Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/YJcE9qekH3X7hL3idLmF5GI4eFw.roa
File: YJcE9qekH3X7hL3idLmF5GI4eFw.roa (raw, json)
Hash identifier: 3TW9yXHFD3VgKOkaCP/ZZ3BhDVB+JkLbmN6WIaegxCs=
Subject key identifier: 60:97:04:F6:A7:A4:1F:75:FB:84:BD:E2:74:B9:85:E4:62:38:78:5C
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E8A
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/YJcE9qekH3X7hL3idLmF5GI4eFw.roa
Signing time: Mon 10 Feb 2025 14:16:29 +0000
ROA not before: Mon 10 Feb 2025 14:16:29 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9916
IP address blocks: 140.129.80.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3722 (0xe8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:29 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=609704F6A7A41F75FB84BDE274B985E46238785C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:3e:7e:63:da:39:9c:a5:50:9f:b0:8e:61:ea:
f8:b8:40:6a:ea:b4:75:3a:e5:d4:bb:a5:e7:2d:c5:
ff:f2:c4:5f:8f:25:77:2d:31:28:bb:c7:96:4a:1c:
b5:6d:ba:e0:3d:2e:6e:16:d7:ab:be:ba:70:c1:7d:
a9:9c:19:c3:2f:d0:62:77:ad:dc:c5:cf:7e:40:98:
9b:1c:04:5d:b5:0d:c6:38:01:e3:ba:38:b9:1f:74:
3c:27:d9:7b:b8:3b:4f:52:8d:ca:31:c0:9d:a3:4c:
96:85:00:6f:fb:e5:28:ac:57:a1:d8:e2:e4:f1:1a:
39:e8:fe:d0:f5:fb:07:b5:35:e9:80:12:85:40:65:
33:f2:4d:39:f2:88:17:be:6e:af:49:eb:12:1e:0a:
d2:cb:82:0c:dd:20:99:c1:ae:4d:05:a4:0d:87:75:
52:40:07:1e:2c:19:60:42:7f:b6:ed:db:b8:34:9f:
d7:cc:97:a8:77:d8:d9:41:df:4e:5d:3b:b0:6a:1d:
9a:53:3a:87:3b:5b:f0:9a:fa:4b:6b:ee:f0:6f:e3:
9d:14:68:1e:c0:86:a6:3d:30:c6:f0:6c:84:9f:55:
62:40:c1:e0:86:4f:32:c7:af:94:3d:fb:61:54:61:
35:00:6f:d9:78:84:57:79:36:f2:08:e1:0b:d9:57:
27:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:97:04:F6:A7:A4:1F:75:FB:84:BD:E2:74:B9:85:E4:62:38:78:5C
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/YJcE9qekH3X7hL3idLmF5GI4eFw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.80.0/24
Signature Algorithm: sha256WithRSAEncryption
63:43:a5:dd:69:81:fd:ba:8d:57:87:ba:b4:51:c5:28:07:2d:
e2:ce:85:85:21:dc:b7:de:56:bd:5f:9c:5f:d9:01:9b:03:4c:
0a:12:39:5a:eb:bb:c3:57:b0:ba:49:3a:3e:88:40:b8:f9:8f:
a9:e2:55:c9:32:bd:4d:6c:c7:46:70:c1:31:5c:31:cd:d7:f8:
0c:7c:d1:27:15:d8:8e:e6:cb:c5:66:6b:69:c9:eb:69:3c:62:
0e:d0:85:75:04:e1:1a:77:f0:8d:8f:d9:e0:fd:8d:b8:fb:7e:
e6:f3:45:b7:88:ba:c6:fb:b3:a2:e3:37:eb:be:7a:53:8d:6d:
7d:a9:b4:71:ab:68:63:f9:69:df:1e:f5:90:14:2c:fe:5a:31:
f3:57:c1:eb:42:43:e2:e3:c6:74:3a:1e:26:44:ba:58:93:af:
86:a3:79:66:24:a5:08:43:54:c2:3a:f1:77:ba:6c:08:f5:37:
d4:af:45:10:46:e5:34:69:23:c6:1f:4b:34:63:67:56:62:ad:
ff:61:f7:cd:8a:93:7e:81:86:a6:d6:0e:de:21:90:c1:84:be:
a0:df:e2:f2:5a:b3:8a:3a:d7:fa:97:27:5d:f7:84:9a:12:a4:
d0:23:a4:5a:f6:ba:33:54:3a:67:63:f7:1d:4b:5a:14:93:3b:
71:a6:c2:cd
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDYwOTcwNEY2QTdBNDFG
NzVGQjg0QkRFMjc0Qjk4NUU0NjIzODc4NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfPn5j2jmcpVCfsI5h6vi4QGrqtHU65dS7pectxf/yxF+PJXct
MSi7x5ZKHLVtuuA9Lm4W16u+unDBfamcGcMv0GJ3rdzFz35AmJscBF21DcY4AeO6
OLkfdDwn2Xu4O09SjcoxwJ2jTJaFAG/75SisV6HY4uTxGjno/tD1+we1NemAEoVA
ZTPyTTnyiBe+bq9J6xIeCtLLggzdIJnBrk0FpA2HdVJABx4sGWBCf7bt27g0n9fM
l6h32NlB305dO7BqHZpTOoc7W/Ca+ktr7vBv450UaB7AhqY9MMbwbISfVWJAweCG
TzLHr5Q9+2FUYTUAb9l4hFd5NvII4QvZVyeVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUYJcE9qekH3X7hL3idLmF5GI4eFwwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9ZSmNFOXFla0gzWDdoTDNpZExt
RjVHSTRlRncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjIFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBjQ6XdaYH9uo1Xh7q0UcUoBy3izoWFIdy33la9
X5xf2QGbA0wKEjla67vDV7C6STo+iEC4+Y+p4lXJMr1NbMdGcMExXDHN1/gMfNEn
FdiO5svFZmtpyetpPGIO0IV1BOEad/CNj9ng/Y24+37m80W3iLrG+7Oi4zfrvnpT
jW19qbRxq2hj+WnfHvWQFCz+WjHzV8HrQkPi48Z0Oh4mRLpYk6+Go3lmJKUIQ1TC
OvF3umwI9TfUr0UQRuU0aSPGH0s0Y2dWYq3/YffNipN+gYam1g7eIZDBhL6g3+Ly
WrOKOtf6lydd94SaEqTQI6Ra9rozVDpnY/cdS1oUkztxpsLN
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:35 2025 by rpki-client