Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NOT_TFN_CO/z-H2E_TH0q2gzkcFxIBMZ9V7Wu8.roa
File: z-H2E_TH0q2gzkcFxIBMZ9V7Wu8.roa (raw, json)
Hash identifier: kUEhDixYI/i3vdN+mSXb3mi/8wrHM8TPrKE2FwoBz5s=
Subject key identifier: CF:E1:F6:13:F4:C7:D2:AD:A0:CE:47:05:C4:80:4C:67:D5:7B:5A:EF
Certificate issuer: /CN=6A2B1396C142DA6711518875E90C4AEC90B0F5C4
Certificate serial: 02EA
Authority key identifier: 6A:2B:13:96:C1:42:DA:67:11:51:88:75:E9:0C:4A:EC:90:B0:F5:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/aisTlsFC2mcRUYh16QxK7JCw9cQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NOT_TFN_CO/z-H2E_TH0q2gzkcFxIBMZ9V7Wu8.roa
Signing time: Mon 10 Feb 2025 14:01:45 +0000
ROA not before: Mon 10 Feb 2025 14:01:45 +0000
ROA not after: Tue 23 Sep 2025 15:30:20 +0000
asID: 152179
IP address blocks: 160.187.100.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 746 (0x2ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6A2B1396C142DA6711518875E90C4AEC90B0F5C4
Validity
Not Before: Feb 10 14:01:45 2025 GMT
Not After : Sep 23 15:30:20 2025 GMT
Subject: CN=CFE1F613F4C7D2ADA0CE4705C4804C67D57B5AEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d4:aa:a9:eb:58:7b:9d:86:03:8c:a8:d8:f4:
4e:93:50:31:5e:b6:c1:f8:35:97:a4:be:39:b8:40:
7e:db:3b:6d:5f:7a:5d:e2:bb:b9:b1:25:74:99:2e:
17:95:f3:eb:cd:28:1f:b4:e1:b3:30:65:6b:56:ab:
cf:4f:e5:1c:54:55:d8:e9:af:63:a9:b1:f1:b6:bf:
81:d8:75:ee:7c:93:5b:da:ab:fd:91:52:fa:c5:3c:
96:ee:5f:f8:2a:2c:9d:b1:68:12:f2:77:ce:5f:83:
00:cf:dd:96:bf:fa:ee:e3:d3:11:2f:6d:d7:eb:21:
b3:28:1e:87:c5:e1:e2:76:91:b1:e4:4a:ca:1f:29:
c3:d9:d4:b8:a6:4d:3d:ee:42:c3:13:f3:b6:42:6e:
68:2f:7b:e8:d9:3f:18:e1:c5:95:3e:1a:19:92:43:
b0:a6:67:f3:db:ea:7a:06:0c:9e:42:ca:07:9c:cb:
e2:82:90:1c:ee:b2:9c:4c:74:2b:8f:57:cb:25:1d:
fc:66:97:35:87:7d:53:c0:fc:4d:16:c3:53:c4:f5:
11:2c:d5:6d:9a:79:46:a9:9f:44:87:fe:98:95:7d:
d2:a5:9c:23:9a:61:aa:f6:6d:f2:72:83:f2:eb:30:
79:e0:8d:4f:56:45:91:3c:08:5c:1d:ce:54:0c:06:
cd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:E1:F6:13:F4:C7:D2:AD:A0:CE:47:05:C4:80:4C:67:D5:7B:5A:EF
X509v3 Authority Key Identifier:
keyid:6A:2B:13:96:C1:42:DA:67:11:51:88:75:E9:0C:4A:EC:90:B0:F5:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NOT_TFN_CO/aisTlsFC2mcRUYh16QxK7JCw9cQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/aisTlsFC2mcRUYh16QxK7JCw9cQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NOT_TFN_CO/z-H2E_TH0q2gzkcFxIBMZ9V7Wu8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
160.187.100.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:42:15:04:b0:1a:b7:42:34:df:35:b8:cc:69:de:3f:0e:8c:
99:a7:ff:e2:41:b6:a1:99:d8:52:76:65:7a:ee:d5:3e:b3:f7:
b5:97:ea:79:ff:c8:56:47:0f:7e:56:c5:f3:05:91:91:4f:56:
8c:55:fa:0b:c2:04:77:a5:a1:5f:4d:99:0d:37:72:ff:52:ac:
17:35:34:85:3f:ff:52:94:a3:68:8f:e7:64:75:02:79:2e:7d:
af:91:68:07:e5:5d:f5:79:52:c5:fb:42:5c:e2:d9:50:5e:dc:
76:d1:f6:86:3d:d9:c9:f7:7e:7c:0b:29:bd:69:97:09:b8:da:
89:9e:4c:af:ba:98:f0:e6:5d:e8:84:5b:48:b2:9a:e3:00:35:
f2:92:af:d0:c5:ac:70:01:29:cf:e1:3b:6c:96:12:30:4c:2b:
db:29:c3:2a:ef:5c:c8:6f:fc:15:ad:48:c7:4a:b4:52:c9:ce:
ed:8c:a8:04:f6:2f:5d:c4:ed:06:a2:aa:20:79:6b:32:d3:43:
7e:f8:8f:5f:ed:3b:60:d0:f0:e3:12:0e:13:8e:11:f8:86:d7:
5f:7c:67:6e:d2:d7:26:17:2d:bf:8f:09:5f:9f:bb:9a:ee:f1:
fe:8e:0f:70:ee:ca:bb:71:d8:11:13:a8:43:ec:ca:0b:b2:a5:
2c:9c:35:ef
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkEy
QjEzOTZDMTQyREE2NzExNTE4ODc1RTkwQzRBRUM5MEIwRjVDNDAeFw0yNTAyMTAx
NDAxNDVaFw0yNTA5MjMxNTMwMjBaMDMxMTAvBgNVBAMTKENGRTFGNjEzRjRDN0Qy
QURBMENFNDcwNUM0ODA0QzY3RDU3QjVBRUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+1Kqp61h7nYYDjKjY9E6TUDFetsH4NZekvjm4QH7bO21fel3i
u7mxJXSZLheV8+vNKB+04bMwZWtWq89P5RxUVdjpr2OpsfG2v4HYde58k1vaq/2R
UvrFPJbuX/gqLJ2xaBLyd85fgwDP3Za/+u7j0xEvbdfrIbMoHofF4eJ2kbHkSsof
KcPZ1LimTT3uQsMT87ZCbmgve+jZPxjhxZU+GhmSQ7CmZ/Pb6noGDJ5Cygecy+KC
kBzuspxMdCuPV8slHfxmlzWHfVPA/E0Ww1PE9REs1W2aeUapn0SH/piVfdKlnCOa
Yar2bfJyg/LrMHngjU9WRZE8CFwdzlQMBs0fAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUz+H2E/TH0q2gzkcFxIBMZ9V7Wu8wHwYDVR0jBBgwFoAUaisTlsFC2mcRUYh1
6QxK7JCw9cQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTk9UX1RG
Tl9DTy9haXNUbHNGQzJtY1JVWWgxNlF4SzdKQ3c5Y1EuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL2Fpc1Rsc0ZDMm1jUlVZaDE2UXhLN0pDdzljUS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL05PVF9URk5fQ08vei1IMkVfVEgw
cTJnemtjRnhJQk1aOVY3V3U4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAaC7ZDANBgkqhkiG9w0BAQsFAAOCAQEAHkIVBLAat0I03zW4zGnePw6M
maf/4kG2oZnYUnZleu7VPrP3tZfqef/IVkcPflbF8wWRkU9WjFX6C8IEd6WhX02Z
DTdy/1KsFzU0hT//UpSjaI/nZHUCeS59r5FoB+Vd9XlSxftCXOLZUF7cdtH2hj3Z
yfd+fAspvWmXCbjaiZ5Mr7qY8OZd6IRbSLKa4wA18pKv0MWscAEpz+E7bJYSMEwr
2ynDKu9cyG/8Fa1Ix0q0UsnO7YyoBPYvXcTtBqKqIHlrMtNDfviPX+07YNDw4xIO
E44R+IbXX3xnbtLXJhctv48JX5+7mu7x/o4PcO7Ku3HYEROoQ+zKC7KlLJw17w==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:11 2025 by rpki-client