Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/rlnNTfi40vQo6aLGX41Bf6yyOM8.roa
File: rlnNTfi40vQo6aLGX41Bf6yyOM8.roa (raw, json)
Hash identifier: al8gizMkR/ihrprlqD7p5dnbxfh8eOGY9P6JL+1gVlI=
Subject key identifier: AE:59:CD:4D:F8:B8:D2:F4:28:E9:A2:C6:5F:8D:41:7F:AC:B2:38:CF
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0D53
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/rlnNTfi40vQo6aLGX41Bf6yyOM8.roa
Signing time: Mon 10 Feb 2025 14:12:16 +0000
ROA not before: Mon 10 Feb 2025 14:12:16 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 124.109.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3411 (0xd53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Feb 10 14:12:16 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=AE59CD4DF8B8D2F428E9A2C65F8D417FACB238CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5f:6a:48:4f:c0:2a:6b:ee:b2:e2:71:eb:42:
4a:5c:f8:eb:3f:c0:b4:ba:41:3b:90:cc:a3:b4:6d:
23:81:a4:a0:e7:54:f4:75:d1:cb:83:6c:23:c8:74:
66:29:aa:d2:36:e6:13:c0:b7:6e:a8:be:e6:5b:53:
99:b3:66:6d:ab:97:b1:d9:1e:45:88:16:9b:94:ab:
19:b6:72:2f:c8:fd:4f:1e:b7:54:31:f8:ec:ee:71:
64:02:47:1c:5d:40:e0:8e:18:32:44:38:54:48:14:
17:a3:00:a8:e7:d2:04:0c:b7:cb:28:af:5b:fd:61:
65:d6:00:db:f9:2e:93:10:23:de:70:8c:82:87:3d:
fd:0d:aa:f5:83:9c:6c:93:5f:a5:59:55:ce:a2:50:
4e:fe:1a:5e:d7:1f:44:c2:46:85:89:09:40:6f:ea:
8b:ab:a7:ce:4f:d1:6b:18:8d:45:0c:40:2c:7d:4e:
e6:bd:5e:6f:1e:b4:6f:9b:14:c8:70:63:3d:39:c5:
11:08:92:26:85:64:e6:d5:83:6b:7e:ba:79:b8:9a:
5b:6a:d7:c7:01:a5:3b:a1:42:6c:4d:46:b0:2e:42:
96:9e:58:42:1d:16:df:bc:bc:2b:79:12:01:d2:3f:
01:1a:fc:90:66:57:fa:59:a2:3f:2c:c5:f0:f0:e1:
85:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:59:CD:4D:F8:B8:D2:F4:28:E9:A2:C6:5F:8D:41:7F:AC:B2:38:CF
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/rlnNTfi40vQo6aLGX41Bf6yyOM8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.109.112.0/20
Signature Algorithm: sha256WithRSAEncryption
87:af:12:b9:e2:4d:fa:24:9f:20:0c:00:a2:36:8f:9c:f8:35:
58:38:e2:df:28:c4:e5:3d:5f:2b:f7:7f:5a:62:3b:6d:46:51:
bb:3b:66:aa:17:f8:44:bc:22:e5:ad:86:8e:66:c6:e9:07:e2:
59:2f:db:3a:66:d2:1b:f9:57:7c:ef:e0:79:c2:5a:ee:3f:eb:
25:2c:2b:02:45:8f:98:33:73:a7:9a:2c:b2:f4:a3:ff:ed:f6:
0e:7e:e5:f1:50:2c:b3:b2:97:e1:0e:d0:c4:b5:14:d7:1e:ca:
66:bf:79:38:8a:87:b3:a6:c6:7d:d1:eb:4a:a3:63:7f:8b:65:
a7:df:d0:40:02:2e:78:1e:4f:c2:9f:42:9e:8a:62:ef:4f:c4:
bb:fb:72:5f:f8:1b:69:99:33:b6:13:45:fb:e5:e8:46:b6:f9:
0f:85:a7:8f:a6:cd:68:3b:e4:b9:c0:f7:63:7c:3a:1c:44:ce:
f0:be:34:e8:4b:0c:da:61:af:90:09:48:37:e7:dc:b7:52:ac:
55:ee:64:c0:0a:80:e0:53:ce:27:d4:0d:d8:9e:ff:25:fc:34:
be:9a:8e:f8:3f:9a:53:12:0d:1b:7c:9d:ff:d0:d5:38:6d:ce:
f7:6e:ce:f3:06:04:33:35:04:e2:db:af:7a:96:9e:4b:bb:29:
8c:fe:4f:f6
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDVMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx
NDEyMTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEFFNTlDRDRERjhCOEQy
RjQyOEU5QTJDNjVGOEQ0MTdGQUNCMjM4Q0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUX2pIT8Aqa+6y4nHrQkpc+Os/wLS6QTuQzKO0bSOBpKDnVPR1
0cuDbCPIdGYpqtI25hPAt26ovuZbU5mzZm2rl7HZHkWIFpuUqxm2ci/I/U8et1Qx
+OzucWQCRxxdQOCOGDJEOFRIFBejAKjn0gQMt8sor1v9YWXWANv5LpMQI95wjIKH
Pf0NqvWDnGyTX6VZVc6iUE7+Gl7XH0TCRoWJCUBv6ourp85P0WsYjUUMQCx9Tua9
Xm8etG+bFMhwYz05xREIkiaFZObVg2t+unm4mltq18cBpTuhQmxNRrAuQpaeWEId
Ft+8vCt5EgHSPwEa/JBmV/pZoj8sxfDw4YXVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUrlnNTfi40vQo6aLGX41Bf6yyOM8wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9ybG5OVGZpNDB2UW82YUxHWDQx
QmY2eXlPTTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEfG1w
MA0GCSqGSIb3DQEBCwUAA4IBAQCHrxK54k36JJ8gDACiNo+c+DVYOOLfKMTlPV8r
939aYjttRlG7O2aqF/hEvCLlrYaOZsbpB+JZL9s6ZtIb+Vd87+B5wlruP+slLCsC
RY+YM3Onmiyy9KP/7fYOfuXxUCyzspfhDtDEtRTXHspmv3k4ioezpsZ90etKo2N/
i2Wn39BAAi54Hk/Cn0KeimLvT8S7+3Jf+BtpmTO2E0X75ehGtvkPhaePps1oO+S5
wPdjfDocRM7wvjToSwzaYa+QCUg359y3UqxV7mTACoDgU84n1A3Ynv8l/DS+mo74
P5pTEg0bfJ3/0NU4bc73bs7zBgQzNQTi2696lp5LuymM/k/2
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:06:46 2025 by rpki-client