Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SGU/PCZnnFbCajXgzQI8AV6olgVNMDg.roa
File: PCZnnFbCajXgzQI8AV6olgVNMDg.roa (raw, json)
Hash identifier: nOc2Hzivhm0FHGD5WnViJiWNX45fzezZYpsQlmRcUzg=
Subject key identifier: 3C:26:67:9C:56:C2:6A:35:E0:CD:02:3C:01:5E:A8:96:05:4D:30:38
Certificate issuer: /CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Certificate serial: 02A9
Authority key identifier: 32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/PCZnnFbCajXgzQI8AV6olgVNMDg.roa
Signing time: Mon 10 Feb 2025 13:49:37 +0000
ROA not before: Mon 10 Feb 2025 13:49:37 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 134823
IP address blocks: 2400:7420::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 681 (0x2a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Validity
Not Before: Feb 10 13:49:37 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3C26679C56C26A35E0CD023C015EA896054D3038
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:3e:78:5c:01:bc:2f:32:b5:e3:95:a3:48:ae:
b2:c1:de:28:38:7d:9d:c8:38:3a:90:3c:ab:55:c8:
c7:55:cd:3b:12:12:09:03:0d:74:5f:6d:06:e8:fa:
4b:f2:52:0d:bf:4c:aa:15:66:cd:fb:da:ef:02:a7:
3a:6b:a2:16:b2:66:dd:62:47:cd:6f:18:21:23:f0:
cf:60:d4:1f:a4:dc:4a:a6:aa:67:29:51:ba:ad:81:
05:17:0e:db:6b:66:c6:be:cc:79:44:d1:3d:d8:8f:
0f:ad:6f:84:d5:0e:89:07:d4:f9:00:56:93:ea:96:
ba:8a:4c:83:5b:0e:57:a4:a7:86:ca:83:46:32:ed:
a4:b6:3f:27:ad:df:20:90:13:18:de:ff:b2:7f:33:
1c:e8:d3:18:55:16:a3:b0:0e:35:ea:87:b5:f8:6c:
88:ac:06:77:d5:36:c2:f9:d5:e3:aa:ab:b2:f6:88:
b5:57:9f:74:e8:94:ca:12:b6:7e:94:b3:aa:b3:ad:
df:4a:69:d0:23:cb:17:76:e4:40:01:82:ad:9c:f1:
27:f0:38:8c:36:9e:d5:88:3e:3b:86:b6:49:2c:a8:
46:44:4d:30:6b:74:8c:48:6d:1b:0f:7d:3a:31:ea:
67:85:b0:e1:68:d8:30:6e:e1:0f:57:53:89:33:16:
96:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:26:67:9C:56:C2:6A:35:E0:CD:02:3C:01:5E:A8:96:05:4D:30:38
X509v3 Authority Key Identifier:
keyid:32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/MpTnGQKkpcMbmHvWfQlK9YMKgW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/PCZnnFbCajXgzQI8AV6olgVNMDg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:7420::/32
Signature Algorithm: sha256WithRSAEncryption
60:a5:70:5f:93:00:98:ed:35:0b:ef:e0:17:d7:75:83:70:03:
e9:a4:6a:fb:f5:0c:e5:45:dc:15:e6:a7:21:3d:69:de:2e:da:
d2:a9:57:a5:82:7c:e8:27:3a:dd:1e:ff:19:1a:7e:ed:03:4e:
79:d2:c5:bf:97:54:10:db:30:0d:0c:c8:17:c7:d7:32:1b:4d:
b0:0d:d2:49:1b:e4:01:6f:3e:d7:c4:60:23:0f:62:0c:52:d9:
d7:87:df:c1:61:3a:9e:db:f8:42:16:73:31:91:d4:c1:b2:3f:
f4:04:f5:f2:35:5c:b3:22:8c:b9:0f:a0:d8:2e:b2:b8:2b:29:
c4:b0:e9:af:bf:88:2b:fd:d7:4b:4d:c0:8e:6b:83:7e:2e:e8:
de:a9:db:0b:05:3b:b5:de:50:72:b4:f5:0c:d8:fd:52:06:86:
ef:a1:4d:92:c8:4a:9d:9d:aa:fe:f3:1a:ad:b9:56:29:8f:1c:
14:d5:dd:00:2b:16:76:1b:22:32:ea:e9:16:20:74:5d:6b:8a:
5c:41:00:3a:13:6b:58:99:c5:a1:58:d4:29:a2:e0:c0:54:b3:
ea:94:c4:6d:93:cd:e0:77:cd:8c:d6:c7:b3:c5:b1:d1:30:f8:
38:e5:4b:6e:b9:f1:21:b1:5c:f4:f1:e6:e3:ee:61:9a:0e:fe:
eb:db:ac:00
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzI5
NEU3MTkwMkE0QTVDMzFCOTg3QkQ2N0QwOTRBRjU4MzBBODE2RDAeFw0yNTAyMTAx
MzQ5MzdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNDMjY2NzlDNTZDMjZB
MzVFMENEMDIzQzAxNUVBODk2MDU0RDMwMzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpPnhcAbwvMrXjlaNIrrLB3ig4fZ3IODqQPKtVyMdVzTsSEgkD
DXRfbQbo+kvyUg2/TKoVZs372u8CpzprohayZt1iR81vGCEj8M9g1B+k3Eqmqmcp
UbqtgQUXDttrZsa+zHlE0T3Yjw+tb4TVDokH1PkAVpPqlrqKTINbDlekp4bKg0Yy
7aS2Pyet3yCQExje/7J/Mxzo0xhVFqOwDjXqh7X4bIisBnfVNsL51eOqq7L2iLVX
n3TolMoStn6Us6qzrd9KadAjyxd25EABgq2c8SfwOIw2ntWIPjuGtkksqEZETTBr
dIxIbRsPfTox6meFsOFo2DBu4Q9XU4kzFpZfAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUPCZnnFbCajXgzQI8AV6olgVNMDgwHwYDVR0jBBgwFoAUMpTnGQKkpcMbmHvW
fQlK9YMKgW0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL01w
VG5HUUtrcGNNYm1IdldmUWxLOVlNS2dXMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TXBUbkdRS2twY01ibUh2V2ZRbEs5WU1LZ1cwLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL1BDWm5uRmJDYWpYZ3pRSThBVjZvbGdW
Tk1EZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAHQgMA0G
CSqGSIb3DQEBCwUAA4IBAQBgpXBfkwCY7TUL7+AX13WDcAPppGr79QzlRdwV5qch
PWneLtrSqVelgnzoJzrdHv8ZGn7tA0550sW/l1QQ2zANDMgXx9cyG02wDdJJG+QB
bz7XxGAjD2IMUtnXh9/BYTqe2/hCFnMxkdTBsj/0BPXyNVyzIoy5D6DYLrK4KynE
sOmvv4gr/ddLTcCOa4N+LujeqdsLBTu13lBytPUM2P1SBobvoU2SyEqdnar+8xqt
uVYpjxwU1d0AKxZ2GyIy6ukWIHRda4pcQQA6E2tYmcWhWNQpouDAVLPqlMRtk83g
d82M1sezxbHRMPg45UtuufEhsVz08ebj7mGaDv7r26wA
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:33:25 2025 by rpki-client