Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAELW/rzHCWHG0SKkTfaWXYVMMbC96TsQ.roa
File: rzHCWHG0SKkTfaWXYVMMbC96TsQ.roa (raw, json)
Hash identifier: ePWVI1lN1bSC+uP+AhM9XKjKitzl5przDVKy65TDDEA=
Subject key identifier: AF:31:C2:58:71:B4:48:A9:13:7D:A5:97:61:53:0C:6C:2F:7A:4E:C4
Certificate issuer: /CN=AC2A31F0F4BD74E743E22FEA3304D5C3508207BC
Certificate serial: A7
Authority key identifier: AC:2A:31:F0:F4:BD:74:E7:43:E2:2F:EA:33:04:D5:C3:50:82:07:BC
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/rCox8PS9dOdD4i_qMwTVw1CCB7w.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/rzHCWHG0SKkTfaWXYVMMbC96TsQ.roa
Signing time: Mon 10 Feb 2025 14:19:51 +0000
ROA not before: Mon 10 Feb 2025 14:19:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 152610
IP address blocks: 2401:9e60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167 (0xa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=AC2A31F0F4BD74E743E22FEA3304D5C3508207BC
Validity
Not Before: Feb 10 14:19:51 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=AF31C25871B448A9137DA59761530C6C2F7A4EC4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:69:64:6a:d8:21:6a:83:d9:1e:8c:2e:9a:3f:
54:34:b7:84:3d:bd:18:4d:02:cc:32:3b:d7:ca:1b:
d7:92:80:48:aa:fd:f2:0e:b0:98:f7:b9:8a:86:65:
93:9a:b1:df:aa:ed:d6:e6:3e:b2:a3:61:39:26:27:
91:37:b4:fe:3a:4c:21:00:3f:ff:e0:f4:9e:1f:20:
60:85:2b:1f:48:fe:a6:f8:49:06:5a:13:9a:7b:26:
a8:7c:84:c4:45:6e:87:23:a8:df:98:b8:1e:90:12:
d0:d2:23:6c:05:f3:cc:27:61:55:c0:7c:cb:d1:88:
5d:e4:e4:44:71:6f:0d:b5:c0:16:fa:a8:40:ec:86:
f3:be:17:f0:77:20:49:b6:71:6b:23:6e:67:87:b5:
a1:2d:49:3f:20:e8:a1:91:fe:7d:d1:49:35:d0:8c:
59:e3:cc:e1:22:32:0b:a5:f8:fc:d7:14:79:b8:60:
b2:92:1d:3b:49:12:aa:17:94:8c:ad:09:74:a7:1f:
25:5a:06:58:d2:6a:bb:17:08:f7:0e:04:ed:55:be:
39:34:ce:2d:b2:86:31:69:a6:e0:8e:14:ff:37:0c:
a0:86:c2:64:80:06:a4:3e:1f:d6:3a:60:76:72:89:
0c:47:90:6e:b6:40:03:a6:18:b6:54:f3:8a:62:69:
cb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:31:C2:58:71:B4:48:A9:13:7D:A5:97:61:53:0C:6C:2F:7A:4E:C4
X509v3 Authority Key Identifier:
keyid:AC:2A:31:F0:F4:BD:74:E7:43:E2:2F:EA:33:04:D5:C3:50:82:07:BC
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/rCox8PS9dOdD4i_qMwTVw1CCB7w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/rCox8PS9dOdD4i_qMwTVw1CCB7w.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAELW/rzHCWHG0SKkTfaWXYVMMbC96TsQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:9e60::/32
Signature Algorithm: sha256WithRSAEncryption
52:08:43:af:bd:5e:f1:d1:ff:ba:88:23:a4:f0:b7:fa:b2:8d:
1c:4f:d6:4e:df:58:1d:19:b8:76:02:fa:92:d5:ab:2f:8a:72:
df:20:38:ea:aa:9b:5f:81:ab:a3:84:82:bd:0e:36:3f:f1:73:
02:35:6c:d0:25:f5:57:93:d4:cd:0b:64:0d:86:4f:59:7e:0e:
f3:f4:5b:45:57:17:81:de:66:2d:16:d5:6a:1d:7f:f4:02:7b:
44:a4:e5:03:42:20:c6:09:4f:82:f7:dc:99:41:8c:44:0b:57:
d0:88:7b:d4:8f:09:15:85:c5:fa:5f:82:b5:33:be:b3:dc:9e:
92:5f:24:f1:be:e0:6e:50:b1:e8:5e:66:71:0c:de:c8:a7:97:
bc:bb:60:79:8f:f2:99:48:8d:c3:e6:63:25:1e:04:1a:bb:da:
df:e0:0c:56:b1:19:46:41:b0:6b:86:c1:92:76:4e:51:42:21:
d0:ba:d6:01:f3:09:2d:fb:04:cf:e1:1f:ad:5e:dd:1f:fd:2b:
1a:8a:25:d5:f8:e7:f6:b8:44:2e:23:5e:64:62:58:cc:8c:21:
c7:5e:32:dc:52:8e:03:96:72:2f:62:dd:99:f9:ae:9d:70:6f:
d4:85:e8:a8:87:8a:52:31:de:ea:3b:95:51:2f:7c:6f:25:e4:
6d:f9:58:f6
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICAKcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUMy
QTMxRjBGNEJENzRFNzQzRTIyRkVBMzMwNEQ1QzM1MDgyMDdCQzAeFw0yNTAyMTAx
NDE5NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFGMzFDMjU4NzFCNDQ4
QTkxMzdEQTU5NzYxNTMwQzZDMkY3QTRFQzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2aWRq2CFqg9kejC6aP1Q0t4Q9vRhNAswyO9fKG9eSgEiq/fIO
sJj3uYqGZZOasd+q7dbmPrKjYTkmJ5E3tP46TCEAP//g9J4fIGCFKx9I/qb4SQZa
E5p7Jqh8hMRFbocjqN+YuB6QEtDSI2wF88wnYVXAfMvRiF3k5ERxbw21wBb6qEDs
hvO+F/B3IEm2cWsjbmeHtaEtST8g6KGR/n3RSTXQjFnjzOEiMgul+PzXFHm4YLKS
HTtJEqoXlIytCXSnHyVaBljSarsXCPcOBO1Vvjk0zi2yhjFppuCOFP83DKCGwmSA
BqQ+H9Y6YHZyiQxHkG62QAOmGLZU84piacvvAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUrzHCWHG0SKkTfaWXYVMMbC96TsQwHwYDVR0jBBgwFoAUrCox8PS9dOdD4i/q
MwTVw1CCB7wwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FFTFcv
ckNveDhQUzlkT2RENGlfcU13VFZ3MUNDQjd3LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9yQ294OFBTOWRPZEQ0aV9xTXdUVncxQ0NCN3cuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQUVMVy9yekhDV0hHMFNLa1RmYVdYWVZN
TWJDOTZUc1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAGe
YDANBgkqhkiG9w0BAQsFAAOCAQEAUghDr71e8dH/uogjpPC3+rKNHE/WTt9YHRm4
dgL6ktWrL4py3yA46qqbX4Gro4SCvQ42P/FzAjVs0CX1V5PUzQtkDYZPWX4O8/Rb
RVcXgd5mLRbVah1/9AJ7RKTlA0IgxglPgvfcmUGMRAtX0Ih71I8JFYXF+l+CtTO+
s9yekl8k8b7gblCx6F5mcQzeyKeXvLtgeY/ymUiNw+ZjJR4EGrva3+AMVrEZRkGw
a4bBknZOUUIh0LrWAfMJLfsEz+EfrV7dH/0rGool1fjn9rhELiNeZGJYzIwhx14y
3FKOA5ZyL2LdmfmunXBv1IXoqIeKUjHe6juVUS98byXkbflY9g==
-----END CERTIFICATE-----
Generated at Fri Apr 11 12:02:25 2025 by rpki-client