Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/9Q3b9NG0h4DNSwvZlXOqwYdpqCU.roa
File: 9Q3b9NG0h4DNSwvZlXOqwYdpqCU.roa (raw, json)
Hash identifier: 6ypzZGXKc5jYP0Xgi8ayOvE6dX3LzgBnLMyWFxQqUfw=
Subject key identifier: F5:0D:DB:F4:D1:B4:87:80:CD:4B:0B:D9:95:73:AA:C1:87:69:A8:25
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 3486
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/9Q3b9NG0h4DNSwvZlXOqwYdpqCU.roa
Signing time: Mon 10 Feb 2025 13:52:28 +0000
ROA not before: Mon 10 Feb 2025 13:52:28 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38841
IP address blocks: 123.195.240.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13446 (0x3486)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Feb 10 13:52:28 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F50DDBF4D1B48780CD4B0BD99573AAC18769A825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4e:0d:8b:b8:a7:9f:8d:f6:2e:99:1a:10:b0:
d0:17:bf:5f:ff:87:39:69:0f:52:da:c9:8d:e6:be:
bb:ac:b9:2d:30:bb:c6:8d:1b:e2:4b:e0:6f:9b:24:
e4:01:d1:f4:8f:26:f6:75:97:26:4e:a4:cb:04:75:
df:49:a6:8d:04:38:66:90:b7:43:99:ca:69:22:3f:
1e:e7:f4:b8:75:7b:1c:e4:31:b4:41:03:24:92:c0:
f5:a6:96:63:47:5d:a8:7e:b6:8a:81:40:3d:4a:ce:
43:8b:1d:cf:f9:4f:51:43:97:18:b6:bf:02:e3:ac:
15:61:ca:58:35:49:2c:d2:b4:2a:74:c5:70:d6:da:
67:c5:37:a7:45:59:d0:97:d8:25:ce:68:43:72:64:
2d:f0:c3:7d:e0:2f:fd:69:3b:fa:fc:9c:de:cb:6d:
f8:bd:43:65:42:03:a8:33:6a:a3:7c:0f:6d:5e:e7:
7a:be:08:bf:22:b7:14:6b:b2:ae:e1:b9:77:72:cc:
a6:1c:ec:f2:de:aa:12:99:93:b7:9b:15:b3:6a:96:
7c:61:a4:72:f8:5c:48:99:d9:e4:63:c2:75:46:f1:
d0:82:a6:1e:38:6b:4e:f6:91:03:ae:24:df:a1:14:
81:75:40:56:d7:bf:ad:6c:b5:b0:40:b9:5f:bc:f0:
33:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:0D:DB:F4:D1:B4:87:80:CD:4B:0B:D9:95:73:AA:C1:87:69:A8:25
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/9Q3b9NG0h4DNSwvZlXOqwYdpqCU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.195.240.0/21
Signature Algorithm: sha256WithRSAEncryption
6a:f1:54:ce:b0:df:41:2d:ff:87:61:ee:c8:3a:99:87:d5:e6:
02:87:01:f1:5c:b7:b1:6e:07:17:1f:8b:a2:d1:c3:fc:de:29:
0f:2b:2f:f3:cc:29:80:82:fb:df:3a:a9:9b:d7:68:a4:ec:01:
b0:14:9b:a1:98:32:2f:18:ca:75:13:75:33:39:df:26:de:35:
33:1a:c1:ec:ca:3a:04:cd:8d:97:dd:9e:73:b5:95:ab:24:14:
d7:46:cc:7c:1d:50:f8:88:42:4e:12:23:61:51:0c:dd:05:28:
78:cd:77:12:47:f0:61:ad:3c:ce:76:4c:2d:ef:1d:03:b1:d1:
cc:e9:fc:de:e5:aa:3d:16:fb:ed:a6:d1:77:76:6f:57:76:33:
2d:c6:29:cb:77:b2:ec:f1:8b:b2:3b:6d:95:8e:fa:5a:80:f8:
f6:f1:cb:04:5a:31:66:62:36:15:03:84:ce:5c:30:00:3b:74:
f7:85:2f:65:60:d5:c7:37:33:cc:8c:18:fe:ad:b0:9e:5f:14:
9f:b6:5d:cf:c9:23:59:c0:ce:32:34:2d:84:14:c1:3e:41:29:
45:7c:5d:5c:73:97:22:79:30:bf:b2:e7:73:ec:0f:d5:0d:de:
c1:7b:2a:97:8f:7b:21:59:6c:45:8c:3e:ef:e1:49:98:89:dc:
d4:41:10:d4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICNIYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTAyMTAx
MzUyMjhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY1MEREQkY0RDFCNDg3
ODBDRDRCMEJEOTk1NzNBQUMxODc2OUE4MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4Tg2LuKefjfYumRoQsNAXv1//hzlpD1LayY3mvrusuS0wu8aN
G+JL4G+bJOQB0fSPJvZ1lyZOpMsEdd9Jpo0EOGaQt0OZymkiPx7n9Lh1exzkMbRB
AySSwPWmlmNHXah+toqBQD1KzkOLHc/5T1FDlxi2vwLjrBVhylg1SSzStCp0xXDW
2mfFN6dFWdCX2CXOaENyZC3ww33gL/1pO/r8nN7Lbfi9Q2VCA6gzaqN8D21e53q+
CL8itxRrsq7huXdyzKYc7PLeqhKZk7ebFbNqlnxhpHL4XEiZ2eRjwnVG8dCCph44
a072kQOuJN+hFIF1QFbXv61stbBAuV+88DPzAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU9Q3b9NG0h4DNSwvZlXOqwYdpqCUwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPLzlRM2I5TkcwaDRETlN3dlps
WE9xd1lkcHFDVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN7
w/AwDQYJKoZIhvcNAQELBQADggEBAGrxVM6w30Et/4dh7sg6mYfV5gKHAfFct7Fu
Bxcfi6LRw/zeKQ8rL/PMKYCC+986qZvXaKTsAbAUm6GYMi8YynUTdTM53ybeNTMa
wezKOgTNjZfdnnO1laskFNdGzHwdUPiIQk4SI2FRDN0FKHjNdxJH8GGtPM52TC3v
HQOx0czp/N7lqj0W++2m0Xd2b1d2My3GKct3suzxi7I7bZWO+lqA+PbxywRaMWZi
NhUDhM5cMAA7dPeFL2Vg1cc3M8yMGP6tsJ5fFJ+2Xc/JI1nAzjI0LYQUwT5BKUV8
XVxzlyJ5ML+y53PsD9UN3sF7KpePeyFZbEWMPu/hSZiJ3NRBENQ=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:51 2025 by rpki-client