Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/oBmXXeaFIR9EM1sgt0bqFtQpBSQ.roa
File: oBmXXeaFIR9EM1sgt0bqFtQpBSQ.roa (raw, json)
Hash identifier: FDvSIpQvu03vl/ovl3z/B0g4M1N1jcKAS1o6NatA7Uw=
Subject key identifier: A0:19:97:5D:E6:85:21:1F:44:33:5B:20:B7:46:EA:16:D4:29:05:24
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 365C
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/oBmXXeaFIR9EM1sgt0bqFtQpBSQ.roa
Signing time: Mon 10 Feb 2025 13:54:15 +0000
ROA not before: Mon 10 Feb 2025 13:54:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38841
IP address blocks: 118.233.200.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13916 (0x365c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Feb 10 13:54:15 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A019975DE685211F44335B20B746EA16D4290524
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:55:36:da:ca:09:fe:63:e3:24:3f:a8:89:07:
fb:49:c6:fc:ee:8b:95:fa:78:70:a9:85:11:cd:bd:
8e:7a:18:80:65:0e:f4:1a:c7:8a:59:85:2b:43:08:
90:cf:b8:71:ec:fa:7a:c4:76:be:3a:38:07:1c:07:
aa:7c:1f:47:82:83:84:12:da:62:28:95:97:0c:0c:
e1:d5:c0:59:bc:9c:8d:6f:90:6c:9e:44:06:6d:fe:
71:32:82:d6:3e:43:86:c3:b7:5c:ae:44:b7:48:18:
3d:63:28:d6:df:11:0e:4e:da:b3:de:64:5a:c3:e1:
2d:f5:56:4c:04:7c:67:c8:c6:93:1a:0f:9c:f1:d2:
fe:e8:86:84:98:4b:6f:75:22:ab:a3:72:60:5b:4f:
b8:d2:58:cb:7a:bc:dc:1b:e2:89:8c:a1:14:e0:b7:
a4:3c:b1:fb:24:c3:35:cf:2c:0c:5a:d7:cd:9f:e7:
cb:6b:b5:2e:63:d9:53:15:fd:17:f0:8b:42:1c:d8:
1b:ba:fa:47:02:32:5b:fb:b2:e2:4a:82:3c:1b:85:
f3:cd:50:a8:9e:e6:bf:f2:08:32:af:3f:11:c5:ae:
06:71:f3:61:e9:a3:68:d6:21:65:0e:16:8e:7d:07:
54:49:2d:af:e9:6d:19:7d:83:09:55:a8:a8:8d:ee:
5d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:19:97:5D:E6:85:21:1F:44:33:5B:20:B7:46:EA:16:D4:29:05:24
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/oBmXXeaFIR9EM1sgt0bqFtQpBSQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.233.200.0/21
Signature Algorithm: sha256WithRSAEncryption
94:68:9a:8f:58:a8:75:4c:b7:77:16:4d:41:14:5b:9c:48:a5:
f0:33:ec:e7:b0:41:6d:31:fd:87:45:4b:0c:7d:86:36:b2:fa:
4f:eb:a8:9f:72:08:fe:15:15:6b:10:dc:25:06:6e:67:2f:2a:
aa:db:f6:c0:5c:5d:b7:7d:95:a0:94:ef:b0:f2:c6:99:0c:58:
18:4e:38:02:05:27:5d:f1:7b:36:25:b0:a4:56:a2:07:1f:a4:
b0:d8:df:4b:91:95:45:05:d2:d8:13:1b:d8:04:e1:a6:73:fc:
12:eb:89:1b:ad:ce:f0:24:4a:32:2b:98:36:d8:e6:48:1d:ff:
ee:68:91:df:0e:e1:db:cd:7e:8d:7a:2f:b6:dd:74:33:64:3b:
01:61:fa:08:75:7d:63:0a:07:e3:74:e4:a8:72:30:4a:cd:00:
5f:5a:3a:9f:f1:e1:38:db:0b:bf:db:21:5a:bc:18:4f:fa:6c:
5a:8b:bf:42:81:84:18:3d:ae:c8:d5:ae:49:12:38:b9:48:ce:
78:e7:08:14:bf:06:e6:d9:f1:c5:d1:e8:e0:d3:38:80:a4:57:
1e:95:02:56:04:9d:77:af:6b:ed:2a:6c:a0:50:75:34:dd:0c:
cf:d2:fc:62:0e:a8:9c:23:62:f5:ba:54:45:20:a3:5f:25:35:
58:c6:a3:e7
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICNlwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yNTAyMTAx
MzU0MTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEEwMTk5NzVERTY4NTIx
MUY0NDMzNUIyMEI3NDZFQTE2RDQyOTA1MjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCVTbaygn+Y+MkP6iJB/tJxvzui5X6eHCphRHNvY56GIBlDvQa
x4pZhStDCJDPuHHs+nrEdr46OAccB6p8H0eCg4QS2mIolZcMDOHVwFm8nI1vkGye
RAZt/nEygtY+Q4bDt1yuRLdIGD1jKNbfEQ5O2rPeZFrD4S31VkwEfGfIxpMaD5zx
0v7ohoSYS291IqujcmBbT7jSWMt6vNwb4omMoRTgt6Q8sfskwzXPLAxa182f58tr
tS5j2VMV/Rfwi0Ic2Bu6+kcCMlv7suJKgjwbhfPNUKie5r/yCDKvPxHFrgZx82Hp
o2jWIWUOFo59B1RJLa/pbRl9gwlVqKiN7l1JAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUoBmXXeaFIR9EM1sgt0bqFtQpBSQwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL29CbVhYZWFGSVI5RU0xc2d0
MGJxRnRRcEJTUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN2
6cgwDQYJKoZIhvcNAQELBQADggEBAJRomo9YqHVMt3cWTUEUW5xIpfAz7OewQW0x
/YdFSwx9hjay+k/rqJ9yCP4VFWsQ3CUGbmcvKqrb9sBcXbd9laCU77DyxpkMWBhO
OAIFJ13xezYlsKRWogcfpLDY30uRlUUF0tgTG9gE4aZz/BLriRutzvAkSjIrmDbY
5kgd/+5okd8O4dvNfo16L7bddDNkOwFh+gh1fWMKB+N05KhyMErNAF9aOp/x4Tjb
C7/bIVq8GE/6bFqLv0KBhBg9rsjVrkkSOLlIznjnCBS/BubZ8cXR6ODTOICkVx6V
AlYEnXeva+0qbKBQdTTdDM/S/GIOqJwjYvW6VEUgo18lNVjGo+c=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:25 2025 by rpki-client