Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/l20i1T5zpx6hbfmbOl_GBhoC0bw.roa
File: l20i1T5zpx6hbfmbOl_GBhoC0bw.roa (raw, json)
Hash identifier: CJAMA/KGua8qZnfsSQwCGMmhwLHVm+2nSr4zqA3k2WE=
Subject key identifier: 97:6D:22:D5:3E:73:A7:1E:A1:6D:F9:9B:3A:5F:C6:06:1A:02:D1:BC
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1878
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/l20i1T5zpx6hbfmbOl_GBhoC0bw.roa
Signing time: Mon 10 Feb 2025 14:07:58 +0000
ROA not before: Mon 10 Feb 2025 14:07:58 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 123.204.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6264 (0x1878)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:58 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=976D22D53E73A71EA16DF99B3A5FC6061A02D1BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:13:85:f6:d5:94:9d:ce:01:f6:ea:8a:f8:e1:
fe:f2:66:a1:a7:3b:4e:04:c3:77:3d:ab:c9:c8:52:
75:4f:a8:3d:50:af:cd:73:28:9c:57:29:a4:8e:55:
57:f3:cd:39:e9:d5:a2:37:f7:c9:31:da:c3:fe:47:
73:17:82:ef:90:cf:93:d5:a2:36:42:e3:2a:23:f0:
a8:e7:77:17:7e:0d:17:65:99:be:83:5c:db:0c:3e:
1f:64:82:89:a8:b9:68:5d:1c:5f:9d:82:8c:00:a3:
05:38:4e:25:72:46:23:60:9e:c7:ff:2b:56:7e:cd:
cb:13:d5:23:19:b5:86:92:9c:64:83:09:78:10:63:
fb:7f:ec:38:80:97:00:85:77:a9:63:e4:22:6f:58:
22:4a:93:d4:cf:2d:69:6c:08:66:f7:c4:ad:81:23:
1e:2a:60:09:fb:6c:9b:91:e3:2b:1b:bd:ea:41:8b:
25:ca:4e:f6:c8:dc:74:d9:fd:c7:b5:bd:2c:fa:d5:
e2:f6:f9:ef:7d:cf:36:bf:4e:fe:5d:d7:50:38:68:
d7:62:b6:8b:da:ce:fb:87:d8:19:b1:c6:e7:6a:25:
a9:03:20:34:b3:72:c1:d7:ad:9d:34:11:5d:85:fa:
ff:51:9e:62:cc:9c:c4:02:3a:36:1d:f1:59:eb:7d:
a3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:6D:22:D5:3E:73:A7:1E:A1:6D:F9:9B:3A:5F:C6:06:1A:02:D1:BC
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/l20i1T5zpx6hbfmbOl_GBhoC0bw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
82:73:6a:7f:cb:16:1f:f2:f3:7b:ac:19:1a:c5:b9:65:b4:d3:
8b:85:57:64:19:60:b0:56:60:2a:a4:32:84:29:e0:da:b9:5d:
af:fd:af:0e:e2:3d:ac:a0:bc:3b:cb:e4:e8:98:1b:7f:28:7d:
ee:95:c7:53:8e:55:c2:fe:54:ab:5e:34:29:14:fd:18:14:4a:
4b:e7:6e:c9:8e:57:7c:9b:38:9c:90:0e:49:a7:66:c1:c0:34:
82:d6:92:ef:02:13:7f:76:a4:f1:b3:41:6c:6a:6f:7d:df:7b:
14:b7:d8:3e:55:9b:73:82:6d:6a:ba:0a:7a:8d:70:d9:d9:99:
4d:04:89:79:fb:fe:a3:d5:d0:92:31:7f:fa:ed:65:42:f4:1c:
8e:a6:8f:40:6a:db:ec:8c:e2:cf:9c:79:bf:da:c6:70:01:eb:
54:93:a9:8d:17:f4:0d:60:1a:0f:df:ec:17:b8:83:34:ee:2c:
b3:f9:e3:0e:fd:3c:15:9f:2b:44:d7:9c:c6:30:fe:53:3f:ed:
6e:7c:49:72:3b:4b:38:da:cf:5c:17:7b:61:9b:93:a3:46:b9:
7d:06:4b:cf:ca:68:84:42:81:e4:5f:02:3a:ec:41:dc:0b:14:
c1:ee:32:5f:17:f0:53:a9:c7:7e:8a:5a:0b:32:37:64:31:5d:
2b:ca:b8:45
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICGHgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk3NkQyMkQ1M0U3M0E3
MUVBMTZERjk5QjNBNUZDNjA2MUEwMkQxQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSE4X21ZSdzgH26or44f7yZqGnO04Ew3c9q8nIUnVPqD1Qr81z
KJxXKaSOVVfzzTnp1aI398kx2sP+R3MXgu+Qz5PVojZC4yoj8Kjndxd+DRdlmb6D
XNsMPh9kgomouWhdHF+dgowAowU4TiVyRiNgnsf/K1Z+zcsT1SMZtYaSnGSDCXgQ
Y/t/7DiAlwCFd6lj5CJvWCJKk9TPLWlsCGb3xK2BIx4qYAn7bJuR4ysbvepBiyXK
TvbI3HTZ/ce1vSz61eL2+e99zza/Tv5d11A4aNditovazvuH2BmxxudqJakDIDSz
csHXrZ00EV2F+v9RnmLMnMQCOjYd8VnrfaMlAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUl20i1T5zpx6hbfmbOl/GBhoC0bwwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvbDIwaTFUNXpweDZoYmZtYk9sX0dC
aG9DMGJ3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAXvMMA0G
CSqGSIb3DQEBCwUAA4IBAQCCc2p/yxYf8vN7rBkaxblltNOLhVdkGWCwVmAqpDKE
KeDauV2v/a8O4j2soLw7y+TomBt/KH3ulcdTjlXC/lSrXjQpFP0YFEpL527Jjld8
mzickA5Jp2bBwDSC1pLvAhN/dqTxs0Fsam9933sUt9g+VZtzgm1qugp6jXDZ2ZlN
BIl5+/6j1dCSMX/67WVC9ByOpo9AatvsjOLPnHm/2sZwAetUk6mNF/QNYBoP3+wX
uIM07iyz+eMO/TwVnytE15zGMP5TP+1ufElyO0s42s9cF3thm5OjRrl9BkvPymiE
QoHkXwI67EHcCxTB7jJfF/BTqcd+iloLMjdkMV0ryrhF
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:18:49 2025 by rpki-client