Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/MCGoJcjQPZMk_1A0M2w75UsEYJU.roa
File: MCGoJcjQPZMk_1A0M2w75UsEYJU.roa (raw, json)
Hash identifier: tiONKFQFsKLEW/1UovnGnS7T1Z4inM/YmD3YAcXLxVY=
Subject key identifier: 30:21:A8:25:C8:D0:3D:93:24:FF:50:34:33:6C:3B:E5:4B:04:60:95
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 0EF3
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/MCGoJcjQPZMk_1A0M2w75UsEYJU.roa
Signing time: Mon 10 Feb 2025 14:16:14 +0000
ROA not before: Mon 10 Feb 2025 14:16:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 1659
IP address blocks: 210.243.0.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3827 (0xef3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Feb 10 14:16:14 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3021A825C8D03D9324FF5034336C3BE54B046095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:88:18:e0:c0:c2:5e:47:62:e4:00:26:4a:a1:
12:47:45:5d:fc:5a:3d:23:3f:e9:0e:78:20:e3:a6:
aa:23:1c:96:7d:bb:a5:1f:2e:0c:25:96:14:87:09:
ba:42:95:c4:01:df:4a:04:60:43:72:68:8b:be:bf:
94:fb:65:ea:66:08:9b:aa:86:ee:05:af:a6:b6:3d:
05:31:59:ff:6f:5b:07:43:b9:55:31:c5:04:f7:8c:
f4:99:86:6f:99:4f:0b:71:fb:c9:88:2f:17:e4:46:
71:21:a8:ef:62:3f:9e:59:a1:0a:96:f0:27:6a:b8:
3d:9c:56:8b:ef:bd:27:21:ac:57:42:91:c2:4e:f9:
28:b0:d5:db:6a:4e:1f:db:13:fd:9c:5e:db:d7:3a:
5b:52:34:a6:bb:d9:45:cb:16:f5:38:3e:97:36:b2:
2e:27:a3:d3:3f:ac:7d:33:b9:e7:a9:cb:f5:26:50:
92:b8:fb:da:45:bb:a2:0e:70:f3:7e:c5:62:33:db:
da:0e:14:0e:13:dd:16:8e:fd:1e:79:ca:5a:e3:81:
ae:59:de:56:9c:65:53:33:fa:1f:dc:7d:78:db:02:
66:91:62:59:bc:68:bc:fc:1e:0a:c8:fc:36:db:71:
a1:8a:0e:9f:03:36:bd:87:21:c1:1e:d6:8b:da:7d:
03:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:21:A8:25:C8:D0:3D:93:24:FF:50:34:33:6C:3B:E5:4B:04:60:95
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/MCGoJcjQPZMk_1A0M2w75UsEYJU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.243.0.0/18
Signature Algorithm: sha256WithRSAEncryption
66:31:e1:82:75:e7:36:85:6f:e3:b3:fa:33:dc:29:ed:9d:3f:
a1:06:8a:68:c5:29:55:e6:45:23:9b:76:51:ea:1c:5e:31:5f:
8e:d4:7f:01:80:00:c6:ca:db:ca:43:cf:46:a1:58:80:d3:08:
4a:a0:45:1f:94:5a:72:f3:ec:fb:90:75:60:b0:5e:3c:33:74:
ee:47:29:c0:ee:4b:0a:2b:5a:91:d4:bb:09:59:c2:14:cf:39:
04:b1:6e:38:fe:c7:27:57:a6:9a:39:7d:1e:8b:7d:43:8d:7e:
07:d4:e7:6f:5c:93:54:b0:b8:53:38:49:80:ff:b2:75:fe:f0:
5f:c5:87:4c:8a:1c:f1:e7:b3:74:ed:96:dc:fb:54:73:38:d6:
db:65:60:83:23:4b:34:c8:16:b6:58:c4:a5:07:a3:bc:82:d4:
52:20:6b:f4:1d:f5:16:04:a4:87:20:5c:ed:0d:b4:19:60:cc:
dd:40:ee:71:57:91:f9:ea:f9:1c:d4:c4:c5:89:35:3b:2c:86:
2b:ce:d7:3c:53:84:66:05:17:44:66:52:67:5e:1f:18:aa:3a:
22:e9:94:f6:7d:7d:83:08:e3:eb:c5:21:7d:57:1a:d4:79:c6:
6d:e0:54:d7:fe:af:b3:cc:30:33:9c:11:ae:39:6c:6e:e7:11:
b4:29:72:07
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDvMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNTAyMTAx
NDE2MTRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMwMjFBODI1QzhEMDNE
OTMyNEZGNTAzNDMzNkMzQkU1NEIwNDYwOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZiBjgwMJeR2LkACZKoRJHRV38Wj0jP+kOeCDjpqojHJZ9u6Uf
LgwllhSHCbpClcQB30oEYENyaIu+v5T7ZepmCJuqhu4Fr6a2PQUxWf9vWwdDuVUx
xQT3jPSZhm+ZTwtx+8mILxfkRnEhqO9iP55ZoQqW8CdquD2cVovvvSchrFdCkcJO
+Siw1dtqTh/bE/2cXtvXOltSNKa72UXLFvU4Ppc2si4no9M/rH0zueepy/UmUJK4
+9pFu6IOcPN+xWIz29oOFA4T3RaO/R55ylrjga5Z3lacZVMz+h/cfXjbAmaRYlm8
aLz8HgrI/DbbcaGKDp8DNr2HIcEe1ovafQM3AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUMCGoJcjQPZMk/1A0M2w75UsEYJUwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9NQ0dvSmNqUVBaTWtfMUEwTTJ3
NzVVc0VZSlUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG0vMA
MA0GCSqGSIb3DQEBCwUAA4IBAQBmMeGCdec2hW/js/oz3CntnT+hBopoxSlV5kUj
m3ZR6hxeMV+O1H8BgADGytvKQ89GoViA0whKoEUflFpy8+z7kHVgsF48M3TuRynA
7ksKK1qR1LsJWcIUzzkEsW44/scnV6aaOX0ei31DjX4H1OdvXJNUsLhTOEmA/7J1
/vBfxYdMihzx57N07Zbc+1RzONbbZWCDI0s0yBa2WMSlB6O8gtRSIGv0HfUWBKSH
IFztDbQZYMzdQO5xV5H56vkc1MTFiTU7LIYrztc8U4RmBRdEZlJnXh8Yqjoi6ZT2
fX2DCOPrxSF9VxrUecZt4FTX/q+zzDAznBGuOWxu5xG0KXIH
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:39:04 2025 by rpki-client