Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/n98_Y3B0x5Wjr3n__KKI-lnFZZ4.roa
File: n98_Y3B0x5Wjr3n__KKI-lnFZZ4.roa (raw, json)
Hash identifier: PwM4BgK4zQgoBL0KJA6rCEDePW62bFD/SEQ8AtBmnu4=
Subject key identifier: 9F:DF:3F:63:70:74:C7:95:A3:AF:79:FF:FC:A2:88:FA:59:C5:65:9E
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 132F
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/n98_Y3B0x5Wjr3n__KKI-lnFZZ4.roa
Signing time: Mon 10 Feb 2025 14:09:12 +0000
ROA not before: Mon 10 Feb 2025 14:09:12 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 103.224.132.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4911 (0x132f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:09:12 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9FDF3F637074C795A3AF79FFFCA288FA59C5659E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a5:3d:e6:11:b2:dc:de:bd:76:cc:78:4f:a8:
af:4b:11:b0:03:9b:66:3f:7a:c8:14:00:6b:8e:5c:
35:29:13:f7:70:53:39:33:b0:58:bf:23:66:cc:bc:
39:46:b9:f4:da:d9:82:d0:d1:16:76:15:c6:ff:03:
55:52:60:55:34:71:6e:c9:ad:cd:8f:f7:60:00:fb:
ba:0f:f5:ef:b7:9e:0a:78:6f:40:58:5c:18:16:69:
5a:b9:25:d8:05:fc:e5:eb:13:d5:19:19:3a:3a:0b:
25:be:73:56:91:de:9a:63:1d:0a:97:cc:08:ce:8b:
27:90:8f:b1:ba:4c:fa:60:9f:3b:56:9c:fd:d5:de:
22:38:49:d2:f1:37:43:5b:b5:34:d7:eb:db:12:c1:
77:ad:e4:84:b5:f5:3d:1c:cd:de:2b:ba:b2:52:56:
fd:89:01:dc:18:92:d1:d0:14:21:f4:63:38:67:50:
0b:ce:b0:ef:02:67:97:ee:48:0e:bd:fd:7f:ab:4a:
8c:1b:81:eb:20:85:6b:5d:3d:90:eb:d7:85:12:eb:
96:55:2a:bd:e7:a3:2c:1f:e3:0f:3e:11:5e:64:f8:
05:c4:eb:bc:f7:e9:df:f6:dc:5c:6b:69:0b:ab:e5:
e9:f6:f3:b2:14:ca:ab:8c:0c:b0:6e:b4:dd:3b:cd:
8b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:DF:3F:63:70:74:C7:95:A3:AF:79:FF:FC:A2:88:FA:59:C5:65:9E
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/n98_Y3B0x5Wjr3n__KKI-lnFZZ4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.132.0/22
Signature Algorithm: sha256WithRSAEncryption
85:90:c5:0a:57:d1:3e:16:ac:2f:eb:3a:52:0e:a3:8b:96:99:
c7:a6:0d:d6:fc:3f:72:d3:c4:76:41:04:32:5f:f0:ad:ec:5b:
96:e9:fb:06:9c:be:fa:3e:d8:ea:a5:52:fc:14:f2:6b:0b:56:
e2:f1:bd:7e:11:97:f2:3b:af:02:3b:6e:aa:c3:dc:86:c3:f3:
31:fc:6b:79:ca:79:a3:5a:67:27:5e:89:c8:8b:e3:77:78:a7:
ea:5b:8d:97:74:7c:a7:cf:9d:27:3e:03:04:7a:ec:15:40:6c:
4b:3b:39:2b:f6:6d:07:a9:bd:3a:a2:f4:b7:c8:30:b9:20:99:
e5:71:a2:1f:7c:66:76:74:68:0e:e8:fd:89:59:5c:f9:37:df:
e8:4e:52:5a:39:d0:f2:9e:e0:df:01:4f:ff:5c:82:e2:7d:3a:
83:86:9f:17:aa:88:f0:9f:de:eb:ba:db:c5:5f:e8:db:77:e9:
7e:54:d6:0f:e4:d8:ad:58:bf:a0:31:d6:5e:49:99:bf:69:5f:
11:a9:1a:0e:43:00:7b:df:c3:f1:98:f0:b0:cb:e5:d1:28:6c:
a3:5e:00:f1:06:be:c4:61:e1:1b:6b:d9:4a:80:7a:ff:3f:a2:
23:31:af:67:f6:ac:ce:f2:b0:de:34:e4:a2:d0:97:b9:8b:c8:
4c:c9:9a:cf
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEy8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA5MTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlGREYzRjYzNzA3NEM3
OTVBM0FGNzlGRkZDQTI4OEZBNTlDNTY1OUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/pT3mEbLc3r12zHhPqK9LEbADm2Y/esgUAGuOXDUpE/dwUzkz
sFi/I2bMvDlGufTa2YLQ0RZ2Fcb/A1VSYFU0cW7Jrc2P92AA+7oP9e+3ngp4b0BY
XBgWaVq5JdgF/OXrE9UZGTo6CyW+c1aR3ppjHQqXzAjOiyeQj7G6TPpgnztWnP3V
3iI4SdLxN0NbtTTX69sSwXet5IS19T0czd4rurJSVv2JAdwYktHQFCH0YzhnUAvO
sO8CZ5fuSA69/X+rSowbgesghWtdPZDr14US65ZVKr3noywf4w8+EV5k+AXE67z3
6d/23FxraQur5en287IUyquMDLButN07zYvHAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUn98/Y3B0x5Wjr3n//KKI+lnFZZ4wHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvbjk4X1kzQjB4NVdqcjNu
X19LS0ktbG5GWlo0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AmfghDANBgkqhkiG9w0BAQsFAAOCAQEAhZDFClfRPhasL+s6Ug6ji5aZx6YN1vw/
ctPEdkEEMl/wrexblun7Bpy++j7Y6qVS/BTyawtW4vG9fhGX8juvAjtuqsPchsPz
Mfxrecp5o1pnJ16JyIvjd3in6luNl3R8p8+dJz4DBHrsFUBsSzs5K/ZtB6m9OqL0
t8gwuSCZ5XGiH3xmdnRoDuj9iVlc+Tff6E5SWjnQ8p7g3wFP/1yC4n06g4afF6qI
8J/e67rbxV/o23fpflTWD+TYrVi/oDHWXkmZv2lfEakaDkMAe9/D8ZjwsMvl0Shs
o14A8Qa+xGHhG2vZSoB6/z+iIzGvZ/aszvKw3jTkotCXuYvITMmazw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 05:41:16 2025 by rpki-client