Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/DNzjzfZGqztc_aiqzIVJXge2pbg.roa
File: DNzjzfZGqztc_aiqzIVJXge2pbg.roa (raw, json)
Hash identifier: w7h0CiYi11A6TuPIFVXKgCekAUCqzC85UupS9etHCO4=
Subject key identifier: 0C:DC:E3:CD:F6:46:AB:3B:5C:FD:A8:AA:CC:85:49:5E:07:B6:A5:B8
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E8D
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/DNzjzfZGqztc_aiqzIVJXge2pbg.roa
Signing time: Mon 10 Feb 2025 14:16:29 +0000
ROA not before: Mon 10 Feb 2025 14:16:29 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 1659
IP address blocks: 192.83.196.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3725 (0xe8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:29 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0CDCE3CDF646AB3B5CFDA8AACC85495E07B6A5B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:91:23:de:04:8e:bc:8d:84:86:d3:83:c9:c0:
cc:9b:ea:34:dc:b2:21:16:02:f6:32:d9:d0:0f:2d:
af:ac:07:b7:88:c4:c5:46:28:ff:07:a1:cc:19:60:
7b:30:04:79:1d:39:1c:f3:bd:77:98:65:db:c5:32:
ad:24:4e:24:cb:b5:c6:37:45:94:d9:29:c5:fe:81:
cc:15:42:ee:ce:5e:d9:73:91:e9:3b:28:c5:89:87:
c1:5e:cc:d9:b2:35:15:94:bb:1f:b7:57:0d:8c:f1:
4c:8e:44:b4:03:13:69:31:12:0b:bb:dd:1a:80:fb:
b0:fe:11:f1:4f:8d:19:e9:b3:53:f8:13:b1:3e:67:
c3:74:15:37:c2:e8:83:3c:d2:54:cf:a8:fb:5a:e4:
ba:35:38:3b:25:5e:1a:02:0d:a8:55:49:c8:f5:9d:
da:1f:f9:8a:e0:19:97:7f:16:c7:2f:09:48:c8:86:
b5:38:77:ad:95:cf:89:ea:da:56:37:65:9d:e0:cb:
21:7e:d0:98:d8:1d:c4:ed:65:8b:bd:9a:d3:b2:a2:
26:17:3f:4b:16:77:35:88:b6:3a:2b:96:bd:f8:fc:
da:c7:10:f0:c5:03:8e:f1:7b:e0:ff:55:11:ae:ea:
bc:2e:0f:b8:c8:f8:4e:d9:fd:54:cb:06:5f:bb:04:
fb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DC:E3:CD:F6:46:AB:3B:5C:FD:A8:AA:CC:85:49:5E:07:B6:A5:B8
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/DNzjzfZGqztc_aiqzIVJXge2pbg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.83.196.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d7:33:5e:08:d8:e0:f7:3e:18:85:a9:f3:13:31:11:2a:3a:
de:c2:f8:31:19:b3:b9:2d:6a:a4:49:40:3b:f5:91:18:f7:e7:
e9:4b:dd:21:bd:46:b9:c0:41:07:14:97:6c:00:c7:cf:05:5e:
20:5d:55:48:1f:ca:3a:a4:83:f6:90:bf:2b:ea:3f:b1:a8:a1:
ac:ba:6d:8b:7d:ad:f3:04:81:4c:d1:ed:34:8e:d4:fc:e3:4c:
60:8a:bb:6e:19:12:02:4a:d2:79:dd:56:ec:a7:f8:de:bd:b8:
22:1a:76:f5:8e:0d:07:2c:fe:5e:b9:6b:85:5c:66:af:e3:81:
4f:d0:09:ce:a2:10:7a:64:76:14:ba:df:af:bc:5d:e0:5f:77:
84:7a:6f:93:d2:00:c9:db:64:c2:d0:4d:c0:16:f1:45:85:fd:
63:c1:54:bf:a9:88:81:4b:82:fb:34:16:e1:19:e1:4c:a8:df:
5f:04:90:ad:2b:7b:3b:c1:15:36:52:06:61:7e:37:59:2c:d4:
05:08:51:26:6a:49:23:61:04:74:4a:76:fa:61:01:b3:7a:d6:
35:02:ea:c0:a9:50:94:f8:e8:ce:79:f2:22:2c:73:9b:9d:8e:
00:5b:c4:32:27:71:4f:fd:be:3e:2a:46:78:8f:68:08:c5:8a:
f1:41:64:fc
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBDRENFM0NERjY0NkFC
M0I1Q0ZEQThBQUNDODU0OTVFMDdCNkE1QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAkSPeBI68jYSG04PJwMyb6jTcsiEWAvYy2dAPLa+sB7eIxMVG
KP8HocwZYHswBHkdORzzvXeYZdvFMq0kTiTLtcY3RZTZKcX+gcwVQu7OXtlzkek7
KMWJh8FezNmyNRWUux+3Vw2M8UyORLQDE2kxEgu73RqA+7D+EfFPjRnps1P4E7E+
Z8N0FTfC6IM80lTPqPta5Lo1ODslXhoCDahVScj1ndof+YrgGZd/FscvCUjIhrU4
d62Vz4nq2lY3ZZ3gyyF+0JjYHcTtZYu9mtOyoiYXP0sWdzWItjorlr34/NrHEPDF
A47xe+D/VRGu6rwuD7jI+E7Z/VTLBl+7BPupAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUDNzjzfZGqztc/aiqzIVJXge2pbgwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9ETnpqemZaR3F6dGNfYWlxeklW
SlhnZTJwYmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwFPE
MA0GCSqGSIb3DQEBCwUAA4IBAQBE1zNeCNjg9z4YhanzEzERKjrewvgxGbO5LWqk
SUA79ZEY9+fpS90hvUa5wEEHFJdsAMfPBV4gXVVIH8o6pIP2kL8r6j+xqKGsum2L
fa3zBIFM0e00jtT840xgirtuGRICStJ53Vbsp/jevbgiGnb1jg0HLP5euWuFXGav
44FP0AnOohB6ZHYUut+vvF3gX3eEem+T0gDJ22TC0E3AFvFFhf1jwVS/qYiBS4L7
NBbhGeFMqN9fBJCtK3s7wRU2UgZhfjdZLNQFCFEmakkjYQR0Snb6YQGzetY1AurA
qVCU+OjOefIiLHObnY4AW8QyJ3FP/b4+KkZ4j2gIxYrxQWT8
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:46 2025 by rpki-client