Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/VOP-eRSsWEA2OkRD-zU-NQNgiIw.roa
File: VOP-eRSsWEA2OkRD-zU-NQNgiIw.roa (raw, json)
Hash identifier: dmO0fcZn4SWYD10W7y/T8TWddm69sI2RfA62nbfXbEw=
Subject key identifier: 54:E3:FE:79:14:AC:58:40:36:3A:44:43:FB:35:3E:35:03:60:88:8C
Certificate issuer: /CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0
Certificate serial: 0457
Authority key identifier: 42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/VOP-eRSsWEA2OkRD-zU-NQNgiIw.roa
Signing time: Mon 10 Feb 2025 13:57:39 +0000
ROA not before: Mon 10 Feb 2025 13:57:39 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17408
IP address blocks: 160.25.221.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1111 (0x457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=422E7C95D87DE9AEEB212A0C4CCB0174E65CA5D0
Validity
Not Before: Feb 10 13:57:39 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=54E3FE7914AC5840363A4443FB353E350360888C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bf:71:41:64:29:74:af:bf:44:f1:4b:c7:be:
07:92:5d:b1:1a:30:56:63:c6:e8:b4:e4:c4:76:9b:
e2:a5:9d:17:c6:4c:50:f6:23:c3:ad:14:7a:1f:74:
3d:be:a0:22:56:e9:ca:44:49:96:2d:97:9b:6a:2a:
d4:85:a4:01:ed:b4:62:73:96:3c:23:5d:6c:56:cb:
40:1f:69:24:d4:0c:2b:ea:4c:35:6a:72:9e:cf:15:
07:4a:fd:84:3c:fd:96:f0:a5:5d:99:20:ed:d1:5a:
1d:c1:6b:ec:6f:48:5e:96:dc:2c:70:e7:42:eb:b6:
e4:b8:5d:4b:37:9d:cd:09:48:f6:92:78:08:52:46:
84:08:8d:d0:1d:53:76:c2:29:62:75:5f:a1:75:f7:
ce:66:87:34:11:02:0d:30:a9:eb:e9:bc:c0:28:37:
87:fe:be:e8:e8:70:b2:d5:e7:76:2d:ca:aa:ed:73:
f6:3b:85:3d:dd:78:a4:2a:50:f2:ee:61:c7:17:be:
98:5a:a7:5a:1e:b3:58:d7:77:34:56:ca:fb:62:f2:
7e:4b:5a:32:63:cf:cc:25:59:87:db:54:06:dd:a8:
5e:54:cf:be:f1:12:58:ef:e7:a0:a8:74:69:ea:73:
d4:60:a9:8f:b6:fc:c5:58:a1:27:2d:74:ea:f5:c7:
e4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:E3:FE:79:14:AC:58:40:36:3A:44:43:FB:35:3E:35:03:60:88:8C
X509v3 Authority Key Identifier:
keyid:42:2E:7C:95:D8:7D:E9:AE:EB:21:2A:0C:4C:CB:01:74:E6:5C:A5:D0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/Qi58ldh96a7rISoMTMsBdOZcpdA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Qi58ldh96a7rISoMTMsBdOZcpdA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SKIPTECH/VOP-eRSsWEA2OkRD-zU-NQNgiIw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
160.25.221.0/24
Signature Algorithm: sha256WithRSAEncryption
09:3d:88:4d:91:a4:8c:16:48:39:34:3a:08:7e:a8:2e:21:c7:
66:95:a6:cc:19:f2:93:55:7a:52:ff:9c:06:8d:32:80:d2:69:
b8:5c:44:c7:ed:b2:7a:2d:43:42:65:95:d9:13:d9:54:8a:0e:
b2:4c:82:46:d7:f7:7c:f3:aa:9d:31:86:e2:bf:50:bf:3a:38:
e8:7f:4a:4b:80:55:c8:b7:9d:bb:fd:29:00:67:fd:36:00:8b:
22:16:6b:44:ea:8e:eb:65:0f:22:6a:ba:dc:e2:31:36:73:c8:
e9:12:34:c3:e7:f3:c0:d3:5a:21:86:49:3a:be:17:9b:6a:d8:
bf:b9:36:2e:aa:02:af:a1:60:fa:aa:aa:55:07:69:cf:2c:86:
03:bc:a7:0e:f9:c0:b3:0b:c5:86:d0:5c:40:20:76:43:b0:70:
8b:9a:b8:39:b7:f9:7c:a7:98:e4:31:2a:dd:61:cd:33:9f:99:
40:18:8a:0a:84:d1:8b:c1:9e:38:57:7c:97:7b:c5:62:c6:95:
35:0f:53:4c:c5:2a:76:cb:df:c8:51:c4:64:85:bd:da:41:57:
51:90:75:b4:4a:c7:82:1c:c2:be:1a:30:bc:22:5c:a7:39:af:
67:d6:b3:66:fc:a5:a0:3a:3f:1b:90:07:47:a4:63:54:c6:99:
e4:45:da:82
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICBFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDIy
RTdDOTVEODdERTlBRUVCMjEyQTBDNENDQjAxNzRFNjVDQTVEMDAeFw0yNTAyMTAx
MzU3MzlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU0RTNGRTc5MTRBQzU4
NDAzNjNBNDQ0M0ZCMzUzRTM1MDM2MDg4OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuv3FBZCl0r79E8UvHvgeSXbEaMFZjxui05MR2m+KlnRfGTFD2
I8OtFHofdD2+oCJW6cpESZYtl5tqKtSFpAHttGJzljwjXWxWy0AfaSTUDCvqTDVq
cp7PFQdK/YQ8/ZbwpV2ZIO3RWh3Ba+xvSF6W3Cxw50LrtuS4XUs3nc0JSPaSeAhS
RoQIjdAdU3bCKWJ1X6F1985mhzQRAg0wqevpvMAoN4f+vujocLLV53Ytyqrtc/Y7
hT3deKQqUPLuYccXvphap1oes1jXdzRWyvti8n5LWjJjz8wlWYfbVAbdqF5Uz77x
Eljv56CodGnqc9RgqY+2/MVYoSctdOr1x+QFAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUVOP+eRSsWEA2OkRD+zU+NQNgiIwwHwYDVR0jBBgwFoAUQi58ldh96a7rISoM
TMsBdOZcpdAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0tJUFRF
Q0gvUWk1OGxkaDk2YTdySVNvTVRNc0JkT1pjcGRBLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9RaTU4bGRoOTZhN3JJU29NVE1zQmRPWmNwZEEuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TS0lQVEVDSC9WT1AtZVJTc1dFQTJP
a1JELXpVLU5RTmdpSXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAoBndMA0GCSqGSIb3DQEBCwUAA4IBAQAJPYhNkaSMFkg5NDoIfqguIcdmlabM
GfKTVXpS/5wGjTKA0mm4XETH7bJ6LUNCZZXZE9lUig6yTIJG1/d886qdMYbiv1C/
Ojjof0pLgFXIt527/SkAZ/02AIsiFmtE6o7rZQ8iarrc4jE2c8jpEjTD5/PA01oh
hkk6vhebati/uTYuqgKvoWD6qqpVB2nPLIYDvKcO+cCzC8WG0FxAIHZDsHCLmrg5
t/l8p5jkMSrdYc0zn5lAGIoKhNGLwZ44V3yXe8VixpU1D1NMxSp2y9/IUcRkhb3a
QVdRkHW0SseCHMK+GjC8IlynOa9n1rNm/KWgOj8bkAdHpGNUxpnkRdqC
-----END CERTIFICATE-----
Generated at Sat Apr 5 14:00:04 2025 by rpki-client