Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/jcqLiwACkZuvNyJJtG5yCz_zzDc.roa
File: jcqLiwACkZuvNyJJtG5yCz_zzDc.roa (raw, json)
Hash identifier: Wph5jfPbYvvS+bavHaWr0rBhqw0+NVloox3C1HlzcX8=
Subject key identifier: 8D:CA:8B:8B:00:02:91:9B:AF:37:22:49:B4:6E:72:0B:3F:F3:CC:37
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 08E8
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/jcqLiwACkZuvNyJJtG5yCz_zzDc.roa
Signing time: Mon 10 Feb 2025 14:10:47 +0000
ROA not before: Mon 10 Feb 2025 14:10:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 2405:cdc0::/32 maxlen: 124
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2280 (0x8e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Feb 10 14:10:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8DCA8B8B0002919BAF372249B46E720B3FF3CC37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:74:06:83:9d:42:3d:78:77:0a:2f:7b:4c:51:
05:9b:90:2b:9a:13:7c:c6:32:9f:34:de:e4:27:ac:
fa:8e:05:82:32:b0:37:30:8f:e1:6e:8c:48:25:75:
95:b6:cb:07:ec:92:99:37:09:c7:26:77:17:14:ee:
3c:79:7e:83:5b:4a:32:cd:e2:44:38:70:6a:fe:84:
bb:b2:44:7d:36:82:e3:5f:33:db:f0:2e:0e:dd:cf:
0b:ff:01:ee:7d:6a:4f:33:2d:ef:be:44:19:fc:d0:
c3:03:15:28:25:20:58:87:5d:a8:93:59:fe:61:1e:
97:87:60:2c:48:2a:12:c3:38:e2:2d:dd:58:e9:34:
0e:43:f5:29:68:43:2a:20:7a:b6:80:66:f4:3b:7f:
07:b1:4c:b2:69:0e:81:3e:83:84:ca:71:36:a9:69:
c8:9a:25:07:08:06:d4:3d:d3:12:a6:de:30:48:c5:
f1:39:be:5a:a9:3c:3e:5d:a8:d0:57:18:a2:e5:f6:
67:6a:23:25:a7:a1:5e:f1:24:3b:5c:e4:77:7e:35:
85:d4:9d:ec:37:bc:0c:a2:6a:1b:d5:80:e0:ec:ed:
70:e5:8f:72:a3:63:09:20:3d:6f:19:91:5c:c8:6f:
29:50:fa:96:de:73:02:b8:1f:e2:a1:05:7d:b0:10:
2d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CA:8B:8B:00:02:91:9B:AF:37:22:49:B4:6E:72:0B:3F:F3:CC:37
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/jcqLiwACkZuvNyJJtG5yCz_zzDc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2405:cdc0::/32
Signature Algorithm: sha256WithRSAEncryption
a6:0d:68:fd:b0:a6:68:9b:85:13:6b:a5:37:02:3d:f0:0e:b8:
a7:54:93:62:8e:44:b4:62:4d:45:23:27:fa:da:28:62:d0:64:
b8:30:01:09:cd:78:86:0a:d3:e5:0b:e5:1b:32:5b:fe:0d:e6:
1a:7e:88:2b:be:d3:cf:aa:91:2e:92:30:40:d2:72:ca:1d:b1:
e4:45:6f:e4:3c:e4:e6:f9:ed:82:b9:5b:74:7f:08:d4:58:64:
95:cc:8a:4d:d6:06:fc:ef:3c:7f:49:f0:46:e2:5b:55:4c:d4:
13:0a:0c:54:8d:63:f2:ca:72:b5:7d:c4:b3:43:c8:f2:a0:fa:
c3:14:e6:f5:96:7f:13:e4:c6:3d:ca:90:48:4d:78:52:54:5d:
0b:9e:85:b6:57:fc:5b:49:31:77:19:c9:68:06:e1:d6:a2:6e:
d0:d5:1c:fd:e5:16:c6:d4:d3:34:2d:c3:16:0b:ab:94:b8:da:
28:73:dc:81:e3:be:90:3e:d3:a4:4f:61:81:41:bb:63:b5:35:
76:6b:87:c1:9e:69:2c:d4:f7:55:a8:a1:aa:5b:3b:47:e3:a9:
9c:f0:be:6d:27:44:ae:a2:c4:cc:4e:5c:ec:ac:40:77:c5:e3:
18:d2:05:94:8d:c2:46:82:b5:75:5a:7d:a0:23:db:e5:ad:ab:
9c:eb:5f:d2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICCOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yNTAyMTAx
NDEwNDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhEQ0E4QjhCMDAwMjkx
OUJBRjM3MjI0OUI0NkU3MjBCM0ZGM0NDMzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+dAaDnUI9eHcKL3tMUQWbkCuaE3zGMp803uQnrPqOBYIysDcw
j+FujEgldZW2ywfskpk3CccmdxcU7jx5foNbSjLN4kQ4cGr+hLuyRH02guNfM9vw
Lg7dzwv/Ae59ak8zLe++RBn80MMDFSglIFiHXaiTWf5hHpeHYCxIKhLDOOIt3Vjp
NA5D9SloQyogeraAZvQ7fwexTLJpDoE+g4TKcTapaciaJQcIBtQ90xKm3jBIxfE5
vlqpPD5dqNBXGKLl9mdqIyWnoV7xJDtc5Hd+NYXUnew3vAyiahvVgODs7XDlj3Kj
YwkgPW8ZkVzIbylQ+pbecwK4H+KhBX2wEC3FAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUjcqLiwACkZuvNyJJtG5yCz/zzDcwHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL2pjcUxpd0FDa1p1dk55Skp0RzV5Q3pf
enpEYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBc3AMA0G
CSqGSIb3DQEBCwUAA4IBAQCmDWj9sKZom4UTa6U3Aj3wDrinVJNijkS0Yk1FIyf6
2ihi0GS4MAEJzXiGCtPlC+UbMlv+DeYafogrvtPPqpEukjBA0nLKHbHkRW/kPOTm
+e2CuVt0fwjUWGSVzIpN1gb87zx/SfBG4ltVTNQTCgxUjWPyynK1fcSzQ8jyoPrD
FOb1ln8T5MY9ypBITXhSVF0LnoW2V/xbSTF3GcloBuHWom7Q1Rz95RbG1NM0LcMW
C6uUuNooc9yB476QPtOkT2GBQbtjtTV2a4fBnmks1PdVqKGqWztH46mc8L5tJ0Su
osTMTlzsrEB3xeMY0gWUjcJGgrV1Wn2gI9vlrauc61/S
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:15 2025 by rpki-client