Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/r3Sfw6n3ODFnoce-1nPkdKbF854.roa
File: r3Sfw6n3ODFnoce-1nPkdKbF854.roa (raw, json)
Hash identifier: RRknGHjJ0++IE6HkD22tUNQdTGOFvfwx1cTOgaI7tfo=
Subject key identifier: AF:74:9F:C3:A9:F7:38:31:67:A1:C7:BE:D6:73:E4:74:A6:C5:F3:9E
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 08E9
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/r3Sfw6n3ODFnoce-1nPkdKbF854.roa
Signing time: Mon 10 Feb 2025 14:10:47 +0000
ROA not before: Mon 10 Feb 2025 14:10:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 103.148.72.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2281 (0x8e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Feb 10 14:10:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=AF749FC3A9F7383167A1C7BED673E474A6C5F39E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b7:6d:98:d7:b3:40:db:04:96:9e:0c:59:0f:
a9:47:dc:6c:5c:33:a5:ad:2c:06:07:a1:15:e7:0a:
4a:f2:fd:a4:8f:35:2d:1d:9a:7a:6e:69:f5:8c:e6:
d3:f4:46:99:7e:92:c0:bf:29:39:a7:8a:9a:66:bc:
c2:51:5c:d4:ec:9c:3e:1c:70:7e:a9:1a:4b:7d:be:
15:e6:22:13:26:e7:82:71:4a:7d:ec:f2:3c:4a:fb:
e0:97:fb:2e:f6:4b:48:17:f0:5e:1a:17:0e:10:a9:
1b:d4:dc:3b:ef:8f:24:1c:57:6c:9d:8c:82:42:a8:
9d:43:ac:47:55:bd:ab:df:d7:f2:0f:5d:8b:b4:46:
be:3d:4c:b7:f7:e7:46:63:f9:45:b2:60:67:12:a7:
96:e3:f9:10:26:b8:16:cf:8d:2e:b8:0b:b6:9c:5a:
5c:95:17:65:80:81:cd:27:ca:6b:8a:a3:ea:eb:7b:
10:74:5e:1d:28:99:0c:10:d1:78:cc:9b:5b:15:ba:
a6:e5:03:fe:06:c0:42:eb:bd:42:35:15:98:4f:25:
74:bd:5a:36:42:8b:e0:1d:a5:01:ca:d1:5f:2a:87:
43:c9:dd:6a:92:09:b4:ca:6e:e0:10:1c:35:5f:2c:
cb:56:f1:82:b0:7a:28:71:7f:00:3f:0f:86:43:fd:
54:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:74:9F:C3:A9:F7:38:31:67:A1:C7:BE:D6:73:E4:74:A6:C5:F3:9E
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/r3Sfw6n3ODFnoce-1nPkdKbF854.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.72.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:89:e2:29:01:6f:9c:5f:83:bd:02:e3:bb:54:ad:1a:11:c8:
f2:a9:34:e2:ef:63:b0:7e:62:b9:5c:56:0d:ca:2e:e0:a0:e8:
67:98:aa:11:82:f4:3c:23:b1:7b:15:2c:a6:ff:52:e1:85:50:
dd:89:e2:22:7b:be:cc:49:43:17:89:75:a6:cd:c7:5a:e8:df:
af:28:20:e4:86:93:5c:fa:7c:22:12:85:a2:a1:2d:67:bf:5f:
ab:06:ad:41:17:1f:78:6c:ae:79:23:75:9a:f8:1a:55:8e:3f:
24:f0:af:ec:65:ae:9d:e8:bc:94:df:c7:29:c7:6d:0f:de:fc:
d4:f2:f8:e0:4a:0e:01:ad:8e:61:d5:b4:28:9e:22:bf:d0:e9:
34:d1:1a:07:88:30:2c:88:1e:9b:05:68:4a:70:6f:bd:90:3d:
90:e4:f1:c4:3e:71:34:3e:c3:1b:aa:b1:e5:68:9b:97:4d:03:
ae:68:f8:80:b8:47:ab:90:ce:22:33:69:83:85:2a:90:57:e7:
09:32:96:70:fb:0f:29:da:73:6a:a2:f0:88:84:56:98:0f:c6:
e4:1b:3e:50:53:32:e2:f0:d7:c4:47:6c:2f:bb:0f:6e:38:11:
e6:de:9a:8d:3d:1d:e7:8a:ea:2f:a2:b6:8a:57:f8:9c:d5:d0:
5d:6d:4b:e5
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yNTAyMTAx
NDEwNDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFGNzQ5RkMzQTlGNzM4
MzE2N0ExQzdCRUQ2NzNFNDc0QTZDNUYzOUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBt22Y17NA2wSWngxZD6lH3GxcM6WtLAYHoRXnCkry/aSPNS0d
mnpuafWM5tP0Rpl+ksC/KTmnippmvMJRXNTsnD4ccH6pGkt9vhXmIhMm54JxSn3s
8jxK++CX+y72S0gX8F4aFw4QqRvU3DvvjyQcV2ydjIJCqJ1DrEdVvavf1/IPXYu0
Rr49TLf350Zj+UWyYGcSp5bj+RAmuBbPjS64C7acWlyVF2WAgc0nymuKo+rrexB0
Xh0omQwQ0XjMm1sVuqblA/4GwELrvUI1FZhPJXS9WjZCi+AdpQHK0V8qh0PJ3WqS
CbTKbuAQHDVfLMtW8YKweihxfwA/D4ZD/VTTAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUr3Sfw6n3ODFnoce+1nPkdKbF854wHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL3IzU2Z3Nm4zT0RGbm9jZS0xblBrZEti
Rjg1NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEgwDQYJ
KoZIhvcNAQELBQADggEBACuJ4ikBb5xfg70C47tUrRoRyPKpNOLvY7B+YrlcVg3K
LuCg6GeYqhGC9DwjsXsVLKb/UuGFUN2J4iJ7vsxJQxeJdabNx1ro368oIOSGk1z6
fCIShaKhLWe/X6sGrUEXH3hsrnkjdZr4GlWOPyTwr+xlrp3ovJTfxynHbQ/e/NTy
+OBKDgGtjmHVtCieIr/Q6TTRGgeIMCyIHpsFaEpwb72QPZDk8cQ+cTQ+wxuqseVo
m5dNA65o+IC4R6uQziIzaYOFKpBX5wkylnD7Dynac2qi8IiEVpgPxuQbPlBTMuLw
18RHbC+7D244Eebemo09HeeK6i+itopX+JzV0F1tS+U=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:21 2025 by rpki-client