Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/zKmNRqsGMiMbd0qEa7cCND3jOr0.roa
File: zKmNRqsGMiMbd0qEa7cCND3jOr0.roa (raw, json)
Hash identifier: 8OvWtYKf2e/wYj1W3zNJXz77pbvz06OJyh0zBDxA+Hc=
Subject key identifier: CC:A9:8D:46:AB:06:32:23:1B:77:4A:84:6B:B7:02:34:3D:E3:3A:BD
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E7F
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/zKmNRqsGMiMbd0qEa7cCND3jOr0.roa
Signing time: Mon 10 Feb 2025 14:16:26 +0000
ROA not before: Mon 10 Feb 2025 14:16:26 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9264
IP address blocks: 140.109.0.0/16 maxlen: 16
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3711 (0xe7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:26 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CCA98D46AB0632231B774A846BB702343DE33ABD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:df:d0:cd:f4:bd:79:7b:77:35:07:be:2d:70:
ab:d5:cb:58:5f:46:43:5b:2f:f9:83:6b:a2:73:44:
b4:bb:61:58:d3:1a:24:d1:eb:15:12:7c:b0:74:90:
be:c9:22:d4:13:11:44:27:2f:d7:e1:15:86:b2:64:
17:67:2c:00:92:eb:fe:08:6f:94:12:51:28:19:82:
a8:8b:12:db:3d:79:5f:82:9c:ce:f2:70:46:c0:51:
d9:f6:67:6a:e7:54:a5:a0:3c:c5:6e:38:0c:32:a7:
64:7d:79:d8:7e:81:94:e1:a7:18:88:bb:f4:79:a8:
45:45:ae:8b:68:0a:39:9f:76:6f:f6:e1:50:7e:d6:
7f:6c:d8:19:02:e7:26:a5:9f:67:4a:4e:05:36:da:
a0:bb:cb:83:fb:02:e2:dd:19:c0:dd:c8:fe:bf:e7:
8a:ba:d9:65:7f:58:15:e9:bc:71:15:c3:c7:ff:4e:
b8:d6:fa:80:8e:d1:b0:5f:94:64:71:a1:06:f4:45:
0c:75:2e:40:2c:61:9d:62:0a:93:92:f5:34:46:73:
ef:33:58:54:47:2c:24:40:79:5f:14:0f:57:a1:95:
7a:01:1d:f3:bc:31:37:ad:a0:8d:0d:24:a0:08:8f:
9a:b2:ad:d4:a2:cb:6b:b0:fa:9e:5d:b5:c8:2e:e0:
cf:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A9:8D:46:AB:06:32:23:1B:77:4A:84:6B:B7:02:34:3D:E3:3A:BD
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/zKmNRqsGMiMbd0qEa7cCND3jOr0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.109.0.0/16
Signature Algorithm: sha256WithRSAEncryption
99:53:b4:47:63:56:1f:59:fa:bb:68:b6:f6:0f:92:91:cb:32:
1c:8a:61:92:15:d8:1d:d6:82:63:d9:9b:35:7b:78:34:82:7f:
30:c8:63:d8:20:a6:e3:90:d2:90:a2:08:7e:e7:31:0e:b4:85:
b9:07:bd:d7:29:26:95:13:6c:9c:f0:9a:83:79:de:2b:5c:11:
a0:ec:f8:fe:1f:46:ae:9b:5c:6d:7b:4a:64:1a:d7:26:4a:79:
cf:24:e6:c3:92:51:fb:fa:54:d5:62:11:71:69:5c:d0:e0:88:
47:df:c6:2e:46:2f:c9:9b:46:00:50:31:01:f6:b4:57:fe:0a:
86:7d:f6:3a:a5:1b:e6:39:e0:f6:96:4b:f8:9b:63:b3:41:74:
3e:59:a1:86:dd:d9:26:77:60:ac:fd:22:05:85:41:15:5b:70:
b8:f1:35:2a:99:77:8d:d3:b8:54:6e:0a:d6:21:77:e8:70:bf:
25:b3:7f:4e:f4:45:a3:d8:57:4b:40:c1:3b:47:a9:13:08:56:
54:5b:c3:41:82:14:0c:6d:a4:cf:02:50:76:64:d3:66:1a:23:
fa:40:4d:c2:b4:37:28:e9:24:81:b0:2d:a1:07:d4:25:86:8f:
a6:25:fe:7c:9c:b7:7f:c6:aa:16:87:ea:ce:52:03:c2:60:d0:
b3:97:2f:c9
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDn8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENDQTk4RDQ2QUIwNjMy
MjMxQjc3NEE4NDZCQjcwMjM0M0RFMzNBQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC439DN9L15e3c1B74tcKvVy1hfRkNbL/mDa6JzRLS7YVjTGiTR
6xUSfLB0kL7JItQTEUQnL9fhFYayZBdnLACS6/4Ib5QSUSgZgqiLEts9eV+CnM7y
cEbAUdn2Z2rnVKWgPMVuOAwyp2R9edh+gZThpxiIu/R5qEVFrotoCjmfdm/24VB+
1n9s2BkC5yaln2dKTgU22qC7y4P7AuLdGcDdyP6/54q62WV/WBXpvHEVw8f/TrjW
+oCO0bBflGRxoQb0RQx1LkAsYZ1iCpOS9TRGc+8zWFRHLCRAeV8UD1ehlXoBHfO8
MTetoI0NJKAIj5qyrdSiy2uw+p5dtcgu4M9TAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUzKmNRqsGMiMbd0qEa7cCND3jOr0wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC96S21OUnFzR01pTWJkMHFFYTdj
Q05EM2pPcjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjG0w
DQYJKoZIhvcNAQELBQADggEBAJlTtEdjVh9Z+rtotvYPkpHLMhyKYZIV2B3WgmPZ
mzV7eDSCfzDIY9ggpuOQ0pCiCH7nMQ60hbkHvdcpJpUTbJzwmoN53itcEaDs+P4f
Rq6bXG17SmQa1yZKec8k5sOSUfv6VNViEXFpXNDgiEffxi5GL8mbRgBQMQH2tFf+
CoZ99jqlG+Y54PaWS/ibY7NBdD5ZoYbd2SZ3YKz9IgWFQRVbcLjxNSqZd43TuFRu
CtYhd+hwvyWzf070RaPYV0tAwTtHqRMIVlRbw0GCFAxtpM8CUHZk02YaI/pATcK0
NyjpJIGwLaEH1CWGj6Yl/nyct3/GqhaH6s5SA8Jg0LOXL8k=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:45 2025 by rpki-client