Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/w1hqoYuVI7YhBtlEAfc4ViJ1ZUk.roa
File: w1hqoYuVI7YhBtlEAfc4ViJ1ZUk.roa (raw, json)
Hash identifier: pw1szmjskhsoerf3tBdT9CPLjMEJuScrYn1tEFRTy20=
Subject key identifier: C3:58:6A:A1:8B:95:23:B6:21:06:D9:44:01:F7:38:56:22:75:65:49
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E72
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/w1hqoYuVI7YhBtlEAfc4ViJ1ZUk.roa
Signing time: Mon 10 Feb 2025 14:16:22 +0000
ROA not before: Mon 10 Feb 2025 14:16:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 1659
IP address blocks: 140.128.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3698 (0xe72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:22 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C3586AA18B9523B62106D94401F7385622756549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:21:17:bb:34:7d:b6:7c:b4:4f:2d:49:c0:3c:
22:42:3e:a0:8c:a1:8d:44:43:9a:60:0e:09:a7:6b:
46:cd:b8:3d:36:88:69:c9:ce:d4:b1:b8:32:0f:6f:
ca:c4:7f:6f:0d:8a:26:73:37:c3:e2:b7:68:c9:de:
99:aa:89:e2:04:a8:db:40:a9:12:6a:d8:83:92:38:
4e:6f:f3:fe:d0:06:59:ba:de:f0:75:ba:97:cb:39:
00:8f:9a:79:20:94:a5:ff:43:3a:d5:03:7d:d0:0d:
2c:0e:ec:dc:6b:d1:55:d9:f7:fe:a4:d4:c7:55:fa:
f7:4a:a5:e1:13:ba:24:1b:11:29:bf:55:77:fe:55:
45:63:d6:9c:18:6d:60:95:b3:3f:40:c1:f4:f4:f3:
cb:3a:59:f9:53:f3:90:17:00:f3:28:15:73:97:8e:
ec:42:47:f5:44:01:77:3f:48:1f:a9:28:fb:c5:6b:
a4:74:8a:bb:6f:62:36:40:71:76:ec:65:73:4e:a5:
ce:d7:d3:68:15:4f:df:a7:28:19:63:0f:64:90:dc:
a2:ad:10:2d:3e:1e:1d:6c:d9:71:1d:bb:35:ee:45:
68:04:65:08:46:78:0a:45:ac:e6:c1:33:50:43:0a:
3e:c7:ef:a9:e9:17:95:55:35:ab:37:cd:81:7e:bf:
99:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:58:6A:A1:8B:95:23:B6:21:06:D9:44:01:F7:38:56:22:75:65:49
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/w1hqoYuVI7YhBtlEAfc4ViJ1ZUk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
13:9d:39:9e:b2:bd:8b:62:5b:f4:fa:ca:68:06:01:d7:be:ad:
43:3d:96:00:b0:ae:db:10:03:b6:ba:8a:da:aa:b3:a7:08:9a:
98:aa:19:28:3d:d3:78:41:48:a8:4d:7b:79:b3:b6:04:0b:94:
68:1c:a3:8f:07:56:99:9e:57:0d:a0:56:f4:8a:94:59:5f:55:
e9:ef:e5:1d:66:cd:d8:f8:b0:f4:6a:63:fb:38:4d:a2:ca:6b:
f8:10:11:92:a7:44:17:1d:51:c9:1d:04:82:47:14:7b:c5:a6:
6b:85:6f:c4:bd:ba:46:b4:c1:6f:38:a9:b0:46:ae:a6:09:65:
3d:06:cc:c4:36:f6:2e:3f:ac:f0:da:71:b8:f6:5c:1f:dc:e8:
9c:06:a4:9a:95:23:ff:6c:c0:ff:71:c9:ae:55:43:46:05:1a:
12:ca:5c:af:ed:52:b4:a4:9d:1c:f7:5e:03:d4:9b:72:54:f4:
4f:44:03:9d:67:cc:1a:4e:1b:54:b8:1f:2e:a4:bc:2f:ae:de:
c2:64:56:06:68:b3:88:f0:e9:5d:f1:e4:e9:4b:4e:20:c4:9c:
9c:d6:58:0f:30:34:c8:05:1f:3a:b6:89:f0:58:02:a9:76:31:
bd:96:1f:ad:a3:ea:22:7d:1f:40:a2:41:04:8c:c0:3e:2f:8d:
56:98:76:90
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDnIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMzNTg2QUExOEI5NTIz
QjYyMTA2RDk0NDAxRjczODU2MjI3NTY1NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzIRe7NH22fLRPLUnAPCJCPqCMoY1EQ5pgDgmna0bNuD02iGnJ
ztSxuDIPb8rEf28NiiZzN8Pit2jJ3pmqieIEqNtAqRJq2IOSOE5v8/7QBlm63vB1
upfLOQCPmnkglKX/QzrVA33QDSwO7Nxr0VXZ9/6k1MdV+vdKpeETuiQbESm/VXf+
VUVj1pwYbWCVsz9AwfT088s6WflT85AXAPMoFXOXjuxCR/VEAXc/SB+pKPvFa6R0
irtvYjZAcXbsZXNOpc7X02gVT9+nKBljD2SQ3KKtEC0+Hh1s2XEduzXuRWgEZQhG
eApFrObBM1BDCj7H76npF5VVNas3zYF+v5mLAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUw1hqoYuVI7YhBtlEAfc4ViJ1ZUkwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC93MWhxb1l1Vkk3WWhCdGxFQWZj
NFZpSjFaVWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjIAw
DQYJKoZIhvcNAQELBQADggEBABOdOZ6yvYtiW/T6ymgGAde+rUM9lgCwrtsQA7a6
itqqs6cImpiqGSg903hBSKhNe3mztgQLlGgco48HVpmeVw2gVvSKlFlfVenv5R1m
zdj4sPRqY/s4TaLKa/gQEZKnRBcdUckdBIJHFHvFpmuFb8S9uka0wW84qbBGrqYJ
ZT0GzMQ29i4/rPDacbj2XB/c6JwGpJqVI/9swP9xya5VQ0YFGhLKXK/tUrSknRz3
XgPUm3JU9E9EA51nzBpOG1S4Hy6kvC+u3sJkVgZos4jw6V3x5OlLTiDEnJzWWA8w
NMgFHzq2ifBYAql2Mb2WH62j6iJ9H0CiQQSMwD4vjVaYdpA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:19 2025 by rpki-client