Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/aH-rQYf2vKyN4sdZyDpi73fsu-k.roa
File: aH-rQYf2vKyN4sdZyDpi73fsu-k.roa (raw, json)
Hash identifier: ie8vEQJIJcOLQj7Jk1kq4QIkLtgjVayI+a2+U871AEM=
Subject key identifier: 68:7F:AB:41:87:F6:BC:AC:8D:E2:C7:59:C8:3A:62:EF:77:EC:BB:E9
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 1356
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/aH-rQYf2vKyN4sdZyDpi73fsu-k.roa
Signing time: Mon 10 Feb 2025 14:09:22 +0000
ROA not before: Mon 10 Feb 2025 14:09:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 60.199.235.0/24 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4950 (0x1356)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:09:22 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=687FAB4187F6BCAC8DE2C759C83A62EF77ECBBE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:37:e3:b7:48:b6:b8:d7:eb:f8:ab:a3:a4:ac:
e3:93:56:b3:af:ef:cc:d0:fc:39:dc:09:7a:3c:d1:
5a:67:72:38:cf:c7:f0:a7:bb:53:1a:00:4b:27:80:
f3:91:21:6c:b7:af:56:55:51:ee:df:0a:08:53:39:
6b:c9:e1:d3:cc:4c:8b:a8:ba:8f:ff:38:4c:85:fb:
cf:06:81:2f:17:4f:3c:a3:5f:02:38:fb:ed:03:3d:
73:01:b2:8b:fa:7d:a6:86:a8:c9:3d:70:c8:44:9f:
5b:88:67:de:b9:75:dc:59:4d:1d:ca:54:2f:81:95:
f3:47:e0:2f:06:42:0f:fb:2b:bf:f4:20:70:f1:75:
ea:b7:71:43:48:9e:f2:58:02:1e:10:65:29:26:4a:
3f:66:f1:e2:33:f6:46:c9:cd:70:57:23:45:56:f3:
da:54:de:13:27:59:1f:fb:8a:7d:d1:5a:75:f2:37:
4a:fa:9a:e1:ee:f6:38:d1:d1:d4:08:b2:db:22:d4:
6e:62:b4:0a:9d:ef:c5:17:e2:15:1f:9c:da:2d:77:
97:21:ca:32:d6:f9:98:7c:ce:46:56:68:c8:6b:f7:
36:c1:63:e5:f1:22:70:4b:a1:f5:2f:79:12:7b:fe:
1b:bc:56:d1:93:d1:e8:66:38:a0:51:c8:d8:cc:43:
2f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:7F:AB:41:87:F6:BC:AC:8D:E2:C7:59:C8:3A:62:EF:77:EC:BB:E9
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/aH-rQYf2vKyN4sdZyDpi73fsu-k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.199.235.0/24
Signature Algorithm: sha256WithRSAEncryption
99:31:fc:86:2a:eb:9b:1c:7e:29:ae:61:06:c1:b4:79:3c:be:
55:f7:40:5f:a1:e4:66:7f:ad:c5:e2:1b:79:2d:29:77:98:c6:
a1:41:1a:d7:a0:75:75:68:62:a4:26:6b:12:fc:e8:82:18:55:
42:b6:67:a6:a0:14:85:30:c5:3f:f5:63:86:f6:30:59:0f:0e:
e3:76:d2:2f:4d:96:05:5e:6d:db:e9:73:1a:8c:95:1c:d7:d0:
86:db:a5:bd:4c:46:cb:d7:0f:a2:58:a8:41:50:54:dd:83:6f:
48:0d:4f:ea:d9:3e:b5:0e:3b:fa:83:36:33:26:23:f5:58:49:
6b:82:0b:00:3a:0a:58:29:28:0b:85:aa:f7:75:17:db:b0:3f:
03:ce:59:b0:ab:5c:e0:b6:33:11:48:3d:fb:25:89:ab:67:21:
5e:86:1a:22:d1:d2:b1:14:6e:b2:a5:a1:02:27:90:8f:bd:d7:
90:63:28:4d:c4:7b:a1:a3:7b:b9:52:80:c2:24:5f:62:f8:53:
59:85:be:d3:d9:b9:4a:f7:be:01:a3:a2:a7:9d:47:0b:83:cb:
34:9c:08:28:d4:7f:65:58:15:00:d4:d3:3a:42:33:98:fd:7b:
75:8d:fb:c3:e4:cd:a4:d1:08:48:f7:46:62:d5:f2:1b:d8:1b:
74:a3:a0:9c
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICE1YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA5MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY4N0ZBQjQxODdGNkJD
QUM4REUyQzc1OUM4M0E2MkVGNzdFQ0JCRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHN+O3SLa41+v4q6OkrOOTVrOv78zQ/DncCXo80VpncjjPx/Cn
u1MaAEsngPORIWy3r1ZVUe7fCghTOWvJ4dPMTIuouo//OEyF+88GgS8XTzyjXwI4
++0DPXMBsov6faaGqMk9cMhEn1uIZ965ddxZTR3KVC+BlfNH4C8GQg/7K7/0IHDx
deq3cUNInvJYAh4QZSkmSj9m8eIz9kbJzXBXI0VW89pU3hMnWR/7in3RWnXyN0r6
muHu9jjR0dQIstsi1G5itAqd78UX4hUfnNotd5chyjLW+Zh8zkZWaMhr9zbBY+Xx
InBLofUveRJ7/hu8VtGT0ehmOKBRyNjMQy8HAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUaH+rQYf2vKyN4sdZyDpi73fsu+kwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvYUgtclFZZjJ2S3lONHNk
WnlEcGk3M2ZzdS1rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ADzH6zANBgkqhkiG9w0BAQsFAAOCAQEAmTH8hirrmxx+Ka5hBsG0eTy+VfdAX6Hk
Zn+txeIbeS0pd5jGoUEa16B1dWhipCZrEvzoghhVQrZnpqAUhTDFP/VjhvYwWQ8O
43bSL02WBV5t2+lzGoyVHNfQhtulvUxGy9cPolioQVBU3YNvSA1P6tk+tQ47+oM2
MyYj9VhJa4ILADoKWCkoC4Wq93UX27A/A85ZsKtc4LYzEUg9+yWJq2chXoYaItHS
sRRusqWhAieQj73XkGMoTcR7oaN7uVKAwiRfYvhTWYW+09m5Sve+AaOip51HC4PL
NJwIKNR/ZVgVANTTOkIzmP17dY37w+TNpNEISPdGYtXyG9gbdKOgnA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:58:40 2025 by rpki-client