Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/ojOeBq1k6DI3bkqYueCKIPkeyNg.roa
File: ojOeBq1k6DI3bkqYueCKIPkeyNg.roa (raw, json)
Hash identifier: mSkQdHb64Qa+FZe/Mxp3eFnCEWVKRyIOHJyN117xEF4=
Subject key identifier: A2:33:9E:06:AD:64:E8:32:37:6E:4A:98:B9:E0:8A:20:F9:1E:C8:D8
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0D62
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/ojOeBq1k6DI3bkqYueCKIPkeyNg.roa
Signing time: Mon 10 Feb 2025 14:12:19 +0000
ROA not before: Mon 10 Feb 2025 14:12:19 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 203.121.224.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3426 (0xd62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Feb 10 14:12:19 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A2339E06AD64E832376E4A98B9E08A20F91EC8D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:68:09:34:50:b4:af:97:d4:a1:09:65:ad:d1:
e3:db:04:a5:df:5a:7c:a4:ad:ba:de:dc:f2:3a:1f:
a7:ab:88:40:5c:3b:1e:ef:fa:98:43:16:00:ef:fc:
d4:74:6c:83:d0:72:9f:50:5f:52:bc:aa:a3:55:52:
44:dc:4a:dc:50:13:dc:ab:1b:6f:67:e0:ee:a5:16:
15:7d:18:60:48:88:c3:73:f0:8f:c9:1d:c0:fe:d6:
ac:59:57:02:2b:80:89:0a:ff:ad:5d:5d:79:64:00:
f3:d5:67:ec:92:25:fc:4d:a8:0a:fe:a3:2c:a5:f8:
b8:6a:8f:d2:36:45:b8:53:d6:14:53:4e:82:5c:f8:
1b:91:9c:5f:b9:40:21:ad:46:c4:a2:2b:66:e1:ce:
e2:59:49:a8:95:4f:73:6f:dd:34:35:60:92:84:f5:
52:30:e8:8f:eb:61:eb:52:64:5e:03:5f:1e:66:c6:
86:79:9c:d9:a1:3d:55:48:fb:4b:c0:64:70:a7:0c:
c0:d5:31:91:ef:d3:fa:41:d7:dd:9d:62:37:ab:01:
40:db:70:2a:a5:0c:3c:1a:28:4b:c9:dd:d1:aa:05:
a2:02:f7:f4:2e:fe:b9:68:e2:93:e1:a3:f5:b1:5a:
f3:77:87:7e:44:49:1a:46:77:57:cb:70:e5:8f:13:
8c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:33:9E:06:AD:64:E8:32:37:6E:4A:98:B9:E0:8A:20:F9:1E:C8:D8
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/ojOeBq1k6DI3bkqYueCKIPkeyNg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.224.0/20
Signature Algorithm: sha256WithRSAEncryption
22:76:24:ee:d5:bf:e2:bb:38:55:d2:bc:2a:d0:2f:b3:41:3f:
47:fa:34:ca:e0:ff:c3:9c:28:d8:37:24:c1:1a:83:6e:b0:9b:
0c:87:ef:e3:c5:5b:72:94:b9:96:e8:86:2c:4b:2a:04:4d:7b:
1d:8d:14:b1:aa:92:dc:07:b6:03:60:f8:e6:08:22:e7:cd:c4:
fd:53:d0:40:53:94:c8:84:90:4a:ff:2e:3d:f6:db:e2:2c:62:
42:b9:ce:f5:55:5a:1f:8a:a5:33:12:b5:79:86:00:5d:83:66:
38:45:91:83:05:15:0a:fa:58:ee:3e:5d:6b:3d:b8:d2:56:f1:
b8:3c:d9:4e:56:97:70:75:a3:18:e4:d5:63:37:d5:ef:4c:10:
e6:15:eb:d1:33:57:ce:3a:48:95:69:b7:de:a8:81:54:4b:9f:
f3:b6:71:b1:1d:c3:36:2c:7e:02:41:01:e4:6c:f1:49:91:dc:
29:f9:05:b4:21:7a:e1:e1:4b:64:12:66:9b:cf:04:12:89:13:
12:e9:e9:d5:d4:07:6c:c7:85:d0:11:33:a0:6c:12:fc:7c:9c:
13:a9:d8:76:d6:39:98:27:14:ee:f4:9e:27:77:38:87:9a:d7:
eb:51:ea:2b:92:fa:c4:1e:91:6d:e3:da:f2:69:26:d6:f1:c8:
f2:97:98:1d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDWIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx
NDEyMTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEyMzM5RTA2QUQ2NEU4
MzIzNzZFNEE5OEI5RTA4QTIwRjkxRUM4RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7aAk0ULSvl9ShCWWt0ePbBKXfWnykrbre3PI6H6eriEBcOx7v
+phDFgDv/NR0bIPQcp9QX1K8qqNVUkTcStxQE9yrG29n4O6lFhV9GGBIiMNz8I/J
HcD+1qxZVwIrgIkK/61dXXlkAPPVZ+ySJfxNqAr+oyyl+Lhqj9I2RbhT1hRTToJc
+BuRnF+5QCGtRsSiK2bhzuJZSaiVT3Nv3TQ1YJKE9VIw6I/rYetSZF4DXx5mxoZ5
nNmhPVVI+0vAZHCnDMDVMZHv0/pB192dYjerAUDbcCqlDDwaKEvJ3dGqBaIC9/Qu
/rlo4pPho/WxWvN3h35ESRpGd1fLcOWPE4z5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUojOeBq1k6DI3bkqYueCKIPkeyNgwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9vak9lQnExazZESTNia3FZdWVD
S0lQa2V5Tmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3ng
MA0GCSqGSIb3DQEBCwUAA4IBAQAidiTu1b/iuzhV0rwq0C+zQT9H+jTK4P/DnCjY
NyTBGoNusJsMh+/jxVtylLmW6IYsSyoETXsdjRSxqpLcB7YDYPjmCCLnzcT9U9BA
U5TIhJBK/y499tviLGJCuc71VVofiqUzErV5hgBdg2Y4RZGDBRUK+ljuPl1rPbjS
VvG4PNlOVpdwdaMY5NVjN9XvTBDmFevRM1fOOkiVabfeqIFUS5/ztnGxHcM2LH4C
QQHkbPFJkdwp+QW0IXrh4UtkEmabzwQSiRMS6enV1Adsx4XQETOgbBL8fJwTqdh2
1jmYJxTu9J4ndziHmtfrUeorkvrEHpFt49ryaSbW8cjyl5gd
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:56:08 2025 by rpki-client