Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/gBzDl18qgCUPWy1aNoxtbpGDTcc.roa
File: gBzDl18qgCUPWy1aNoxtbpGDTcc.roa (raw, json)
Hash identifier: b30QgV/oPmiMrVzGWMtZsPTczmKYX6hEmNx4VIUouTU=
Subject key identifier: 80:1C:C3:97:5F:2A:80:25:0F:5B:2D:5A:36:8C:6D:6E:91:83:4D:C7
Certificate issuer: /CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5
Certificate serial: 0C85
Authority key identifier: 99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/gBzDl18qgCUPWy1aNoxtbpGDTcc.roa
Signing time: Mon 10 Feb 2025 14:06:17 +0000
ROA not before: Mon 10 Feb 2025 14:06:17 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18464
IP address blocks: 103.122.20.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3205 (0xc85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=993F7280F1F9B65439DD65ADFB68CA0D6C99BEC5
Validity
Not Before: Feb 10 14:06:17 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=801CC3975F2A80250F5B2D5A368C6D6E91834DC7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b6:e1:b9:97:42:e6:3d:7d:8d:25:d0:70:12:
ad:76:e4:f2:7c:6c:05:41:5f:a3:77:35:e1:90:86:
a7:07:1d:42:fb:70:ca:5e:0c:fc:36:c7:ad:18:a1:
6e:d9:cd:89:9f:e6:5b:8e:33:09:2e:08:8f:b8:ce:
41:3d:4d:c8:72:57:90:e2:41:6c:c7:cc:87:9e:4d:
1e:a4:ef:c3:41:30:8f:aa:ee:72:37:ee:e1:cf:f4:
01:4d:6a:45:04:39:af:89:c6:bb:0f:bd:16:bf:ac:
f9:5e:9d:57:5c:67:f0:b6:29:fd:d9:61:6e:15:7b:
38:68:b6:95:84:f1:58:2a:3f:0b:59:75:92:63:29:
c3:a4:cf:cb:66:00:bd:b6:a1:3d:21:5a:e0:b4:b5:
ac:1e:59:42:60:17:5c:d3:c6:f4:69:52:26:17:0b:
c6:6b:6f:4a:9d:39:47:17:71:70:cd:dd:63:1a:f5:
ce:71:92:b3:49:f3:7d:16:5d:c3:69:97:85:56:b8:
b0:5a:f7:a8:74:fc:27:2a:9e:7e:9b:b9:ad:1b:ab:
b7:e2:7b:26:86:27:fb:af:74:fa:9c:04:97:20:8c:
2a:0e:68:39:22:c9:43:11:21:dd:76:f2:59:b9:62:
a5:d1:7b:d7:79:67:df:0a:5f:4a:00:9f:d0:62:21:
e1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1C:C3:97:5F:2A:80:25:0F:5B:2D:5A:36:8C:6D:6E:91:83:4D:C7
X509v3 Authority Key Identifier:
keyid:99:3F:72:80:F1:F9:B6:54:39:DD:65:AD:FB:68:CA:0D:6C:99:BE:C5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/mT9ygPH5tlQ53WWt-2jKDWyZvsU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mT9ygPH5tlQ53WWt-2jKDWyZvsU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SAKURAHOST/gBzDl18qgCUPWy1aNoxtbpGDTcc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.20.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:e1:f6:60:7b:66:70:55:18:d4:be:aa:f8:07:a5:28:49:b5:
1d:1b:de:05:c2:03:a3:f1:0f:81:1c:a4:a1:d7:9d:8e:61:d6:
09:fe:df:f9:bf:6d:fa:f2:f9:dd:dc:de:5a:96:51:ee:b1:b8:
66:b1:7e:f8:ee:f4:82:96:5c:97:b7:bd:8a:c1:ad:64:13:56:
7a:64:a1:aa:73:f4:85:0b:50:5e:a3:5a:5a:86:a2:98:60:88:
d1:2f:d0:c3:34:a1:42:19:68:16:41:e7:fd:02:17:aa:ec:b7:
4a:06:37:d8:2b:7e:e9:26:f0:4a:14:b9:db:fd:47:01:a0:64:
95:27:01:5f:45:7d:be:e5:54:09:05:f6:12:4d:1e:e4:44:7b:
e8:d7:1b:c2:d9:e4:91:b7:b5:59:eb:d0:0f:91:77:5f:c7:f2:
d7:87:d0:b1:94:c7:61:11:ff:eb:11:8d:dd:e8:2f:c0:9b:65:
32:08:1f:19:63:90:fa:00:9d:2a:4f:8b:a8:37:b6:88:c5:09:
82:6c:bc:67:e6:4e:47:44:b8:21:d7:48:a5:99:06:36:8e:75:
81:ab:b2:60:32:2b:ce:3e:9e:63:b5:f1:70:ec:66:b4:6e:c2:
60:4d:c9:80:42:0a:db:35:40:8e:30:03:16:9b:e3:1a:b8:33:
a4:a0:31:cb
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICDIUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTkz
RjcyODBGMUY5QjY1NDM5REQ2NUFERkI2OENBMEQ2Qzk5QkVDNTAeFw0yNTAyMTAx
NDA2MTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgwMUNDMzk3NUYyQTgw
MjUwRjVCMkQ1QTM2OEM2RDZFOTE4MzREQzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDtuG5l0LmPX2NJdBwEq125PJ8bAVBX6N3NeGQhqcHHUL7cMpe
DPw2x60YoW7ZzYmf5luOMwkuCI+4zkE9TchyV5DiQWzHzIeeTR6k78NBMI+q7nI3
7uHP9AFNakUEOa+JxrsPvRa/rPlenVdcZ/C2Kf3ZYW4VezhotpWE8VgqPwtZdZJj
KcOkz8tmAL22oT0hWuC0taweWUJgF1zTxvRpUiYXC8Zrb0qdOUcXcXDN3WMa9c5x
krNJ830WXcNpl4VWuLBa96h0/Ccqnn6bua0bq7fieyaGJ/uvdPqcBJcgjCoOaDki
yUMRId128lm5YqXRe9d5Z98KX0oAn9BiIeFbAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQUgBzDl18qgCUPWy1aNoxtbpGDTccwHwYDVR0jBBgwFoAUmT9ygPH5tlQ53WWt
+2jKDWyZvsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0FLVVJB
SE9TVC9tVDl5Z1BINXRsUTUzV1d0LTJqS0RXeVp2c1UuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL21UOXlnUEg1dGxRNTNXV3QtMmpLRFd5WnZzVS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NBS1VSQUhPU1QvZ0J6RGwxOHFn
Q1VQV3kxYU5veHRicEdEVGNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAGd6FDANBgkqhkiG9w0BAQsFAAOCAQEATuH2YHtmcFUY1L6q+AelKEm1
HRveBcIDo/EPgRykodedjmHWCf7f+b9t+vL53dzeWpZR7rG4ZrF++O70gpZcl7e9
isGtZBNWemShqnP0hQtQXqNaWoaimGCI0S/QwzShQhloFkHn/QIXquy3SgY32Ct+
6SbwShS52/1HAaBklScBX0V9vuVUCQX2Ek0e5ER76Ncbwtnkkbe1WevQD5F3X8fy
14fQsZTHYRH/6xGN3egvwJtlMggfGWOQ+gCdKk+LqDe2iMUJgmy8Z+ZOR0S4IddI
pZkGNo51gauyYDIrzj6eY7XxcOxmtG7CYE3JgEIK2zVAjjADFpvjGrgzpKAxyw==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:54 2025 by rpki-client