Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/tO4-sNr9IqsHPH4SOzP_Ueg4OMU.roa
File: tO4-sNr9IqsHPH4SOzP_Ueg4OMU.roa (raw, json)
Hash identifier: sR1ZBXuow8d0CspdOrksj37lqBCJfbM88/5Bukzb/Rw=
Subject key identifier: B4:EE:3E:B0:DA:FD:22:AB:07:3C:7E:12:3B:33:FF:51:E8:38:38:C5
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 12FA
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/tO4-sNr9IqsHPH4SOzP_Ueg4OMU.roa
Signing time: Mon 10 Feb 2025 14:08:57 +0000
ROA not before: Mon 10 Feb 2025 14:08:57 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 210.67.144.0/20 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4858 (0x12fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Feb 10 14:08:57 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B4EE3EB0DAFD22AB073C7E123B33FF51E83838C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:88:2a:60:31:99:49:61:09:e7:8a:d3:29:bc:
6b:e6:64:fa:0f:ec:b4:85:6c:03:f5:ac:43:7a:8a:
bf:cc:1b:66:18:76:2b:b4:9f:8d:59:09:f5:79:17:
89:5a:29:5c:ad:9a:e5:2a:13:18:70:fd:36:a7:d3:
af:db:9c:6b:45:30:da:90:57:2a:42:fa:a9:56:a1:
b6:54:a4:41:cf:f6:89:e7:58:0f:50:7a:20:ec:43:
79:60:e0:dd:87:8f:5c:51:05:f4:4d:96:8a:ce:25:
e2:de:11:4d:56:4e:0f:5f:43:d2:d1:b0:c5:56:e7:
30:17:cd:1d:df:cf:39:f4:59:3f:11:4e:d9:06:1f:
db:f9:24:a2:6d:f0:3b:25:c5:f2:b1:cd:50:d2:5e:
1d:89:d3:0a:3d:2f:e7:df:bd:64:9c:77:b7:ae:7a:
43:9e:ea:43:d8:fb:fd:04:68:95:a3:a4:ec:cc:37:
79:22:ac:1d:c8:11:27:c6:3b:06:ab:0c:2f:60:23:
8d:c1:25:38:c3:09:86:68:58:cb:78:d3:d5:4b:b8:
7e:71:74:d7:8f:c3:09:75:76:6d:cc:ec:af:79:a5:
97:83:8a:52:7a:26:44:b4:3e:fc:9d:1c:a6:25:54:
0f:34:66:90:b7:d4:04:92:eb:e4:96:77:d1:ec:93:
da:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:EE:3E:B0:DA:FD:22:AB:07:3C:7E:12:3B:33:FF:51:E8:38:38:C5
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/tO4-sNr9IqsHPH4SOzP_Ueg4OMU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.67.144.0/20
Signature Algorithm: sha256WithRSAEncryption
66:5b:21:31:8a:ec:8a:4c:bb:fc:b0:a6:84:dd:23:c3:1d:52:
8d:36:86:86:09:7f:35:f9:d2:33:c6:38:9b:9a:51:20:e8:60:
07:1f:48:1f:9b:dc:ec:b5:cf:e8:88:0f:60:f1:1e:3c:b9:e1:
4c:45:f5:ad:51:f2:ab:ce:43:a3:d0:8e:e4:88:47:54:d6:44:
f7:0f:9a:b6:c4:a7:bb:70:23:ff:77:a2:f3:e1:99:b0:37:b4:
de:2a:95:6d:71:73:d9:19:da:28:15:27:85:b2:2e:3d:c5:de:
ae:f8:4b:71:76:d6:ff:b1:8b:2a:b8:06:c4:2b:d8:88:b3:74:
d9:37:12:27:24:08:ae:bf:f1:50:4d:f9:93:8b:ad:5f:31:29:
ad:3b:6d:cd:9d:fa:63:41:05:93:e5:51:66:80:7e:69:0a:8a:
7b:40:29:d9:56:82:4d:8b:47:de:76:e7:fb:23:5c:0a:3b:73:
1c:79:ef:87:c5:02:bc:36:79:24:01:53:59:7b:7b:37:3b:2e:
96:68:7d:d8:56:c6:1b:63:60:69:b3:83:8e:7f:b9:e5:f3:fb:
ed:e4:97:37:00:22:16:b3:37:08:d7:68:54:90:2c:d1:3b:28:
a3:25:13:17:9b:00:41:86:d9:e9:6d:ad:f5:a3:75:21:e5:79:
a2:ad:f7:48
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICEvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yNTAyMTAx
NDA4NTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEI0RUUzRUIwREFGRDIy
QUIwNzNDN0UxMjNCMzNGRjUxRTgzODM4QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCniCpgMZlJYQnnitMpvGvmZPoP7LSFbAP1rEN6ir/MG2YYdiu0
n41ZCfV5F4laKVytmuUqExhw/Tan06/bnGtFMNqQVypC+qlWobZUpEHP9onnWA9Q
eiDsQ3lg4N2Hj1xRBfRNlorOJeLeEU1WTg9fQ9LRsMVW5zAXzR3fzzn0WT8RTtkG
H9v5JKJt8DslxfKxzVDSXh2J0wo9L+ffvWScd7euekOe6kPY+/0EaJWjpOzMN3ki
rB3IESfGOwarDC9gI43BJTjDCYZoWMt409VLuH5xdNePwwl1dm3M7K95pZeDilJ6
JkS0PvydHKYlVA80ZpC31ASS6+SWd9Hsk9rpAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUtO4+sNr9IqsHPH4SOzP/Ueg4OMUwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvdE80LXNOcjlJcXNIUEg0
U096UF9VZWc0T01VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BNJDkDANBgkqhkiG9w0BAQsFAAOCAQEAZlshMYrsiky7/LCmhN0jwx1SjTaGhgl/
NfnSM8Y4m5pRIOhgBx9IH5vc7LXP6IgPYPEePLnhTEX1rVHyq85Do9CO5IhHVNZE
9w+atsSnu3Aj/3ei8+GZsDe03iqVbXFz2RnaKBUnhbIuPcXervhLcXbW/7GLKrgG
xCvYiLN02TcSJyQIrr/xUE35k4utXzEprTttzZ36Y0EFk+VRZoB+aQqKe0Ap2VaC
TYtH3nbn+yNcCjtzHHnvh8UCvDZ5JAFTWXt7Nzsulmh92FbGG2NgabODjn+55fP7
7eSXNwAiFrM3CNdoVJAs0TsooyUTF5sAQYbZ6W2t9aN1IeV5oq33SA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:45:46 2025 by rpki-client