Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/9jPxmPer5StLuwPDCIJ8vBYkYDQ.roa
File: 9jPxmPer5StLuwPDCIJ8vBYkYDQ.roa (raw, json)
Hash identifier: qU3sboCF88MPW9F3hwRQmB431qJ97tav6DeTHQwl5fE=
Subject key identifier: F6:33:F1:98:F7:AB:E5:2B:4B:BB:03:C3:08:82:7C:BC:16:24:60:34
Certificate issuer: /CN=6E398C52CC2A079DA90148210AC85328C11BBE96
Certificate serial: 0A11
Authority key identifier: 6E:39:8C:52:CC:2A:07:9D:A9:01:48:21:0A:C8:53:28:C1:1B:BE:96
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/9jPxmPer5StLuwPDCIJ8vBYkYDQ.roa
Signing time: Mon 10 Feb 2025 14:09:48 +0000
ROA not before: Mon 10 Feb 2025 14:09:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131674
IP address blocks: 103.147.130.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2577 (0xa11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6E398C52CC2A079DA90148210AC85328C11BBE96
Validity
Not Before: Feb 10 14:09:48 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F633F198F7ABE52B4BBB03C308827CBC16246034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:11:9e:2b:da:88:50:d1:ff:b4:ef:7c:c5:9b:
76:72:0e:cb:e4:21:ac:0c:b2:1d:a4:20:34:38:f8:
f5:2d:ba:7e:52:79:ee:e4:87:d7:26:82:88:f4:5a:
61:d9:da:9d:23:21:e1:e5:55:80:15:90:1b:e5:fc:
07:fb:c5:1c:b4:03:9b:d0:53:5e:1a:7e:3c:85:84:
3e:e1:75:26:eb:42:c0:15:a5:72:a8:cc:84:7b:30:
3a:45:57:94:f0:64:31:83:66:f1:d4:bc:10:5c:50:
1d:cc:39:73:c9:48:ed:0a:00:12:14:73:cb:69:a9:
b6:7f:6d:d8:b9:f9:5c:ee:fe:f1:f1:7d:37:72:1e:
23:c6:b9:5d:0a:64:41:c3:a8:75:8d:69:00:33:30:
a5:b1:8f:66:88:67:22:2e:66:bd:c2:14:c8:bc:ce:
60:63:9a:72:0d:ce:ca:23:bb:98:de:66:85:0b:d6:
3f:4a:1a:27:28:58:7e:2c:ae:25:4c:57:3b:49:78:
f4:b7:84:4a:93:36:5f:e8:7a:c5:f3:40:18:0d:01:
66:f6:83:ef:ba:9e:1e:62:9f:b7:1a:47:71:30:94:
9d:7f:2f:fc:da:d4:1b:01:a0:de:1e:07:1d:26:d0:
8b:a7:ac:cb:61:e1:8e:5f:0d:3d:7b:ea:e2:14:c1:
04:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:33:F1:98:F7:AB:E5:2B:4B:BB:03:C3:08:82:7C:BC:16:24:60:34
X509v3 Authority Key Identifier:
keyid:6E:39:8C:52:CC:2A:07:9D:A9:01:48:21:0A:C8:53:28:C1:1B:BE:96
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/bjmMUswqB52pAUghCshTKMEbvpY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/bjmMUswqB52pAUghCshTKMEbvpY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENRICH/9jPxmPer5StLuwPDCIJ8vBYkYDQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.147.130.0/23
Signature Algorithm: sha256WithRSAEncryption
96:46:d9:9b:a5:70:27:47:66:fe:f2:a9:1e:47:41:ef:97:b6:
d0:ce:4a:40:d0:df:82:56:69:44:83:e9:93:63:28:04:e1:65:
e2:e7:40:f1:9c:5b:00:ed:29:72:f7:46:6a:cd:00:5c:01:7f:
95:95:31:58:bb:39:83:a4:27:e9:70:f1:10:94:02:14:3b:13:
e6:f2:f5:d8:34:88:e7:10:0d:10:67:70:c2:78:92:e4:6c:72:
94:ff:02:fd:3f:15:66:79:a8:69:b8:9c:d9:03:24:67:3d:04:
d4:d0:a8:cc:62:f4:04:19:e1:be:1a:ff:c1:b7:9b:62:b4:32:
8f:c8:2f:65:cc:9f:bc:00:31:83:d1:c8:5f:1c:39:76:a2:7a:
e6:d5:f8:a0:d0:8d:21:ce:1f:f8:9b:fb:51:31:b6:09:ba:42:
dc:a1:3c:a2:fd:c7:80:52:8c:b4:9b:f2:92:ff:db:1d:30:5f:
59:57:39:f3:fb:a9:b7:26:40:60:a0:f4:e9:05:03:eb:be:63:
02:dd:38:57:16:c4:c9:fb:7f:24:49:31:d4:82:ed:e0:dd:04:
e8:46:6c:c3:da:6c:71:23:9b:d7:5d:52:db:77:6a:eb:eb:28:
73:42:05:76:6f:b9:fe:6c:87:e2:9c:48:65:76:b7:95:fc:3e:
0c:74:11:fc
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICChEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkUz
OThDNTJDQzJBMDc5REE5MDE0ODIxMEFDODUzMjhDMTFCQkU5NjAeFw0yNTAyMTAx
NDA5NDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY2MzNGMTk4RjdBQkU1
MkI0QkJCMDNDMzA4ODI3Q0JDMTYyNDYwMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMEZ4r2ohQ0f+073zFm3ZyDsvkIawMsh2kIDQ4+PUtun5See7k
h9cmgoj0WmHZ2p0jIeHlVYAVkBvl/Af7xRy0A5vQU14afjyFhD7hdSbrQsAVpXKo
zIR7MDpFV5TwZDGDZvHUvBBcUB3MOXPJSO0KABIUc8tpqbZ/bdi5+Vzu/vHxfTdy
HiPGuV0KZEHDqHWNaQAzMKWxj2aIZyIuZr3CFMi8zmBjmnINzsoju5jeZoUL1j9K
GicoWH4sriVMVztJePS3hEqTNl/oesXzQBgNAWb2g++6nh5in7caR3EwlJ1/L/za
1BsBoN4eBx0m0IunrMth4Y5fDT176uIUwQSTAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU9jPxmPer5StLuwPDCIJ8vBYkYDQwHwYDVR0jBBgwFoAUbjmMUswqB52pAUgh
CshTKMEbvpYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTlJJ
Q0gvYmptTVVzd3FCNTJwQVVnaENzaFRLTUVidnBZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9iam1NVXN3cUI1MnBBVWdoQ3NoVEtNRWJ2cFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9PUEVOUklDSC85alB4bVBlcjVTdEx1
d1BEQ0lKOHZCWWtZRFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ5OCMA0GCSqGSIb3DQEBCwUAA4IBAQCWRtmbpXAnR2b+8qkeR0Hvl7bQzkpA
0N+CVmlEg+mTYygE4WXi50DxnFsA7Sly90ZqzQBcAX+VlTFYuzmDpCfpcPEQlAIU
OxPm8vXYNIjnEA0QZ3DCeJLkbHKU/wL9PxVmeahpuJzZAyRnPQTU0KjMYvQEGeG+
Gv/Bt5titDKPyC9lzJ+8ADGD0chfHDl2onrm1fig0I0hzh/4m/tRMbYJukLcoTyi
/ceAUoy0m/KS/9sdMF9ZVznz+6m3JkBgoPTpBQPrvmMC3ThXFsTJ+38kSTHUgu3g
3QToRmzD2mxxI5vXXVLbd2rr6yhzQgV2b7n+bIfinEhldreV/D4MdBH8
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:54 2025 by rpki-client