Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Kiq9IsFGTt2Q4RhJ0zPzEQ7j0Hk.roa
File: Kiq9IsFGTt2Q4RhJ0zPzEQ7j0Hk.roa (raw, json)
Hash identifier: FdsBCzyBilC+0q5QJYqa2RKnr1kbbvB6HueclNQQ5P4=
Subject key identifier: 2A:2A:BD:22:C1:46:4E:DD:90:E1:18:49:D3:33:F3:11:0E:E3:D0:79
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 352C
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Kiq9IsFGTt2Q4RhJ0zPzEQ7j0Hk.roa
Signing time: Mon 10 Feb 2025 13:53:05 +0000
ROA not before: Mon 10 Feb 2025 13:53:05 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38841
IP address blocks: 123.195.200.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13612 (0x352c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Feb 10 13:53:05 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2A2ABD22C1464EDD90E11849D333F3110EE3D079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:d0:2d:45:68:c2:12:bd:61:0f:f5:b4:31:72:
85:02:f4:13:eb:eb:ba:d4:76:2b:84:2f:05:33:9b:
8a:63:63:90:31:23:72:dd:97:e3:07:ec:95:3a:9b:
2d:c4:a3:89:9d:62:8a:a3:6d:dc:ed:e8:f7:c4:f2:
a5:6c:d2:2f:d6:7f:87:5c:fe:02:fa:88:55:ec:09:
85:48:48:dd:16:d6:4c:b5:e3:e7:f5:7b:fb:da:a5:
f0:9c:f3:81:56:6b:cd:48:6e:f4:3a:ea:b6:f5:50:
c9:44:57:d8:68:ae:97:7b:54:9e:e8:ce:33:ba:70:
81:44:7c:d5:04:0d:4a:a8:c4:c9:9c:4f:33:64:cc:
9c:4e:63:66:fd:5e:63:d3:7a:de:b2:8c:74:15:cf:
36:09:45:04:99:b7:20:53:d0:ff:45:4e:d3:c2:62:
77:c6:e1:a1:fb:80:dc:56:8d:f2:03:22:b5:e0:cd:
17:dc:e4:1c:8a:a2:6a:df:ba:42:44:92:ca:cf:d4:
5b:f5:6e:ec:4a:17:88:00:c1:7a:3d:88:bf:ff:c6:
63:ec:7e:de:af:49:ec:04:ef:8f:b1:ac:93:95:ed:
08:f6:15:85:25:ce:0e:17:52:85:b6:f9:63:8a:c3:
eb:87:6e:2c:73:f8:9e:e6:21:6b:48:bc:4e:05:44:
22:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2A:BD:22:C1:46:4E:DD:90:E1:18:49:D3:33:F3:11:0E:E3:D0:79
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/Kiq9IsFGTt2Q4RhJ0zPzEQ7j0Hk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.195.200.0/22
Signature Algorithm: sha256WithRSAEncryption
90:63:09:e5:46:ca:7e:90:bd:9c:e9:c8:f1:bf:78:b9:68:d3:
c5:19:9f:fc:f2:13:ce:9e:f7:2e:13:13:c8:98:5e:b3:38:21:
3a:31:0c:b6:47:d0:fd:19:b0:2a:55:3d:8b:6c:e2:ae:af:d2:
cb:ee:88:5f:49:fe:9d:88:23:a2:ab:65:6f:3c:6c:9c:1c:7f:
39:5d:b0:8a:ff:71:ea:b7:e2:e3:f2:23:6d:3b:9d:a1:51:ff:
bc:80:91:52:2a:a4:10:87:49:08:c0:47:89:c8:27:f8:59:46:
9e:97:16:41:2b:a9:d2:54:8a:25:67:fe:c6:c9:06:c1:b1:4a:
d7:1d:04:72:50:43:cc:c4:0f:f3:7d:48:6c:e5:fc:e8:e1:de:
d3:25:2f:9e:24:5d:53:9c:a5:ad:78:9f:2d:45:8d:53:73:db:
e9:eb:8a:8d:59:b6:e2:66:a8:d7:9b:93:fd:38:a9:82:88:03:
f7:f2:6f:bc:cc:c9:15:1b:28:24:e4:d2:56:64:16:18:04:a1:
eb:85:c4:b3:35:22:4e:9d:a3:ca:40:df:5d:c6:13:d9:28:00:
c7:05:75:0b:08:a4:f3:4e:5c:53:e8:fc:43:2f:58:d8:cd:52:
84:1e:d0:17:df:aa:73:6d:e9:71:a8:0e:5e:88:d0:d2:f4:dc:
a3:31:39:27
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICNSwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTAyMTAx
MzUzMDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJBMkFCRDIyQzE0NjRF
REQ5MEUxMTg0OUQzMzNGMzExMEVFM0QwNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDj0C1FaMISvWEP9bQxcoUC9BPr67rUdiuELwUzm4pjY5AxI3Ld
l+MH7JU6my3Eo4mdYoqjbdzt6PfE8qVs0i/Wf4dc/gL6iFXsCYVISN0W1ky14+f1
e/vapfCc84FWa81IbvQ66rb1UMlEV9horpd7VJ7ozjO6cIFEfNUEDUqoxMmcTzNk
zJxOY2b9XmPTet6yjHQVzzYJRQSZtyBT0P9FTtPCYnfG4aH7gNxWjfIDIrXgzRfc
5ByKomrfukJEksrP1Fv1buxKF4gAwXo9iL//xmPsft6vSewE74+xrJOV7Qj2FYUl
zg4XUoW2+WOKw+uHbixz+J7mIWtIvE4FRCJNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUKiq9IsFGTt2Q4RhJ0zPzEQ7j0HkwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL0tpcTlJc0ZHVHQyUTRSaEow
elB6RVE3ajBIay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ7
w8gwDQYJKoZIhvcNAQELBQADggEBAJBjCeVGyn6QvZzpyPG/eLlo08UZn/zyE86e
9y4TE8iYXrM4IToxDLZH0P0ZsCpVPYts4q6v0svuiF9J/p2II6KrZW88bJwcfzld
sIr/ceq34uPyI207naFR/7yAkVIqpBCHSQjAR4nIJ/hZRp6XFkErqdJUiiVn/sbJ
BsGxStcdBHJQQ8zED/N9SGzl/Ojh3tMlL54kXVOcpa14ny1FjVNz2+nrio1ZtuJm
qNebk/04qYKIA/fyb7zMyRUbKCTk0lZkFhgEoeuFxLM1Ik6do8pA313GE9koAMcF
dQsIpPNOXFPo/EMvWNjNUoQe0BffqnNt6XGoDl6I0NL03KMxOSc=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:13 2025 by rpki-client