Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/CG3kD_QG9SlBs1xR2lMF0xaSDmk.roa
File: CG3kD_QG9SlBs1xR2lMF0xaSDmk.roa (raw, json)
Hash identifier: AawPuLQKC4qqc6j0kDap4exZlxSCFzlekNndDWc4cag=
Subject key identifier: 08:6D:E4:0F:F4:06:F5:29:41:B3:5C:51:DA:53:05:D3:16:92:0E:69
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0DF4
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CG3kD_QG9SlBs1xR2lMF0xaSDmk.roa
Signing time: Mon 26 Aug 2024 05:27:25 +0000
ROA not before: Mon 26 Aug 2024 05:27:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38847
IP address blocks: 140.120.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3572 (0xdf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Aug 26 05:27:25 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=086DE40FF406F52941B35C51DA5305D316920E69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:cf:c9:9e:56:1b:1c:91:1c:97:95:23:8d:
0a:56:ae:c3:b8:2d:37:16:91:14:1c:bf:37:cc:19:
dc:f5:73:62:5c:f6:da:46:da:6b:2c:7a:7d:a4:c5:
f6:a3:52:d6:97:54:f3:48:0e:42:b1:bd:fa:ad:4c:
db:b0:63:4a:7c:17:de:40:40:1c:43:0e:7e:44:94:
7f:c8:b1:96:33:c7:93:ed:96:c5:46:c8:c6:88:b0:
f0:aa:3b:96:e0:66:0d:c6:da:0c:b3:e6:5d:36:a7:
cd:88:3a:63:05:19:a0:20:12:50:d4:64:a2:85:eb:
3f:35:51:81:ff:fb:f7:a5:3b:4c:6a:26:50:56:40:
bf:d6:04:5c:04:12:24:3b:9f:3f:e8:d1:82:c5:f6:
94:d2:49:1d:72:f5:37:1b:2d:93:1f:c4:da:0d:ce:
f6:af:91:94:70:be:01:ea:90:8f:39:fc:c4:99:91:
63:b2:a5:3e:a3:d8:0b:4f:9e:9a:21:8c:53:85:f4:
05:38:b2:e3:8b:4a:44:6c:a4:a3:15:20:0d:77:c9:
61:bc:bc:77:60:29:21:2f:ff:6c:9c:d2:90:a5:f0:
de:a0:5c:34:e0:de:56:47:f2:3a:09:b0:87:14:b7:
3a:6b:39:c9:e9:ee:c4:67:b3:cc:d2:b3:96:59:86:
55:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6D:E4:0F:F4:06:F5:29:41:B3:5C:51:DA:53:05:D3:16:92:0E:69
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/CG3kD_QG9SlBs1xR2lMF0xaSDmk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.120.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:cc:02:7d:bf:71:45:39:f7:49:e0:de:1f:50:0e:6f:54:98:
b8:06:1b:9e:bd:b9:5c:61:34:84:14:87:5a:d3:bc:1e:37:90:
ca:b1:52:fa:e7:23:a6:41:68:8f:9f:62:8f:b4:c2:28:65:47:
22:5b:00:76:c2:61:18:c0:e9:27:79:bd:e5:01:99:10:ab:e8:
29:cd:91:81:1f:44:d4:b4:fd:90:8d:de:01:11:18:9a:f1:02:
6d:07:cb:62:b8:0f:66:29:e1:e2:8b:35:ee:3e:46:7e:4e:25:
65:4a:00:86:52:1c:88:fc:60:e0:a3:fb:36:af:33:e3:e7:97:
16:b2:73:44:a2:a0:92:4b:ea:51:c9:04:3b:a6:df:00:8b:9e:
c8:45:f3:fe:f1:a9:9a:1f:1f:7b:ce:a7:ce:10:74:bb:10:3b:
4e:64:fe:c4:56:cc:c8:73:ff:4f:5b:26:19:1e:d5:3b:be:f7:
0b:81:50:26:8c:2d:29:97:81:d0:31:1e:d1:ea:d8:0d:b4:dd:
12:4c:49:1c:78:d8:17:7c:4b:4a:4c:68:85:fb:28:44:26:37:
4f:9d:ee:9b:df:91:a0:ad:75:a7:fb:de:db:29:6a:1c:89:04:
fd:56:cb:1d:fd:93:e3:c2:83:00:c1:e7:c1:ff:27:ab:4b:13:
bf:c1:ce:e6
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNDA4MjYw
NTI3MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4NkRFNDBGRjQwNkY1
Mjk0MUIzNUM1MURBNTMwNUQzMTY5MjBFNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAv8/JnlYbHJEcl5UjjQpWrsO4LTcWkRQcvzfMGdz1c2Jc9tpG
2mssen2kxfajUtaXVPNIDkKxvfqtTNuwY0p8F95AQBxDDn5ElH/IsZYzx5PtlsVG
yMaIsPCqO5bgZg3G2gyz5l02p82IOmMFGaAgElDUZKKF6z81UYH/+/elO0xqJlBW
QL/WBFwEEiQ7nz/o0YLF9pTSSR1y9TcbLZMfxNoNzvavkZRwvgHqkI85/MSZkWOy
pT6j2AtPnpohjFOF9AU4suOLSkRspKMVIA13yWG8vHdgKSEv/2yc0pCl8N6gXDTg
3lZH8joJsIcUtzprOcnp7sRns8zSs5ZZhlXlAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUCG3kD/QG9SlBs1xR2lMF0xaSDmkwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9DRzNrRF9RRzlTbEJzMXhSMmxN
RjB4YVNEbWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHgw
DQYJKoZIhvcNAQELBQADggEBABbMAn2/cUU590ng3h9QDm9UmLgGG569uVxhNIQU
h1rTvB43kMqxUvrnI6ZBaI+fYo+0wihlRyJbAHbCYRjA6Sd5veUBmRCr6CnNkYEf
RNS0/ZCN3gERGJrxAm0Hy2K4D2Yp4eKLNe4+Rn5OJWVKAIZSHIj8YOCj+zavM+Pn
lxayc0SioJJL6lHJBDum3wCLnshF8/7xqZofH3vOp84QdLsQO05k/sRWzMhz/09b
Jhke1Tu+9wuBUCaMLSmXgdAxHtHq2A203RJMSRx42Bd8S0pMaIX7KEQmN0+d7pvf
kaCtdaf73tspahyJBP1Wyx39k+PCgwDB58H/J6tLE7/BzuY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:04:15 2025 by rpki-client