Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/zBaPOvFEyX69wHhXiU68vIBvVSI.roa
File: zBaPOvFEyX69wHhXiU68vIBvVSI.roa (raw, json)
Hash identifier: wmF8OjgMCVX1Nitj8sUWZo+mXZjmXybqe38kuch0u6Q=
Subject key identifier: CC:16:8F:3A:F1:44:C9:7E:BD:C0:78:57:89:4E:BC:BC:80:6F:55:22
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 186C
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/zBaPOvFEyX69wHhXiU68vIBvVSI.roa
Signing time: Mon 10 Feb 2025 14:07:56 +0000
ROA not before: Mon 10 Feb 2025 14:07:56 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 123.205.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6252 (0x186c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Feb 10 14:07:56 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CC168F3AF144C97EBDC07857894EBCBC806F5522
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b5:e5:13:cb:48:fc:8a:56:d6:cf:eb:ac:b5:
5f:63:2a:e5:b3:0e:02:03:89:13:9b:cc:a9:1e:8b:
8c:19:1f:fe:32:4f:b5:51:80:31:76:04:f4:87:4a:
c2:52:e3:6b:fe:b5:05:61:00:45:f7:f4:8f:bc:5c:
df:ee:ba:31:05:79:77:b4:76:82:1c:eb:87:d3:ff:
a8:a2:80:68:4a:2b:ba:c6:4e:40:1f:80:75:b5:fa:
0a:6f:2b:ea:de:ed:49:3a:ee:bb:97:be:cf:8c:b9:
db:aa:ef:ff:83:b7:3b:63:c5:86:ba:43:42:3b:e6:
96:ae:20:c1:c1:d0:41:e5:fd:ba:ae:27:2a:79:0e:
7c:1a:fa:10:38:8c:93:d9:34:4c:5a:8c:91:64:c5:
4f:22:9c:0d:b3:6c:cf:49:33:46:00:1c:54:47:5e:
6e:73:8f:d0:ff:a0:66:13:0b:5d:c2:79:6f:b2:47:
13:17:29:6b:21:d5:a1:59:60:66:c2:a5:6b:24:44:
b4:0f:d0:11:b6:0b:47:75:bb:30:72:4d:d0:f9:89:
3f:10:56:1c:06:0a:c5:08:fa:3a:cd:b1:3f:73:68:
5d:5f:a9:d9:79:af:26:a5:a3:ed:18:d3:df:37:7e:
67:47:df:e3:f8:57:27:d2:9d:b5:91:08:58:9c:f4:
e5:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:16:8F:3A:F1:44:C9:7E:BD:C0:78:57:89:4E:BC:BC:80:6F:55:22
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/zBaPOvFEyX69wHhXiU68vIBvVSI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.205.128.0/17
Signature Algorithm: sha256WithRSAEncryption
4b:b0:37:fe:53:49:b9:01:5d:59:dd:c5:c4:f0:88:6d:6c:e7:
f6:9d:c3:bb:81:d1:3d:be:d4:71:5c:92:8e:e7:ca:91:28:41:
6b:36:8f:82:dc:0d:31:fe:65:18:e6:fa:e1:7c:d3:09:4a:d4:
3d:99:d2:7d:b8:e1:72:de:6f:b5:2e:5f:ac:a5:b1:f6:c2:5e:
2b:25:a6:66:7c:15:e7:0b:22:1f:85:28:c0:5d:1c:51:06:95:
6d:18:a8:c7:29:86:f5:47:c3:21:9f:fa:09:91:5d:26:3b:83:
46:50:45:22:93:77:88:7c:f3:c7:76:80:96:31:ac:d0:b7:56:
40:76:c4:cd:6f:1f:8e:79:2e:4f:ce:2b:f2:e7:8a:a3:92:ab:
40:c5:52:95:58:e7:b1:0d:32:92:d3:7d:85:0e:be:09:73:55:
01:e8:53:97:b4:e4:d8:17:6b:76:14:6f:ef:05:26:c0:6e:70:
eb:56:e7:b9:b3:ef:95:89:3a:78:23:8d:04:f0:ac:51:80:14:
78:dd:eb:ed:53:95:65:0a:42:b3:3d:9a:65:70:c1:8f:1d:38:
72:6d:b0:fb:ae:0a:d2:9a:a0:80:10:ef:db:50:07:b8:3b:97:
42:b2:c7:9d:e8:00:bd:e9:b8:52:c5:5d:a7:b0:78:2f:17:d8:
af:64:2c:45
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGGwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTAyMTAx
NDA3NTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENDMTY4RjNBRjE0NEM5
N0VCREMwNzg1Nzg5NEVCQ0JDODA2RjU1MjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDteUTy0j8ilbWz+ustV9jKuWzDgIDiRObzKkei4wZH/4yT7VR
gDF2BPSHSsJS42v+tQVhAEX39I+8XN/uujEFeXe0doIc64fT/6iigGhKK7rGTkAf
gHW1+gpvK+re7Uk67ruXvs+Muduq7/+DtztjxYa6Q0I75pauIMHB0EHl/bquJyp5
Dnwa+hA4jJPZNExajJFkxU8inA2zbM9JM0YAHFRHXm5zj9D/oGYTC13CeW+yRxMX
KWsh1aFZYGbCpWskRLQP0BG2C0d1uzByTdD5iT8QVhwGCsUI+jrNsT9zaF1fqdl5
ryalo+0Y0983fmdH3+P4VyfSnbWRCFic9OUPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUzBaPOvFEyX69wHhXiU68vIBvVSIwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvekJhUE92RkV5WDY5d0hoWGlVNjh2
SUJ2VlNJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3vNgDAN
BgkqhkiG9w0BAQsFAAOCAQEAS7A3/lNJuQFdWd3FxPCIbWzn9p3Du4HRPb7UcVyS
jufKkShBazaPgtwNMf5lGOb64XzTCUrUPZnSfbjhct5vtS5frKWx9sJeKyWmZnwV
5wsiH4UowF0cUQaVbRioxymG9UfDIZ/6CZFdJjuDRlBFIpN3iHzzx3aAljGs0LdW
QHbEzW8fjnkuT84r8ueKo5KrQMVSlVjnsQ0yktN9hQ6+CXNVAehTl7Tk2BdrdhRv
7wUmwG5w61bnubPvlYk6eCONBPCsUYAUeN3r7VOVZQpCsz2aZXDBjx04cm2w+64K
0pqggBDv21AHuDuXQrLHnegAvem4UsVdp7B4LxfYr2QsRQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:03:58 2025 by rpki-client