Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/iyXlY5w3q6QagdNuSWCMY0ILxEA.roa
File: iyXlY5w3q6QagdNuSWCMY0ILxEA.roa (raw, json)
Hash identifier: +zNuGTPFGuxzbxCQLouWzh3FvokQ229cRSde4OaZsA0=
Subject key identifier: 8B:25:E5:63:9C:37:AB:A4:1A:81:D3:6E:49:60:8C:63:42:0B:C4:40
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E7B
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/iyXlY5w3q6QagdNuSWCMY0ILxEA.roa
Signing time: Mon 10 Feb 2025 14:16:24 +0000
ROA not before: Mon 10 Feb 2025 14:16:24 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38844
IP address blocks: 140.122.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3707 (0xe7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:24 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8B25E5639C37ABA41A81D36E49608C63420BC440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:41:10:05:3b:77:ae:bc:a8:4a:0f:ed:f5:a7:
5a:1a:b7:5e:d3:3d:fb:3d:bd:f8:a4:74:f5:e0:db:
8e:b0:7e:93:c8:00:19:30:d2:a8:16:8a:96:76:cf:
6b:1d:95:10:4e:42:fd:3b:11:41:5c:5d:d1:16:8f:
34:f2:2b:3c:28:bd:62:00:30:f9:a1:2e:97:39:7e:
d9:af:91:04:e9:73:b0:ae:4b:f0:88:97:e3:c1:c0:
3e:09:64:fd:ca:f1:8a:07:bc:c1:50:50:9d:a1:97:
39:df:c9:ee:97:da:cc:b7:7a:41:e9:0f:48:d0:be:
94:56:71:f7:2b:07:dc:84:6c:8b:64:e0:35:3d:2a:
57:a4:97:43:3e:e1:1d:69:e7:72:35:e4:e2:98:73:
ea:63:c6:df:e2:97:53:06:c0:ca:8b:33:42:a9:65:
ad:d4:aa:05:ec:a0:52:5c:bf:92:df:17:95:26:d7:
91:bf:63:36:5c:eb:9e:83:78:69:e6:c4:cc:1e:d0:
74:44:62:8a:7f:2b:78:5b:b1:cc:92:87:20:b1:91:
db:ad:46:6a:01:fa:46:0a:5a:48:3d:ad:1f:97:61:
af:7e:c4:e4:a0:b4:4c:ae:7a:6f:d3:e3:2a:8f:f1:
ff:33:4d:67:36:c8:d6:d5:81:2f:b8:65:fe:a4:2e:
e9:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:25:E5:63:9C:37:AB:A4:1A:81:D3:6E:49:60:8C:63:42:0B:C4:40
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/iyXlY5w3q6QagdNuSWCMY0ILxEA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.122.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0a:7c:44:af:ed:00:3b:e0:31:25:21:27:7f:42:7e:ec:a4:b4:
c9:e6:15:cf:3b:20:75:b5:0f:2d:f4:73:07:9d:bd:7f:e0:14:
19:8a:b7:e8:17:4a:30:07:6d:da:2a:fa:8d:e0:c9:2a:99:7d:
98:a8:53:77:66:ec:e8:2b:7b:bd:b4:d0:00:be:42:9a:8a:75:
80:03:54:25:83:b5:54:b0:70:2c:54:f6:af:2e:be:78:87:9f:
72:bd:9f:dd:0a:bb:cf:22:80:c5:e2:1e:a3:72:d1:6f:b6:c1:
c5:b4:20:fb:de:51:29:cd:82:79:04:36:c8:13:58:09:f9:d0:
bb:db:d1:00:9e:9c:75:17:d9:c2:3d:52:16:9f:d2:ed:77:56:
10:4d:06:1b:a0:43:70:78:6c:e6:fb:65:27:86:ca:d5:ec:ba:
8d:0c:20:7a:6d:a0:50:be:fc:bd:38:ca:eb:ed:70:d7:e6:ae:
6f:b3:7c:c3:0b:ad:4c:9c:8f:8e:a2:39:95:ae:90:39:c1:99:
d7:6f:d5:cc:e6:33:35:8c:fb:24:98:02:3e:69:3b:73:31:9b:
75:6a:7b:ca:17:87:71:1d:dc:11:5a:31:a2:ff:61:fa:b9:4c:
e7:60:db:1b:d1:ab:34:cc:92:16:35:2b:01:e1:da:ae:97:ea:
48:b6:da:7b
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDhCMjVFNTYzOUMzN0FC
QTQxQTgxRDM2RTQ5NjA4QzYzNDIwQkM0NDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTQRAFO3euvKhKD+31p1oat17TPfs9vfikdPXg246wfpPIABkw
0qgWipZ2z2sdlRBOQv07EUFcXdEWjzTyKzwovWIAMPmhLpc5ftmvkQTpc7CuS/CI
l+PBwD4JZP3K8YoHvMFQUJ2hlznfye6X2sy3ekHpD0jQvpRWcfcrB9yEbItk4DU9
Klekl0M+4R1p53I15OKYc+pjxt/il1MGwMqLM0KpZa3UqgXsoFJcv5LfF5Um15G/
YzZc656DeGnmxMwe0HREYop/K3hbscyShyCxkdutRmoB+kYKWkg9rR+XYa9+xOSg
tEyuem/T4yqP8f8zTWc2yNbVgS+4Zf6kLukLAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUiyXlY5w3q6QagdNuSWCMY0ILxEAwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9peVhsWTV3M3E2UWFnZE51U1dD
TVkwSUx4RUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjHow
DQYJKoZIhvcNAQELBQADggEBAAp8RK/tADvgMSUhJ39CfuyktMnmFc87IHW1Dy30
cwedvX/gFBmKt+gXSjAHbdoq+o3gySqZfZioU3dm7Ogre7200AC+QpqKdYADVCWD
tVSwcCxU9q8uvniHn3K9n90Ku88igMXiHqNy0W+2wcW0IPveUSnNgnkENsgTWAn5
0Lvb0QCenHUX2cI9Uhaf0u13VhBNBhugQ3B4bOb7ZSeGytXsuo0MIHptoFC+/L04
yuvtcNfmrm+zfMMLrUycj46iOZWukDnBmddv1czmMzWM+ySYAj5pO3Mxm3Vqe8oX
h3Ed3BFaMaL/Yfq5TOdg2xvRqzTMkhY1KwHh2q6X6ki22ns=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:11 2025 by rpki-client