:74:24:81:e9:cf:
85:8c:5d:93:d3:5b:93:c9:c6:5f:fa:b3:40:4c:16:3f:f9:96:
66:e8:c4:32:9f:73:77:82:91:37:78:b1:fa:44:63:8b:64:c3:
cd:73:bf:6d:69:85:9f:cc:44:d0:c6:d4:f7:e1:54:1e:51:0b:
07:70:98:2d:60:e8:4c:13:ad:ed:60:d6:40:96:b8:22:9c:bf:
9c:b7:40:74:da:ac:55:86:11:23:54:23:fe:49:63:cf:5b:a7:
2d:d1:96:96:f2:6d:d2:da:a3:5d:d6:80:0b:73:13:18:3f:b2:
d1:5d:01:b0:74:eb:39:86:b0:45:3d:5d:c2:41:44:e9:32:a8:
93:91:8f:2f:c8:b3:86:7e:06:28:ef:b5:11:4d:f7:7c:f3:6e:
11:e4:b2:23
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD3YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTAyMTAx
NDA4MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYzREExODhGOEY2N0Q3
NjFERDkzN0I2ODNDMzREMEY1NzY5MUIxQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5+oIdjRIa+vz/U67RZI7JIr4iZhqKkpFXVNfjhEHggdO/Wn6h
+l3BPZKcwy3QjNdI6/HUusM4SkCdx0fCr05WLSSSBgYPjv2Q/sjyoKHdeliARdfd
zb9NgtuMDifPadeF0A9QXyX/YodUYOQr2IyKPnShrqKfebydiEuyVlwvO4SgEUeh
QT8MJZ14NNc+b1ZQgAE7GWysvY8/1IKJhW3aJzJJlpEKT8i3VOw4aRZK6L1UmD4d
L76pp3obt7IjnwR4J/S0CiyoLtsoNAFOtQVH2hN/VxpLIlncATznnMLH4dVTwfKP
AQTRLufRFBBVm5elWtKYTsVQYnwTt0mp6vZPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUY9oYj49n12Hdk3toPDTQ9XaRsaYwHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvWTlvWWo0OW4xMkhkazN0b1BEVFE5
WGFSc2FZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBIAzAN
BgkqhkiG9w0BAQsFAAOCAQEAPU9e6VrD1d5iex2DV0NMbdPdFfFkNTB117JF83V6
Dk3a2nIy6qOBH1eD7QE9SW6AXROkBr1JrA2XyxynYeRBlb6eUwwgJexl200msogz
227vaLFbrIDMiCsLcchP9zGz4nrH5BOn3HQkgenPhYxdk9Nbk8nGX/qzQEwWP/mW
ZujEMp9zd4KRN3ix+kRji2TDzXO/bWmFn8xE0MbU9+FUHlELB3CYLWDoTBOt7WDW
QJa4Ipy/nLdAdNqsVYYRI1Qj/kljz1unLdGWlvJt0tqjXdaAC3MTGD+y0V0BsHTr
OYawRT1dwkFE6TKok5GPL8izhn4GKO+1EU33fPNuEeSyIw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:18:50 2025 by rpki-client