Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TDC/dfQh84-XXXivkyJCR2EH_8r_u0c.roa
File: dfQh84-XXXivkyJCR2EH_8r_u0c.roa (raw, json)
Hash identifier: Lj3gIMWZS0IZJCI0qNzC9a0wjaqn4//4cFN5B1wI2O8=
Subject key identifier: 75:F4:21:F3:8F:97:5D:78:AF:93:22:42:47:61:07:FF:CA:FF:BB:47
Certificate issuer: /CN=063F818DACB171B835415ABD278993922F3CDC5D
Certificate serial: 01A7
Authority key identifier: 06:3F:81:8D:AC:B1:71:B8:35:41:5A:BD:27:89:93:92:2F:3C:DC:5D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Bj-Bjayxcbg1QVq9J4mTki883F0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TDC/dfQh84-XXXivkyJCR2EH_8r_u0c.roa
Signing time: Mon 10 Feb 2025 14:30:20 +0000
ROA not before: Mon 10 Feb 2025 14:30:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18041
IP address blocks: 2401:a60::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 423 (0x1a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=063F818DACB171B835415ABD278993922F3CDC5D
Validity
Not Before: Feb 10 14:30:20 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=75F421F38F975D78AF932242476107FFCAFFBB47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:63:4d:ff:98:91:f4:bd:ca:32:d8:c4:ae:10:
ee:56:f1:b5:51:3b:45:45:1c:d9:34:33:26:29:20:
c1:e8:14:e7:95:ad:01:74:ea:02:bc:64:dc:18:fa:
a6:f7:8d:fc:c4:c5:c6:26:ac:26:0d:be:d8:c0:f5:
cd:1f:76:80:29:bd:8a:25:1e:ae:d4:8c:74:5b:66:
2e:2e:0b:40:a8:97:69:b6:54:bf:09:29:e7:b1:62:
8a:0f:6b:e8:b9:c5:90:33:d2:7e:d2:5e:79:2e:d0:
5d:52:00:ed:e7:42:cf:8f:ce:7b:cb:a5:08:06:68:
9f:10:fb:7d:50:9d:09:66:e1:ee:0e:a1:3c:ad:cf:
e6:22:67:74:37:7d:48:5c:09:0c:34:b5:53:ed:ae:
d8:ef:a3:a1:0d:3d:66:85:67:aa:31:40:13:7a:85:
fc:21:65:78:ad:8d:b4:d3:92:80:00:65:b0:d2:3b:
eb:34:ed:36:d8:84:2c:1c:2c:6b:7b:a5:2a:b5:f3:
ef:2f:e7:16:41:af:9b:11:44:46:ba:55:80:b3:ad:
1e:9d:0a:39:c1:e1:d8:87:c4:2e:6f:5a:19:51:b8:
39:43:ef:de:ab:47:7f:b3:5f:0e:b7:e1:a1:e3:4b:
43:fa:a1:ef:cd:7c:1c:e1:6e:4c:4e:2e:6e:bf:1a:
d7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:F4:21:F3:8F:97:5D:78:AF:93:22:42:47:61:07:FF:CA:FF:BB:47
X509v3 Authority Key Identifier:
keyid:06:3F:81:8D:AC:B1:71:B8:35:41:5A:BD:27:89:93:92:2F:3C:DC:5D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TDC/Bj-Bjayxcbg1QVq9J4mTki883F0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Bj-Bjayxcbg1QVq9J4mTki883F0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TDC/dfQh84-XXXivkyJCR2EH_8r_u0c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:a60::/32
Signature Algorithm: sha256WithRSAEncryption
7c:f5:85:1e:78:d2:6a:6e:2a:7c:47:7f:8f:87:1d:d8:13:76:
64:e8:59:3d:62:93:b0:e3:3d:29:35:b2:6e:c5:75:3c:47:a0:
08:33:75:95:ca:86:64:e7:26:d7:a2:9b:69:cf:ec:60:c1:34:
97:e0:48:76:4e:8e:39:05:40:1f:0d:31:e1:14:fe:08:63:b5:
3d:a6:13:d7:f2:13:78:4e:d4:6e:9a:85:7e:b6:8e:4a:20:81:
41:43:e4:ee:95:19:b2:a9:02:ea:11:56:5c:6b:df:7c:b8:18:
92:d0:8c:84:1e:9c:1e:96:59:c5:3a:5b:41:8b:88:c5:96:1b:
eb:ae:a8:1d:7f:eb:be:0c:60:df:4a:1e:02:01:43:74:08:a7:
0d:38:db:b4:50:51:83:04:08:8c:40:95:d2:6f:88:1e:60:00:
75:fe:e4:2a:b2:a6:58:15:54:60:66:b4:1a:05:c6:99:4f:1f:
1a:6b:20:74:4e:7d:cc:39:4e:03:a3:98:e7:35:e4:55:3b:76:
5e:96:9c:54:c2:ea:30:fe:5a:ec:84:4e:cc:b8:54:2f:c7:51:
2e:ed:d7:2b:fd:46:16:a4:22:30:be:6a:0a:f1:bb:1a:15:2a:
52:cd:9c:a3:2d:ae:e2:f9:78:0e:78:9f:bd:a2:19:fe:86:a4:
d4:d5:03:f4
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAacwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDYz
RjgxOERBQ0IxNzFCODM1NDE1QUJEMjc4OTkzOTIyRjNDREM1RDAeFw0yNTAyMTAx
NDMwMjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDc1RjQyMUYzOEY5NzVE
NzhBRjkzMjI0MjQ3NjEwN0ZGQ0FGRkJCNDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOY03/mJH0vcoy2MSuEO5W8bVRO0VFHNk0MyYpIMHoFOeVrQF0
6gK8ZNwY+qb3jfzExcYmrCYNvtjA9c0fdoApvYolHq7UjHRbZi4uC0Col2m2VL8J
KeexYooPa+i5xZAz0n7SXnku0F1SAO3nQs+PznvLpQgGaJ8Q+31QnQlm4e4OoTyt
z+YiZ3Q3fUhcCQw0tVPtrtjvo6ENPWaFZ6oxQBN6hfwhZXitjbTTkoAAZbDSO+s0
7TbYhCwcLGt7pSq18+8v5xZBr5sRREa6VYCzrR6dCjnB4diHxC5vWhlRuDlD796r
R3+zXw634aHjS0P6oe/NfBzhbkxOLm6/GtfhAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUdfQh84+XXXivkyJCR2EH/8r/u0cwHwYDVR0jBBgwFoAUBj+Bjayxcbg1QVq9
J4mTki883F0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVERDL0Jq
LUJqYXl4Y2JnMVFWcTlKNG1Ua2k4ODNGMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
QmotQmpheXhjYmcxUVZxOUo0bVRraTg4M0YwLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVERDL2RmUWg4NC1YWFhpdmt5SkNSMkVIXzhy
X3UwYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAQpgMA0G
CSqGSIb3DQEBCwUAA4IBAQB89YUeeNJqbip8R3+Phx3YE3Zk6Fk9YpOw4z0pNbJu
xXU8R6AIM3WVyoZk5ybXoptpz+xgwTSX4Eh2To45BUAfDTHhFP4IY7U9phPX8hN4
TtRumoV+to5KIIFBQ+TulRmyqQLqEVZca998uBiS0IyEHpwellnFOltBi4jFlhvr
rqgdf+u+DGDfSh4CAUN0CKcNONu0UFGDBAiMQJXSb4geYAB1/uQqsqZYFVRgZrQa
BcaZTx8aayB0Tn3MOU4Do5jnNeRVO3ZelpxUwuow/lrshE7MuFQvx1Eu7dcr/UYW
pCIwvmoK8bsaFSpSzZyjLa7i+XgOeJ+9ohn+hqTU1QP0
-----END CERTIFICATE-----
Generated at Wed Feb 19 20:43:27 2025 by rpki-client