Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/JL9HKnIE-nNMGP3XuYW0pBI4LwI.roa
File: JL9HKnIE-nNMGP3XuYW0pBI4LwI.roa (raw, json)
Hash identifier: 7fdnaTr+1X5ryo5n//a469S1e7lYPE0hOokiEujJNs4=
Subject key identifier: 24:BF:47:2A:72:04:FA:73:4C:18:FD:D7:B9:85:B4:A4:12:38:2F:02
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0F36
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/JL9HKnIE-nNMGP3XuYW0pBI4LwI.roa
Signing time: Tue 25 Feb 2025 01:46:47 +0000
ROA not before: Tue 25 Feb 2025 01:46:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 1659
IP address blocks: 192.192.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3894 (0xf36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 25 01:46:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=24BF472A7204FA734C18FDD7B985B4A412382F02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c0:b8:c0:31:34:f5:ad:cd:5f:60:2b:d2:dc:
22:e9:46:60:95:7e:22:99:5b:0e:20:d9:38:08:52:
1d:77:81:d8:f8:da:92:b5:d1:85:cf:1e:2e:f3:c7:
43:1f:f6:3e:62:c1:bb:06:51:b5:2e:46:a2:23:2e:
de:2a:bd:8e:a6:5d:03:80:38:0a:9e:6d:f1:06:29:
68:98:a9:93:07:08:54:68:85:b0:20:3a:16:9e:b3:
63:ba:38:7d:9e:c0:cd:88:97:c5:23:df:bc:e9:5c:
72:9e:60:a8:ca:7a:be:e7:fb:06:bd:03:e9:d1:25:
ad:61:81:19:0d:88:a0:4c:45:6d:08:bb:bd:89:7d:
34:ba:ad:e1:16:b2:ff:cd:89:bc:5d:40:a4:1d:d1:
0e:b5:20:63:ae:b2:87:82:04:e2:95:cc:52:e0:56:
27:88:d0:d4:a8:cd:d3:0b:ab:9f:06:8b:30:90:84:
11:ac:88:ae:fe:c4:33:7d:4f:11:ab:60:ec:95:7f:
d9:38:cd:ee:d7:d6:12:b1:eb:9d:9a:58:33:8c:56:
87:81:ba:ae:d6:f4:36:4e:19:f5:21:b5:c9:98:40:
5a:5b:b4:12:c1:dd:6b:0a:42:11:f7:6b:a7:63:98:
29:3a:ef:81:5c:04:83:3d:6b:22:ed:99:d7:c0:dd:
9b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:BF:47:2A:72:04:FA:73:4C:18:FD:D7:B9:85:B4:A4:12:38:2F:02
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/JL9HKnIE-nNMGP3XuYW0pBI4LwI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.192.16.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:7e:de:e1:be:d3:71:6d:2e:f6:16:27:95:9d:ba:48:5e:c5:
ad:55:3c:bf:ad:3e:81:92:29:db:75:f3:8e:6d:29:ce:ae:79:
75:fe:7d:5c:f9:ba:8d:81:a5:55:d0:82:dd:c6:93:a4:35:06:
3a:f0:17:1b:5a:5a:1f:ee:d3:45:88:97:3e:78:d2:34:f0:93:
0a:35:d1:8e:6e:0b:3f:ba:6d:d0:86:6d:e6:ef:cd:81:70:60:
16:5f:5c:28:ff:9b:16:cb:63:4a:e9:69:59:16:d6:c0:7d:18:
2e:d1:75:e8:11:d8:99:38:ed:91:ff:6d:47:99:e7:32:37:b2:
93:44:d5:ce:bc:76:15:38:fe:2e:b7:d7:4d:ca:ef:39:21:33:
9c:dc:5d:e6:f8:d3:00:c4:8e:ea:5b:4e:c5:90:74:23:72:da:
7d:f4:2b:0a:ae:b1:38:a9:7f:ef:00:97:a7:61:c9:87:ec:e5:
52:8d:9b:71:09:b8:63:e2:1e:25:ba:f3:24:17:a3:9f:4e:a3:
c0:aa:9e:52:cd:69:13:36:b9:fc:29:5f:6c:49:22:f3:da:20:
2b:9c:73:de:a8:50:f9:37:34:98:51:de:78:4f:a4:01:04:dc:
f4:a7:c2:04:76:30:87:53:ae:69:5d:65:7c:26:26:e1:7d:27:
df:ff:6e:9d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMjUw
MTQ2NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI0QkY0NzJBNzIwNEZB
NzM0QzE4RkREN0I5ODVCNEE0MTIzODJGMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOwLjAMTT1rc1fYCvS3CLpRmCVfiKZWw4g2TgIUh13gdj42pK1
0YXPHi7zx0Mf9j5iwbsGUbUuRqIjLt4qvY6mXQOAOAqebfEGKWiYqZMHCFRohbAg
Ohaes2O6OH2ewM2Il8Uj37zpXHKeYKjKer7n+wa9A+nRJa1hgRkNiKBMRW0Iu72J
fTS6reEWsv/NibxdQKQd0Q61IGOusoeCBOKVzFLgVieI0NSozdMLq58GizCQhBGs
iK7+xDN9TxGrYOyVf9k4ze7X1hKx652aWDOMVoeBuq7W9DZOGfUhtcmYQFpbtBLB
3WsKQhH3a6djmCk674FcBIM9ayLtmdfA3ZuBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUJL9HKnIE+nNMGP3XuYW0pBI4LwIwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9KTDlIS25JRS1uTk1HUDNYdVlX
MHBCSTRMd0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwMAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCNft7hvtNxbS72FieVnbpIXsWtVTy/rT6Bkinb
dfOObSnOrnl1/n1c+bqNgaVV0ILdxpOkNQY68BcbWlof7tNFiJc+eNI08JMKNdGO
bgs/um3Qhm3m782BcGAWX1wo/5sWy2NK6WlZFtbAfRgu0XXoEdiZOO2R/21Hmecy
N7KTRNXOvHYVOP4ut9dNyu85ITOc3F3m+NMAxI7qW07FkHQjctp99CsKrrE4qX/v
AJenYcmH7OVSjZtxCbhj4h4luvMkF6OfTqPAqp5SzWkTNrn8KV9sSSLz2iArnHPe
qFD5NzSYUd54T6QBBNz0p8IEdjCHU65pXWV8JibhfSff/26d
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:51:33 2025 by rpki-client