Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/oKZ1Hm6xxFr1DFtMlOwvDt8TLUk.roa
File: oKZ1Hm6xxFr1DFtMlOwvDt8TLUk.roa (raw, json)
Hash identifier: wL0alKVV/zRFBCmOjzOjYkjgrhSs8AReRZuA5uVcYOI=
Subject key identifier: A0:A6:75:1E:6E:B1:C4:5A:F5:0C:5B:4C:94:EC:2F:0E:DF:13:2D:49
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E8B
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/oKZ1Hm6xxFr1DFtMlOwvDt8TLUk.roa
Signing time: Mon 10 Feb 2025 14:16:29 +0000
ROA not before: Mon 10 Feb 2025 14:16:29 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38845
IP address blocks: 140.136.0.0/16 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3723 (0xe8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:29 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A0A6751E6EB1C45AF50C5B4C94EC2F0EDF132D49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:04:ed:4a:08:e4:25:93:a5:df:bb:5d:a1:96:
56:1c:35:27:e5:54:17:5b:6c:2b:95:ff:e4:b5:24:
65:d5:20:41:03:e3:73:a4:dd:56:19:f1:4d:43:de:
34:0b:19:7d:0e:e2:8b:8c:72:f8:b0:14:3a:e9:af:
10:dd:f7:83:3a:be:97:58:1a:7c:0c:64:53:d1:dd:
25:17:f4:12:ad:d4:f5:42:31:ec:a8:2d:da:64:46:
1c:ca:54:e4:8a:a2:e7:4d:fb:32:f2:ef:63:cc:04:
b2:aa:9b:36:f2:39:96:95:90:9c:b7:7c:14:60:43:
a7:ce:02:88:33:5a:4b:68:08:4d:e2:6a:7d:27:25:
c5:c8:a8:42:1d:dd:7e:a0:15:33:2c:a0:fb:a0:05:
aa:64:8a:89:fc:c0:11:f5:dc:41:7d:8d:ff:9d:7f:
83:70:dc:a6:51:74:36:6c:02:f8:33:5a:0b:c2:48:
37:c1:7b:5e:a7:94:d9:8c:ab:c6:f3:44:f0:c9:f7:
d0:8d:49:41:00:df:6a:9a:be:69:8f:96:ad:54:14:
18:04:b0:a0:75:09:80:0d:f6:11:cb:b5:ae:ee:de:
54:26:4f:22:8b:6c:92:6b:95:24:be:31:46:07:c6:
89:3b:73:a1:38:5c:8d:59:7f:3b:48:5e:3b:ab:ab:
36:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:A6:75:1E:6E:B1:C4:5A:F5:0C:5B:4C:94:EC:2F:0E:DF:13:2D:49
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/oKZ1Hm6xxFr1DFtMlOwvDt8TLUk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.136.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7d:7f:0c:1a:1d:7a:63:85:2f:24:d9:9f:7b:95:4f:d5:48:38:
d1:39:a4:93:a3:3e:fb:d4:01:d3:0b:5c:99:ca:f9:d2:4f:de:
68:4e:4d:f8:f4:b9:77:af:cd:e8:6e:9c:06:62:1b:85:b2:5e:
bd:bd:37:9d:05:28:a2:74:b7:b6:cb:07:cf:8f:3d:ef:af:33:
0e:8f:d4:78:8a:bc:0a:91:d8:15:67:9d:e6:47:d5:7e:9e:eb:
5d:5c:11:29:2d:4e:45:08:63:2e:c3:96:28:48:f1:01:37:77:
fe:69:0a:e3:74:8a:db:c0:85:cd:87:6e:80:93:b0:99:ce:d4:
04:97:12:ca:95:4e:57:47:d1:a2:cb:91:39:60:79:f1:1a:f2:
28:44:e3:73:10:a2:6d:3f:bc:b7:c7:4f:fa:00:c7:a7:40:0c:
c8:a6:3b:0f:48:98:1f:c3:c2:62:fb:47:0f:61:0e:a8:8a:92:
0b:f2:02:40:25:ef:48:1e:b5:46:70:7c:ea:42:59:70:dc:83:
d2:10:4c:42:b9:a4:e6:87:22:ec:7a:60:16:00:22:89:0a:e0:
cb:d8:f7:61:e5:89:8e:2c:65:a5:4f:a3:59:c0:35:66:9a:63:
a6:fe:3a:3b:90:ea:63:ad:1d:e7:26:a2:38:08:9b:18:7c:4e:
b9:18:1f:36
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDoswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEwQTY3NTFFNkVCMUM0
NUFGNTBDNUI0Qzk0RUMyRjBFREYxMzJENDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpBO1KCOQlk6Xfu12hllYcNSflVBdbbCuV/+S1JGXVIEED43Ok
3VYZ8U1D3jQLGX0O4ouMcviwFDrprxDd94M6vpdYGnwMZFPR3SUX9BKt1PVCMeyo
LdpkRhzKVOSKoudN+zLy72PMBLKqmzbyOZaVkJy3fBRgQ6fOAogzWktoCE3ian0n
JcXIqEId3X6gFTMsoPugBapkion8wBH13EF9jf+df4Nw3KZRdDZsAvgzWgvCSDfB
e16nlNmMq8bzRPDJ99CNSUEA32qavmmPlq1UFBgEsKB1CYAN9hHLta7u3lQmTyKL
bJJrlSS+MUYHxok7c6E4XI1ZfztIXjurqzaPAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUoKZ1Hm6xxFr1DFtMlOwvDt8TLUkwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9vS1oxSG02eHhGcjFERnRNbE93
dkR0OFRMVWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjIgw
DQYJKoZIhvcNAQELBQADggEBAH1/DBodemOFLyTZn3uVT9VIONE5pJOjPvvUAdML
XJnK+dJP3mhOTfj0uXevzehunAZiG4WyXr29N50FKKJ0t7bLB8+PPe+vMw6P1HiK
vAqR2BVnneZH1X6e611cESktTkUIYy7DlihI8QE3d/5pCuN0itvAhc2HboCTsJnO
1ASXEsqVTldH0aLLkTlgefEa8ihE43MQom0/vLfHT/oAx6dADMimOw9ImB/DwmL7
Rw9hDqiKkgvyAkAl70getUZwfOpCWXDcg9IQTEK5pOaHIux6YBYAIokK4MvY92Hl
iY4sZaVPo1nANWaaY6b+OjuQ6mOtHecmojgImxh8TrkYHzY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:10 2025 by rpki-client