Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/R2xt-4l7LOWkYAPb659c4qsOeeg.roa
File: R2xt-4l7LOWkYAPb659c4qsOeeg.roa (raw, json)
Hash identifier: qH85YOVz5NYHk0Ko+sB99lXci0AP0pFPvCmh7c0a4UE=
Subject key identifier: 47:6C:6D:FB:89:7B:2C:E5:A4:60:03:DB:EB:9F:5C:E2:AB:0E:79:E8
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E8E
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/R2xt-4l7LOWkYAPb659c4qsOeeg.roa
Signing time: Mon 10 Feb 2025 14:16:30 +0000
ROA not before: Mon 10 Feb 2025 14:16:30 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9916
IP address blocks: 140.129.52.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3726 (0xe8e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:30 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=476C6DFB897B2CE5A46003DBEB9F5CE2AB0E79E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7c:62:b6:77:e8:67:84:b5:c8:70:c1:9a:ab:
52:43:2c:e9:70:c2:f4:ac:6c:9e:20:ee:ef:93:01:
45:91:d7:05:96:26:72:5e:d2:0b:42:d2:4c:9c:80:
a7:c4:12:ee:65:13:08:d9:c2:cb:9c:02:0e:75:7e:
8d:78:79:de:ad:ed:1f:be:97:ce:ac:2d:32:3f:f5:
dd:a0:b9:84:dd:45:24:cb:2a:1a:f7:b9:e3:34:14:
ca:fd:9b:fa:bb:e9:64:49:f7:68:79:ee:69:b5:ad:
bd:61:c8:7f:99:9b:17:80:4b:72:0e:e9:6a:4e:30:
1f:56:fb:c6:6e:23:b1:3d:77:c7:fe:50:a9:a7:d9:
06:e2:c7:29:a1:05:07:22:bc:cd:22:ed:b2:4c:e8:
f9:f2:62:19:6b:8d:e9:64:04:aa:ed:42:a2:70:87:
5d:ff:27:cf:86:91:45:ac:d7:0d:25:7e:9c:36:0f:
cb:15:0b:91:62:83:78:f8:8f:41:8f:7a:27:df:fc:
fb:91:22:b5:a7:f0:b0:1c:99:1d:c9:36:da:92:a8:
16:e5:56:f7:4f:50:45:96:1b:9e:a2:4d:03:9c:81:
51:f4:c8:a8:42:63:36:22:c0:9b:c3:b6:ac:b8:da:
b2:06:99:a6:0b:6c:d9:f5:04:c5:2a:af:c0:24:9f:
aa:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:6C:6D:FB:89:7B:2C:E5:A4:60:03:DB:EB:9F:5C:E2:AB:0E:79:E8
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/R2xt-4l7LOWkYAPb659c4qsOeeg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.52.0/22
Signature Algorithm: sha256WithRSAEncryption
56:73:f4:85:9d:2c:a1:ef:c5:38:aa:46:74:a2:05:9c:55:e2:
ed:89:d3:cb:02:4a:39:a4:42:fb:78:e2:64:17:7f:64:db:f7:
cc:c7:d7:f7:1c:e5:38:d2:54:d9:ff:f0:6a:d4:ca:0e:fb:97:
5d:bd:7b:46:41:99:f5:d2:27:b9:33:4d:9c:3e:0c:2e:d7:dd:
1e:23:11:de:62:c8:44:44:88:1f:b8:e8:2f:0c:48:ae:f2:22:
0b:df:75:3f:73:b0:3c:4f:c7:76:1c:2a:4c:d8:96:60:0b:cc:
0f:85:5a:fe:00:ab:07:2a:77:29:05:6b:10:27:a1:d5:f4:bc:
2a:7d:e5:c2:b0:f1:42:36:08:59:66:a7:bc:f1:9a:ef:75:0b:
64:12:4d:12:ee:78:a9:75:92:7f:ba:bf:0d:4c:a9:88:74:75:
e0:6f:87:da:78:3d:d9:d6:09:9f:87:bf:a0:19:a7:4e:5e:eb:
c2:a1:16:ae:41:84:96:be:4f:55:d5:4b:30:7e:d0:91:fc:13:
5b:17:17:d9:5a:04:8e:d2:23:cb:e3:0a:77:fa:91:ee:8c:e0:
3c:85:10:49:5f:fa:e4:9c:42:57:35:e3:1e:49:bc:38:32:bb:
f3:88:4d:1a:6a:9b:15:ef:69:33:7f:63:3a:a7:8b:e3:79:ab:
19:d7:b1:e5
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQ3NkM2REZCODk3QjJD
RTVBNDYwMDNEQkVCOUY1Q0UyQUIwRTc5RTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKfGK2d+hnhLXIcMGaq1JDLOlwwvSsbJ4g7u+TAUWR1wWWJnJe
0gtC0kycgKfEEu5lEwjZwsucAg51fo14ed6t7R++l86sLTI/9d2guYTdRSTLKhr3
ueM0FMr9m/q76WRJ92h57mm1rb1hyH+ZmxeAS3IO6WpOMB9W+8ZuI7E9d8f+UKmn
2QbixymhBQcivM0i7bJM6PnyYhlrjelkBKrtQqJwh13/J8+GkUWs1w0lfpw2D8sV
C5Fig3j4j0GPeiff/PuRIrWn8LAcmR3JNtqSqBblVvdPUEWWG56iTQOcgVH0yKhC
YzYiwJvDtqy42rIGmaYLbNn1BMUqr8Akn6qvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUR2xt+4l7LOWkYAPb659c4qsOeegwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9SMnh0LTRsN0xPV2tZQVBiNjU5
YzRxc09lZWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjIE0
MA0GCSqGSIb3DQEBCwUAA4IBAQBWc/SFnSyh78U4qkZ0ogWcVeLtidPLAko5pEL7
eOJkF39k2/fMx9f3HOU40lTZ//Bq1MoO+5ddvXtGQZn10ie5M02cPgwu190eIxHe
YshERIgfuOgvDEiu8iIL33U/c7A8T8d2HCpM2JZgC8wPhVr+AKsHKncpBWsQJ6HV
9LwqfeXCsPFCNghZZqe88ZrvdQtkEk0S7nipdZJ/ur8NTKmIdHXgb4faeD3Z1gmf
h7+gGadOXuvCoRauQYSWvk9V1UswftCR/BNbFxfZWgSO0iPL4wp3+pHujOA8hRBJ
X/rknEJXNeMeSbw4MrvziE0aapsV72kzf2M6p4vjeasZ17Hl
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:54 2025 by rpki-client