Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/M4wAvBwNsZ0UAR5XlhQT6AmYF3g.roa
File: M4wAvBwNsZ0UAR5XlhQT6AmYF3g.roa (raw, json)
Hash identifier: XlyI7ClSxJxwX1YOVipXMmxmhYe32FPpMsSoFVFOf/Y=
Subject key identifier: 33:8C:00:BC:1C:0D:B1:9D:14:01:1E:57:96:14:13:E8:09:98:17:78
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 3443
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/M4wAvBwNsZ0UAR5XlhQT6AmYF3g.roa
Signing time: Mon 10 Feb 2025 13:52:13 +0000
ROA not before: Mon 10 Feb 2025 13:52:13 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38841
IP address blocks: 118.232.56.0/21 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13379 (0x3443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Feb 10 13:52:13 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=338C00BC1C0DB19D14011E57961413E809981778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:76:ab:7c:83:30:11:fd:f0:e0:64:f2:9f:50:
9f:15:0b:d9:c1:93:b7:e6:c0:5d:d5:9b:cf:47:d2:
ae:bd:33:2b:eb:d2:1f:eb:c1:fb:15:eb:41:f0:2f:
98:10:7b:52:5b:bf:93:3a:a9:a8:5d:d4:ad:47:d8:
ce:0e:30:79:97:5a:a3:9e:04:56:b0:0a:92:79:aa:
de:cc:63:3e:d1:9b:0b:75:f4:f2:54:96:7e:d2:b0:
bd:25:3d:62:56:bf:9e:9b:ea:76:cc:d3:d0:95:89:
69:d0:5b:1f:8a:54:88:73:94:a9:4c:fc:b3:8a:04:
6f:7e:05:bd:76:82:53:c9:f2:a1:5c:cd:d1:73:56:
f4:7a:6e:16:a0:ae:60:18:40:25:46:ea:88:86:2a:
6c:7d:a9:2a:a4:e5:55:ae:b2:ba:c5:b0:77:19:d5:
65:be:da:89:26:cc:1e:9d:e4:c9:b0:99:4e:fb:a4:
2e:0b:b6:2e:05:bd:4a:bf:6f:0e:28:84:85:d4:aa:
73:37:85:33:72:87:08:cb:c1:30:c3:34:7c:c7:6f:
2c:f9:73:f1:61:a4:4e:2d:50:a5:35:fe:eb:b1:71:
ed:46:a4:21:6c:9f:74:7d:c9:cb:b0:e6:a8:3d:08:
ce:17:af:d6:67:bf:2e:63:c1:f1:eb:30:c7:e6:57:
5d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8C:00:BC:1C:0D:B1:9D:14:01:1E:57:96:14:13:E8:09:98:17:78
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/M4wAvBwNsZ0UAR5XlhQT6AmYF3g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.232.56.0/21
Signature Algorithm: sha256WithRSAEncryption
99:88:76:c6:5a:54:f9:1a:62:fd:0e:0f:2b:28:90:32:b9:eb:
51:92:f1:43:41:d9:c4:08:b0:96:3c:cb:97:50:2b:f6:82:42:
ee:6f:1e:74:f0:62:53:a0:20:a6:ce:e1:99:9a:0d:66:ac:f4:
1d:0a:37:7a:cd:94:5c:77:e6:c6:2f:87:73:d9:33:ce:e5:d6:
47:5e:2c:51:ad:51:e0:ca:48:51:f4:5d:a5:4b:cd:e6:e6:28:
d0:b8:ca:61:e1:dc:c5:69:ca:1e:4f:e5:4f:3d:fc:83:44:9a:
f6:3a:58:4d:1e:2b:b2:7a:d7:fe:7b:90:1a:9e:17:c7:a5:9d:
67:dc:f9:db:d7:f9:9e:34:38:43:98:f2:2a:14:b4:4d:2c:77:
6c:a7:0f:54:54:e3:87:b7:af:5b:10:d9:fb:8a:fe:f2:ea:68:
fa:ca:27:2a:11:2c:56:f8:dc:c6:fc:09:fb:0e:ff:f7:0b:f7:
11:17:4a:77:64:16:1a:2f:02:68:16:aa:48:2b:6c:4f:59:98:
92:d1:64:39:2f:99:01:0e:de:a1:f4:dd:04:37:40:91:58:a7:
76:a1:fb:f2:ec:56:60:fc:ab:b5:6c:00:d3:f3:45:4c:1b:34:
71:9b:74:60:fc:e6:74:59:fa:7e:48:3d:75:ba:fc:4a:3c:89:
35:45:ca:df
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICNEMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTAyMTAx
MzUyMTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMzOEMwMEJDMUMwREIx
OUQxNDAxMUU1Nzk2MTQxM0U4MDk5ODE3NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEdqt8gzAR/fDgZPKfUJ8VC9nBk7fmwF3Vm89H0q69Myvr0h/r
wfsV60HwL5gQe1Jbv5M6qahd1K1H2M4OMHmXWqOeBFawCpJ5qt7MYz7Rmwt19PJU
ln7SsL0lPWJWv56b6nbM09CViWnQWx+KVIhzlKlM/LOKBG9+Bb12glPJ8qFczdFz
VvR6bhagrmAYQCVG6oiGKmx9qSqk5VWusrrFsHcZ1WW+2okmzB6d5MmwmU77pC4L
ti4FvUq/bw4ohIXUqnM3hTNyhwjLwTDDNHzHbyz5c/FhpE4tUKU1/uuxce1GpCFs
n3R9ycuw5qg9CM4Xr9Znvy5jwfHrMMfmV12fAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUM4wAvBwNsZ0UAR5XlhQT6AmYF3gwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL000d0F2QndOc1owVUFSNVhs
aFFUNkFtWUYzZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6DgwDQYJKoZIhvcNAQELBQADggEBAJmIdsZaVPkaYv0ODysokDK561GS8UNB2cQI
sJY8y5dQK/aCQu5vHnTwYlOgIKbO4ZmaDWas9B0KN3rNlFx35sYvh3PZM87l1kde
LFGtUeDKSFH0XaVLzebmKNC4ymHh3MVpyh5P5U89/INEmvY6WE0eK7J61/57kBqe
F8elnWfc+dvX+Z40OEOY8ioUtE0sd2ynD1RU44e3r1sQ2fuK/vLqaPrKJyoRLFb4
3Mb8CfsO//cL9xEXSndkFhovAmgWqkgrbE9ZmJLRZDkvmQEO3qH03QQ3QJFYp3ah
+/LsVmD8q7VsANPzRUwbNHGbdGD85nRZ+n5IPXW6/Eo8iTVFyt8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:51 2025 by rpki-client