Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KRu_I9cGCmDZtTbqERXQhPRnKdI.roa
File: KRu_I9cGCmDZtTbqERXQhPRnKdI.roa (raw, json)
Hash identifier: 5p9x9kzeH2QCL9Df+1nKajpjXEDVPJb8MWM7YSqVLUk=
Subject key identifier: 29:1B:BF:23:D7:06:0A:60:D9:B5:36:EA:11:15:D0:84:F4:67:29:D2
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 13FE
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KRu_I9cGCmDZtTbqERXQhPRnKdI.roa
Signing time: Wed 02 Apr 2025 14:38:44 +0000
ROA not before: Wed 02 Apr 2025 14:38:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18248
IP address blocks: 119.75.246.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5118 (0x13fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Apr 2 14:38:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=291BBF23D7060A60D9B536EA1115D084F46729D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:73:3e:5f:ce:50:4b:33:80:ec:4d:cc:21:02:
d5:a4:a4:d2:39:71:f0:47:75:47:91:43:ed:e7:5a:
3a:36:18:80:2d:8a:bf:3e:61:08:72:c6:64:8d:92:
c6:3f:9a:af:cd:ec:d6:8a:a5:58:f2:cf:c6:90:58:
e6:b6:09:ac:7f:80:84:26:d7:79:4b:91:d7:af:fb:
e7:8d:5e:4a:c7:14:00:7f:a5:f5:14:4c:98:ee:0e:
17:31:f8:6b:87:f2:e0:36:9f:7d:11:46:fb:bf:7c:
5a:e1:b4:d9:c5:23:49:ac:f3:73:10:1c:76:64:f5:
4e:c8:d6:ba:77:3e:b5:4d:f5:27:f2:26:46:1b:cc:
5e:4b:9f:01:ed:46:44:8b:04:69:27:7f:4d:92:70:
30:38:f0:53:83:d5:e7:17:89:3c:ae:0e:fb:9f:df:
04:a9:f0:f3:5d:c9:b6:65:88:87:32:b6:01:b8:95:
80:31:7e:91:fb:78:6c:8c:2f:f2:a9:32:f3:04:0c:
9a:c0:61:42:4c:19:5a:36:cf:46:1b:76:86:62:4e:
26:93:5e:fd:27:ff:0a:b4:a3:6d:6a:a6:31:59:c7:
20:30:6b:d8:08:93:4f:c0:0b:4e:73:84:55:9c:68:
d9:cd:20:22:9b:ef:b9:72:dc:d3:c5:ef:a0:02:dd:
95:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:1B:BF:23:D7:06:0A:60:D9:B5:36:EA:11:15:D0:84:F4:67:29:D2
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/KRu_I9cGCmDZtTbqERXQhPRnKdI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.75.246.0/23
Signature Algorithm: sha256WithRSAEncryption
34:33:fc:5d:9a:7d:4e:ee:70:d1:99:ae:4b:4d:bf:e2:bc:8d:
63:ec:10:e2:20:61:8c:81:10:5a:2b:6f:78:5f:25:99:e1:f6:
a4:c6:bc:80:e7:53:df:b3:88:56:9b:30:c5:d6:0e:b9:f5:03:
1b:dc:16:2d:83:20:8d:0b:71:9a:ea:cd:82:0d:fa:d3:58:03:
d0:f5:4d:32:86:a9:93:82:5f:b7:5f:ca:a8:4d:d9:26:57:a7:
8a:9c:b1:c6:02:95:0a:88:39:98:5a:75:e0:22:23:63:71:f8:
44:a3:d7:b4:0b:f0:47:26:26:6c:9d:8d:02:ab:85:f3:ea:4c:
18:f5:c7:ad:47:ec:4a:a0:2e:32:4c:e7:a6:d6:77:fc:53:56:
8b:d6:c1:2e:37:9c:ce:b2:63:00:7e:be:52:ec:df:94:7f:cf:
3e:99:65:ae:67:8d:fa:02:ec:e8:de:6b:63:d5:2f:09:22:e7:
e0:20:31:e7:9f:09:43:45:47:a2:27:5f:14:62:8c:26:56:1b:
ce:94:52:12:78:de:33:71:d5:95:7f:68:b5:8f:2b:4a:43:6b:
3c:1d:ed:3b:f3:23:12:54:32:ff:5b:27:26:48:37:ab:e1:f3:
68:b1:38:d8:98:b2:39:c1:e3:d6:04:1a:1b:1d:07:5b:b1:f3:
46:9d:76:78
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICE/4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTA0MDIx
NDM4NDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5MUJCRjIzRDcwNjBB
NjBEOUI1MzZFQTExMTVEMDg0RjQ2NzI5RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxcz5fzlBLM4DsTcwhAtWkpNI5cfBHdUeRQ+3nWjo2GIAtir8+
YQhyxmSNksY/mq/N7NaKpVjyz8aQWOa2Cax/gIQm13lLkdev++eNXkrHFAB/pfUU
TJjuDhcx+GuH8uA2n30RRvu/fFrhtNnFI0ms83MQHHZk9U7I1rp3PrVN9SfyJkYb
zF5LnwHtRkSLBGknf02ScDA48FOD1ecXiTyuDvuf3wSp8PNdybZliIcytgG4lYAx
fpH7eGyML/KpMvMEDJrAYUJMGVo2z0YbdoZiTiaTXv0n/wq0o21qpjFZxyAwa9gI
k0/AC05zhFWcaNnNICKb77ly3NPF76AC3ZWVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKRu/I9cGCmDZtTbqERXQhPRnKdIwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9LUnVfSTljR0NtRFp0VGJxRVJY
UWhQUm5LZEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBd0v2
MA0GCSqGSIb3DQEBCwUAA4IBAQA0M/xdmn1O7nDRma5LTb/ivI1j7BDiIGGMgRBa
K294XyWZ4fakxryA51Pfs4hWmzDF1g659QMb3BYtgyCNC3Ga6s2CDfrTWAPQ9U0y
hqmTgl+3X8qoTdkmV6eKnLHGApUKiDmYWnXgIiNjcfhEo9e0C/BHJiZsnY0Cq4Xz
6kwY9cetR+xKoC4yTOem1nf8U1aL1sEuN5zOsmMAfr5S7N+Uf88+mWWuZ436Auzo
3mtj1S8JIufgIDHnnwlDRUeiJ18UYowmVhvOlFISeN4zcdWVf2i1jytKQ2s8He07
8yMSVDL/WycmSDer4fNosTjYmLI5wePWBBobHQdbsfNGnXZ4
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:07:01 2025 by rpki-client