Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/q0qIjCpOiU3H9Tmv_TbJi6Ir2Is.roa
File: q0qIjCpOiU3H9Tmv_TbJi6Ir2Is.roa (raw, json)
Hash identifier: SXw5gw0ZfN09VCl3VRFxKJIgXxLTAErHrPtXKph/Dvo=
Subject key identifier: AB:4A:88:8C:2A:4E:89:4D:C7:F5:39:AF:FD:36:C9:8B:A2:2B:D8:8B
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 1358
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/q0qIjCpOiU3H9Tmv_TbJi6Ir2Is.roa
Signing time: Mon 10 Feb 2025 14:09:22 +0000
ROA not before: Mon 10 Feb 2025 14:09:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 124.12.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4952 (0x1358)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:09:22 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=AB4A888C2A4E894DC7F539AFFD36C98BA22BD88B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d9:c1:c6:df:f6:34:16:d7:bd:92:3d:7c:32:
73:cc:88:14:a0:b1:58:ec:b9:d8:93:00:d5:65:14:
e3:79:fc:eb:bf:1b:4c:ad:7a:2c:40:7e:87:a4:2f:
28:23:c1:3d:98:93:de:77:53:5d:3a:1f:7e:81:2c:
db:da:a7:b3:28:57:be:25:45:17:4c:a3:ea:63:64:
31:1e:1e:a6:49:96:78:3f:7d:e0:8e:bc:58:71:dd:
51:04:a8:22:14:37:88:05:e0:8c:d6:e6:55:b4:8b:
f4:e5:ad:4f:16:81:39:32:25:4a:8c:12:89:8c:30:
6d:61:55:0b:f7:6a:a3:8d:4c:38:bc:58:cf:cb:bb:
ef:d5:d7:57:84:07:ba:17:91:83:59:0b:38:c0:5d:
bb:e0:e1:95:10:e5:f6:7c:33:1c:ed:df:88:b1:32:
24:d4:5d:2f:39:ca:72:03:fa:14:f8:b5:45:d0:f9:
b6:ab:58:7e:6a:51:4f:cc:51:11:bd:da:17:e5:b2:
24:3e:2c:ea:6a:3e:e5:e5:fa:e7:55:3b:fa:b3:a3:
22:53:8b:7f:dc:ac:ee:fc:b3:d6:fa:54:e7:a6:81:
63:91:58:e5:12:53:8d:d0:86:2a:4e:c5:58:94:7d:
fd:5c:c1:ca:c5:4e:94:c4:b7:b2:e2:4a:a0:f1:78:
e2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:4A:88:8C:2A:4E:89:4D:C7:F5:39:AF:FD:36:C9:8B:A2:2B:D8:8B
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/q0qIjCpOiU3H9Tmv_TbJi6Ir2Is.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.12.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:6c:ed:36:0e:62:f6:4b:92:2c:14:02:83:0c:53:02:e8:50:
b0:c3:a7:8a:59:05:51:1f:0d:b6:14:ea:a4:b3:24:e1:71:67:
b3:27:ae:c5:af:18:87:bc:15:5a:dd:7e:9e:9f:47:64:ed:80:
f3:49:25:f7:a5:91:87:b7:04:fe:9d:2a:a6:56:ac:a5:25:4f:
4c:2b:7a:0d:fe:23:f7:3c:2f:a1:2c:e3:96:1f:2d:e0:6f:67:
f0:e7:c8:5b:10:10:c7:54:fb:b0:7d:38:d7:07:31:e9:9b:eb:
39:07:16:e0:75:de:77:49:a0:02:c6:31:ac:e3:41:75:de:1e:
0c:16:5f:b5:17:70:62:1a:95:2f:57:65:ab:54:31:08:82:03:
55:12:16:32:6b:87:fd:84:7d:b7:c0:03:c4:f4:e6:58:f4:17:
dc:e9:f4:58:bb:a0:ba:05:86:fe:05:49:d4:0e:e2:ba:26:b0:
71:2f:11:24:45:13:ba:f3:73:7f:95:bd:5a:86:fe:13:53:4d:
b9:ba:0e:13:13:86:24:00:56:8a:d7:a0:d2:a4:21:ae:0c:95:
73:7b:fe:35:9d:d9:24:20:6b:73:2e:08:2a:dd:62:16:48:6a:
98:76:2e:e3:6d:91:94:2a:fa:bc:8a:c6:cf:94:40:dd:7a:52:
ac:47:73:88
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICE1gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA5MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFCNEE4ODhDMkE0RTg5
NERDN0Y1MzlBRkZEMzZDOThCQTIyQkQ4OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm2cHG3/Y0Fte9kj18MnPMiBSgsVjsudiTANVlFON5/Ou/G0yt
eixAfoekLygjwT2Yk953U106H36BLNvap7MoV74lRRdMo+pjZDEeHqZJlng/feCO
vFhx3VEEqCIUN4gF4IzW5lW0i/TlrU8WgTkyJUqMEomMMG1hVQv3aqONTDi8WM/L
u+/V11eEB7oXkYNZCzjAXbvg4ZUQ5fZ8Mxzt34ixMiTUXS85ynID+hT4tUXQ+bar
WH5qUU/MURG92hflsiQ+LOpqPuXl+udVO/qzoyJTi3/crO78s9b6VOemgWORWOUS
U43QhipOxViUff1cwcrFTpTEt7LiSqDxeOLfAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUq0qIjCpOiU3H9Tmv/TbJi6Ir2IswHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvcTBxSWpDcE9pVTNIOVRt
dl9UYkppNklyMklzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMD
AHwMMA0GCSqGSIb3DQEBCwUAA4IBAQB6bO02DmL2S5IsFAKDDFMC6FCww6eKWQVR
Hw22FOqksyThcWezJ67FrxiHvBVa3X6en0dk7YDzSSX3pZGHtwT+nSqmVqylJU9M
K3oN/iP3PC+hLOOWHy3gb2fw58hbEBDHVPuwfTjXBzHpm+s5Bxbgdd53SaACxjGs
40F13h4MFl+1F3BiGpUvV2WrVDEIggNVEhYya4f9hH23wAPE9OZY9Bfc6fRYu6C6
BYb+BUnUDuK6JrBxLxEkRRO683N/lb1ahv4TU025ug4TE4YkAFaK16DSpCGuDJVz
e/41ndkkIGtzLggq3WIWSGqYdi7jbZGUKvq8isbPlEDdelKsR3OI
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:57:38 2025 by rpki-client