Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/KOpmZ1ODnfpGxDUoNMo8n6qwjbI.roa
File: KOpmZ1ODnfpGxDUoNMo8n6qwjbI.roa (raw, json)
Hash identifier: QHh7NaFGGX95fkoFyhnznTPzV8D63Chn7J6Ay3piOHs=
Subject key identifier: 28:EA:66:67:53:83:9D:FA:46:C4:35:28:34:CA:3C:9F:AA:B0:8D:B2
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E89
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/KOpmZ1ODnfpGxDUoNMo8n6qwjbI.roa
Signing time: Mon 10 Feb 2025 14:16:28 +0000
ROA not before: Mon 10 Feb 2025 14:16:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9916
IP address blocks: 140.129.56.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3721 (0xe89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=28EA666753839DFA46C4352834CA3C9FAAB08DB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e9:ca:6e:8f:eb:20:5e:e7:9a:9b:1b:a2:ee:
d4:95:44:74:e0:d6:bf:35:1e:de:12:c2:a7:37:b7:
06:ae:b1:79:1a:41:73:38:33:49:92:01:1d:44:e4:
3c:38:74:ba:66:11:fe:25:2a:eb:a3:a8:8b:82:32:
15:13:99:a3:64:95:62:47:5b:82:10:92:0c:dd:b2:
b2:b8:ea:8d:d2:41:4e:a3:c9:f7:b9:70:46:b4:a8:
4a:c2:b2:aa:4b:1f:1b:c9:6d:ea:44:72:99:4e:74:
af:66:1e:22:20:80:d2:78:55:14:4b:f5:e7:3c:a6:
1e:e1:1c:dd:ce:67:a0:62:c7:23:7e:f8:f3:0e:68:
69:38:f2:04:8d:42:80:01:d1:5d:fe:57:9b:88:dd:
74:74:c7:74:5e:4b:29:0d:13:e3:eb:1e:87:11:65:
5b:43:da:ec:2d:32:ae:15:f1:72:21:37:63:f2:27:
5d:4b:92:5f:87:cf:4c:78:94:f1:a4:52:44:b3:cc:
2c:92:04:5c:5a:3e:2c:82:a9:b4:e4:f8:6d:17:c2:
ec:d3:b6:3c:31:9f:4b:78:ed:76:f5:dd:91:49:d1:
d3:f1:09:6b:0e:9e:af:6e:23:cb:a9:25:dd:d5:a1:
23:9a:c2:9c:63:00:d3:6f:57:80:c6:98:c5:78:0c:
7d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:EA:66:67:53:83:9D:FA:46:C4:35:28:34:CA:3C:9F:AA:B0:8D:B2
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/KOpmZ1ODnfpGxDUoNMo8n6qwjbI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.56.0/21
Signature Algorithm: sha256WithRSAEncryption
10:c3:06:d3:1e:a4:12:0b:66:1f:31:bd:b6:bd:4e:f7:4a:8f:
ae:d2:cd:49:b1:6c:6d:61:56:41:51:c2:a3:71:ed:8b:a3:85:
2f:82:21:36:93:b0:46:d2:69:eb:07:cf:b8:2c:8a:18:b9:52:
37:c7:f2:8b:d0:15:06:41:f4:90:d8:be:9f:e6:67:f3:f6:9a:
eb:95:39:8d:6b:38:03:66:ea:40:7f:9a:f2:99:3e:7a:54:70:
3c:7e:19:55:07:75:51:2a:41:1f:86:af:27:a4:bb:a2:29:ea:
e0:fd:d1:94:3a:d4:99:e6:16:11:b5:33:72:0a:c5:d5:18:aa:
69:63:58:4a:12:67:85:bc:b5:1d:27:95:b2:6a:59:e9:89:d3:
61:89:30:94:46:b6:e5:c2:b3:2e:b1:69:b2:1d:5a:a4:6f:7b:
8b:12:66:88:5c:4b:6a:5a:db:ad:f4:7e:f2:b8:44:e3:5a:48:
93:a5:18:97:76:83:db:c3:ca:b8:9b:f6:ed:e9:86:e7:f3:65:
42:64:d7:40:fe:08:09:37:72:2c:67:fc:fd:4d:9a:21:03:33:
bc:96:42:ac:cc:c0:cf:2c:b6:c8:a5:ee:3d:af:8c:41:1b:4f:
34:1e:c4:cd:c3:4c:8d:6b:b8:bc:36:86:34:2f:02:98:e7:5c:
90:d0:10:7d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDokwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI4RUE2NjY3NTM4MzlE
RkE0NkM0MzUyODM0Q0EzQzlGQUFCMDhEQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG6cpuj+sgXueamxui7tSVRHTg1r81Ht4Swqc3twausXkaQXM4
M0mSAR1E5Dw4dLpmEf4lKuujqIuCMhUTmaNklWJHW4IQkgzdsrK46o3SQU6jyfe5
cEa0qErCsqpLHxvJbepEcplOdK9mHiIggNJ4VRRL9ec8ph7hHN3OZ6BixyN++PMO
aGk48gSNQoAB0V3+V5uI3XR0x3ReSykNE+PrHocRZVtD2uwtMq4V8XIhN2PyJ11L
kl+Hz0x4lPGkUkSzzCySBFxaPiyCqbTk+G0XwuzTtjwxn0t47Xb13ZFJ0dPxCWsO
nq9uI8upJd3VoSOawpxjANNvV4DGmMV4DH2lAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKOpmZ1ODnfpGxDUoNMo8n6qwjbIwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9LT3BtWjFPRG5mcEd4RFVvTk1v
OG42cXdqYkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDjIE4
MA0GCSqGSIb3DQEBCwUAA4IBAQAQwwbTHqQSC2YfMb22vU73So+u0s1JsWxtYVZB
UcKjce2Lo4UvgiE2k7BG0mnrB8+4LIoYuVI3x/KL0BUGQfSQ2L6f5mfz9prrlTmN
azgDZupAf5rymT56VHA8fhlVB3VRKkEfhq8npLuiKerg/dGUOtSZ5hYRtTNyCsXV
GKppY1hKEmeFvLUdJ5WyalnpidNhiTCURrblwrMusWmyHVqkb3uLEmaIXEtqWtut
9H7yuETjWkiTpRiXdoPbw8q4m/bt6Ybn82VCZNdA/ggJN3IsZ/z9TZohAzO8lkKs
zMDPLLbIpe49r4xBG080HsTNw0yNa7i8NoY0LwKY51yQ0BB9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:44 2025 by rpki-client