Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/opqsMlfox4AqcCgNt4KijB6o_r4.roa
File: opqsMlfox4AqcCgNt4KijB6o_r4.roa (raw, json)
Hash identifier: RCwoGDqpjCPRGSX93tQjmS9rha0E5FY1iUChMNag+4w=
Subject key identifier: A2:9A:AC:32:57:E8:C7:80:2A:70:28:0D:B7:82:A2:8C:1E:A8:FE:BE
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0C5C
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/opqsMlfox4AqcCgNt4KijB6o_r4.roa
Signing time: Mon 26 Aug 2024 05:28:00 +0000
ROA not before: Mon 26 Aug 2024 05:28:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38254
IP address blocks: 2403:7f40:e000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3164 (0xc5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Aug 26 05:28:00 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A29AAC3257E8C7802A70280DB782A28C1EA8FEBE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:be:40:74:e4:88:2a:7d:71:6f:c4:c0:2e:6a:
5f:6b:7c:a8:fa:9d:7c:1e:ac:55:37:2f:c1:b6:6f:
a7:3f:37:11:c6:07:ee:71:ba:04:18:ad:0c:84:86:
9e:fa:25:26:4a:d4:02:05:65:53:52:90:87:4f:4a:
59:13:f9:66:ad:2a:0a:e8:b2:2f:d8:fe:ed:83:6b:
04:4b:36:99:b6:5e:c0:6a:c0:71:76:99:ef:c0:de:
f2:47:e5:79:c8:b3:af:8c:95:7b:a2:08:08:4d:08:
06:05:0e:d2:96:ca:9d:dd:42:a1:cb:18:a9:b2:36:
05:b5:58:46:b6:46:8f:ba:b9:25:31:a1:0b:24:fc:
e5:30:47:68:94:f3:78:76:75:0a:51:0d:f7:4b:d4:
b0:81:50:84:52:13:91:20:70:e1:63:04:45:7d:db:
04:3d:f1:20:82:7d:66:e6:01:d5:93:89:75:25:09:
8b:50:6d:6a:b4:ee:86:03:f2:30:84:db:c3:ea:67:
92:8d:d2:33:eb:af:cf:6b:ce:39:b1:7d:ab:6d:ad:
92:00:37:3f:6b:e2:ba:38:54:ff:4d:cd:08:35:c9:
e7:82:d6:ca:46:bf:66:32:7e:68:fa:9b:19:49:17:
70:89:59:ef:8f:b5:ff:37:61:10:43:15:5c:29:97:
84:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9A:AC:32:57:E8:C7:80:2A:70:28:0D:B7:82:A2:8C:1E:A8:FE:BE
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/opqsMlfox4AqcCgNt4KijB6o_r4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:e000::/48
Signature Algorithm: sha256WithRSAEncryption
2d:aa:11:58:97:29:40:ac:21:6c:08:cf:e7:3c:bc:92:10:04:
d9:b4:ae:d1:3c:22:67:e4:20:5d:ea:17:e0:c5:b0:8d:e0:10:
ef:62:f0:1c:f2:8a:c6:0d:05:e2:23:b9:8d:7f:5b:51:23:24:
37:e6:07:b4:65:3d:88:25:a3:ba:af:b6:d8:3c:44:35:3b:51:
1a:28:fe:ad:88:55:e6:ea:48:84:28:6b:f7:0f:da:5a:37:4b:
c0:d4:b3:9d:8c:e5:af:6a:75:82:cc:96:99:a5:ad:ca:51:1e:
0f:f0:c3:b3:90:68:61:d1:58:dc:ad:85:ca:6f:29:05:14:41:
d8:f2:75:9e:77:39:62:62:25:22:3a:d9:a3:1a:65:0a:64:10:
d0:c2:a2:b2:7a:cd:84:32:ef:d9:79:71:78:a9:60:66:34:d3:
06:25:15:31:57:70:50:ce:3b:9f:a1:99:09:c6:26:af:d5:90:
cc:f9:77:62:c3:b0:e4:99:35:de:17:49:c3:10:67:99:21:28:
7d:09:1b:ae:38:9d:bd:b3:ac:1d:bb:65:fd:56:1b:cf:55:2e:
ef:b6:3b:0e:c9:ba:cf:04:82:ef:46:6d:64:05:45:0b:bd:69:
77:07:c9:06:01:b9:f7:80:9a:d6:01:b5:fc:b1:e8:49:90:42:
23:a0:dc:69
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDFwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNDA4MjYw
NTI4MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEyOUFBQzMyNTdFOEM3
ODAyQTcwMjgwREI3ODJBMjhDMUVBOEZFQkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDvkB05IgqfXFvxMAual9rfKj6nXwerFU3L8G2b6c/NxHGB+5x
ugQYrQyEhp76JSZK1AIFZVNSkIdPSlkT+WatKgrosi/Y/u2DawRLNpm2XsBqwHF2
me/A3vJH5XnIs6+MlXuiCAhNCAYFDtKWyp3dQqHLGKmyNgW1WEa2Ro+6uSUxoQsk
/OUwR2iU83h2dQpRDfdL1LCBUIRSE5EgcOFjBEV92wQ98SCCfWbmAdWTiXUlCYtQ
bWq07oYD8jCE28PqZ5KN0jPrr89rzjmxfattrZIANz9r4ro4VP9NzQg1yeeC1spG
v2Yyfmj6mxlJF3CJWe+Ptf83YRBDFVwpl4SNAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUopqsMlfox4AqcCgNt4KijB6o/r4wHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL29wcXNNbGZveDRBcWNDZ050NEtpakI2
b19yNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A4AAw
DQYJKoZIhvcNAQELBQADggEBAC2qEViXKUCsIWwIz+c8vJIQBNm0rtE8ImfkIF3q
F+DFsI3gEO9i8BzyisYNBeIjuY1/W1EjJDfmB7RlPYglo7qvttg8RDU7URoo/q2I
VebqSIQoa/cP2lo3S8DUs52M5a9qdYLMlpmlrcpRHg/ww7OQaGHRWNythcpvKQUU
QdjydZ53OWJiJSI62aMaZQpkENDCorJ6zYQy79l5cXipYGY00wYlFTFXcFDOO5+h
mQnGJq/VkMz5d2LDsOSZNd4XScMQZ5khKH0JG644nb2zrB27Zf1WG89VLu+2Ow7J
us8Egu9GbWQFRQu9aXcHyQYBufeAmtYBtfyx6EmQQiOg3Gk=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:35:10 2025 by rpki-client