Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TTNS/gW89KoRn_R_KYmfRly6NuqPV7Ac.roa
File: gW89KoRn_R_KYmfRly6NuqPV7Ac.roa (raw, json)
Hash identifier: MRW2RqtyWCt7DYOH0RsKazzcZbAAeoRidW9Qbi0WiJQ=
Subject key identifier: 81:6F:3D:2A:84:67:FD:1F:CA:62:67:D1:97:2E:8D:BA:A3:D5:EC:07
Certificate issuer: /CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94
Certificate serial: 028C
Authority key identifier: 29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/gW89KoRn_R_KYmfRly6NuqPV7Ac.roa
Signing time: Mon 10 Feb 2025 14:05:47 +0000
ROA not before: Mon 10 Feb 2025 14:05:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 132369
IP address blocks: 103.159.206.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 652 (0x28c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94
Validity
Not Before: Feb 10 14:05:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=816F3D2A8467FD1FCA6267D1972E8DBAA3D5EC07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3d:42:84:02:ea:99:a2:67:34:7f:e1:13:c5:
73:0e:17:d9:c8:fc:18:9f:75:18:8a:be:17:97:6f:
ad:fd:22:70:3a:2e:9b:33:e4:5c:bf:26:b8:eb:6b:
8e:04:cb:24:c5:99:2f:c9:13:08:81:42:f2:61:89:
24:51:b7:2e:56:f3:dd:cd:ec:6d:d2:b4:e5:ec:4f:
27:0c:d3:52:32:ce:c6:1d:8f:17:54:a5:4d:75:ee:
99:27:6d:10:23:3a:e3:3e:1c:1e:37:d1:aa:fa:e3:
47:c0:92:5b:11:20:1d:ec:2e:c5:48:87:50:58:1a:
8b:ed:e2:a8:fc:fb:26:71:7a:a9:83:0a:cc:c8:8a:
3f:a1:b8:13:30:7e:5f:0f:08:b8:24:6a:01:b5:22:
4b:a5:c9:32:c6:75:36:ab:be:8d:77:04:3c:83:6e:
7e:76:9c:11:bb:51:1b:fd:75:21:27:58:38:6d:04:
30:0a:6e:88:93:54:4e:40:a7:96:b2:65:81:c3:d8:
10:04:2e:91:f0:97:29:25:24:e6:cf:3e:24:8c:09:
9c:8b:2f:66:83:87:37:dd:09:87:53:f6:7e:20:54:
a1:e5:04:b9:68:ae:4d:56:7e:b6:cf:9c:50:78:ce:
76:d7:ed:c9:6f:dd:50:be:21:38:c8:fb:50:d5:50:
37:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:6F:3D:2A:84:67:FD:1F:CA:62:67:D1:97:2E:8D:BA:A3:D5:EC:07
X509v3 Authority Key Identifier:
keyid:29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/gW89KoRn_R_KYmfRly6NuqPV7Ac.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.206.0/23
Signature Algorithm: sha256WithRSAEncryption
16:e0:89:60:d4:a5:4c:d0:06:a6:88:3f:03:14:d7:79:05:9b:
b5:7e:74:d1:31:18:cf:dc:fe:ad:ae:22:ae:61:2d:0e:27:eb:
05:d7:38:53:34:66:31:92:6f:f0:1b:33:69:db:80:92:58:f9:
d5:0f:67:b7:43:e6:86:1c:fe:f2:f7:b8:8c:c9:59:3b:57:5b:
14:9c:ca:67:d0:70:69:db:2e:a7:79:c9:e7:32:b1:7e:c3:ae:
12:6d:96:83:10:1e:c4:68:c0:b3:77:b9:ea:50:55:31:fa:9f:
1f:03:a7:17:2e:03:1d:c9:70:b4:a9:1e:97:d1:cb:c4:d7:bf:
a0:11:f9:89:96:45:13:48:4b:f5:a7:d3:a9:66:2c:4e:ad:79:
01:c4:12:14:20:08:3a:b6:c1:78:67:8a:fa:29:0e:07:3c:11:
a4:4e:cd:09:5d:ea:22:90:50:25:b0:28:ab:b0:49:0d:36:53:
d6:a2:80:95:f0:07:67:d7:54:9c:00:98:49:64:72:c1:4c:d3:
5b:9b:f8:3b:da:dd:01:df:6c:09:3d:2a:76:45:ce:cf:c6:f2:
75:52:c8:25:43:1f:9e:84:1b:57:d7:07:b6:49:b6:fb:6c:4e:
a4:16:c1:f6:5d:22:4a:ae:ef:f5:70:cf:15:79:0d:92:2b:9e:
d5:a5:75:79
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAowwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk4
RUQyRkQ2QUQ1QzVCNTY4N0RGNjE0QTI3NUMyRkM4NDhENEU5NDAeFw0yNTAyMTAx
NDA1NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDgxNkYzRDJBODQ2N0ZE
MUZDQTYyNjdEMTk3MkU4REJBQTNENUVDMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRPUKEAuqZomc0f+ETxXMOF9nI/BifdRiKvheXb639InA6Lpsz
5Fy/Jrjra44EyyTFmS/JEwiBQvJhiSRRty5W893N7G3StOXsTycM01IyzsYdjxdU
pU117pknbRAjOuM+HB430ar640fAklsRIB3sLsVIh1BYGovt4qj8+yZxeqmDCszI
ij+huBMwfl8PCLgkagG1IkulyTLGdTarvo13BDyDbn52nBG7URv9dSEnWDhtBDAK
boiTVE5Ap5ayZYHD2BAELpHwlyklJObPPiSMCZyLL2aDhzfdCYdT9n4gVKHlBLlo
rk1WfrbPnFB4znbX7clv3VC+ITjI+1DVUDf/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUgW89KoRn/R/KYmfRly6NuqPV7AcwHwYDVR0jBBgwFoAUKY7S/WrVxbVoffYU
onXC/ISNTpQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFROUy9L
WTdTX1dyVnhiVm9mZllVb25YQ19JU05UcFEuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tZN1NfV3JWeGJWb2ZmWVVvblhDX0lTTlRwUS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RUTlMvZ1c4OUtvUm5fUl9LWW1mUmx5Nk51
cVBWN0FjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWefzjAN
BgkqhkiG9w0BAQsFAAOCAQEAFuCJYNSlTNAGpog/AxTXeQWbtX500TEYz9z+ra4i
rmEtDifrBdc4UzRmMZJv8BszaduAklj51Q9nt0Pmhhz+8ve4jMlZO1dbFJzKZ9Bw
adsup3nJ5zKxfsOuEm2WgxAexGjAs3e56lBVMfqfHwOnFy4DHclwtKkel9HLxNe/
oBH5iZZFE0hL9afTqWYsTq15AcQSFCAIOrbBeGeK+ikOBzwRpE7NCV3qIpBQJbAo
q7BJDTZT1qKAlfAHZ9dUnACYSWRywUzTW5v4O9rdAd9sCT0qdkXOz8bydVLIJUMf
noQbV9cHtkm2+2xOpBbB9l0iSq7v9XDPFXkNkiue1aV1eQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:02 2025 by rpki-client