Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/OL9Rh5L7w4EgomU7xH4udM9ggVs.roa
File: OL9Rh5L7w4EgomU7xH4udM9ggVs.roa (raw, json)
Hash identifier: dH+TBovbnW1OuAEbE/MKgzSOsIJ8YzmYxBJQWB0Z50k=
Subject key identifier: 38:BF:51:87:92:FB:C3:81:20:A2:65:3B:C4:7E:2E:74:CF:60:81:5B
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 12D1
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/OL9Rh5L7w4EgomU7xH4udM9ggVs.roa
Signing time: Mon 26 Aug 2024 05:32:35 +0000
ROA not before: Mon 26 Aug 2024 05:32:35 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17408
IP address blocks: 203.119.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4817 (0x12d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Aug 26 05:32:35 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=38BF518792FBC38120A2653BC47E2E74CF60815B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:8a:ae:e3:5b:d3:44:bf:2f:65:73:c5:37:73:
68:7c:5e:98:94:d5:c0:a6:f4:ad:05:ab:a0:a9:d3:
b5:7c:8f:89:2e:dc:e1:b4:63:2e:66:fb:bb:ea:5e:
9e:f2:88:3a:bc:d0:a9:b8:89:47:11:22:d8:03:f6:
e3:bc:0b:76:02:5b:23:91:50:15:43:c8:1a:38:97:
7f:11:7b:f9:20:f4:36:bc:ca:c2:09:c1:1b:72:4e:
56:8d:65:a1:7e:08:7e:05:d4:40:94:c7:f7:d4:37:
d7:92:8c:50:41:c8:74:9a:61:7d:82:2b:a8:b0:58:
e1:38:d2:ae:54:95:1a:53:6b:01:83:99:c6:cf:74:
e7:a1:e7:2c:9e:56:a2:64:37:38:9d:2c:6e:1f:d7:
84:3d:14:6d:c6:29:55:02:e4:87:32:18:35:68:11:
0b:f8:ea:87:08:c7:bf:f4:c3:2f:c3:40:34:50:ca:
5a:99:70:55:47:da:0b:37:89:47:30:fa:64:91:e1:
43:f1:fe:c1:1c:6d:20:1a:89:74:3f:4b:e5:f5:12:
d3:23:45:f1:aa:f5:7c:c1:dc:2c:cb:56:96:ac:dd:
68:4d:ef:e5:0d:04:b8:a6:58:d8:ba:bb:c2:40:31:
8f:f2:94:cf:ea:4a:62:71:61:39:91:2a:31:0a:29:
1a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BF:51:87:92:FB:C3:81:20:A2:65:3B:C4:7E:2E:74:CF:60:81:5B
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/OL9Rh5L7w4EgomU7xH4udM9ggVs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.119.3.0/24
Signature Algorithm: sha256WithRSAEncryption
88:c7:99:34:d2:e4:b1:1e:a3:27:4f:4a:67:30:d8:1f:ce:c4:
ac:13:d4:44:a2:ff:14:10:22:26:54:d0:7a:9b:de:ad:a0:5e:
a9:1a:2e:4c:df:85:aa:c4:6b:71:19:26:6c:2d:d4:14:89:a1:
cb:b1:13:c1:7d:73:1e:28:83:ba:12:ea:11:c9:5a:4e:6b:97:
5e:b4:b4:5b:d9:1b:8c:5f:c7:4c:c4:c8:65:88:76:8b:57:df:
e3:81:9c:69:25:ac:2c:78:54:78:f2:b3:2f:97:2b:af:7d:5d:
e1:db:35:8d:1f:2e:37:30:b9:96:aa:3f:89:01:9d:e8:5d:2b:
19:f2:8e:cc:21:7a:1a:a3:ad:74:ea:2d:bb:c5:c1:cf:ea:d6:
bc:0a:68:5b:08:d0:41:f1:8d:b2:56:c9:46:06:e2:22:86:3b:
6e:24:f5:3a:56:8d:78:19:04:b7:32:ec:86:04:39:ab:0a:2b:
d7:cb:0c:c3:07:95:d8:89:1e:93:f0:9e:6e:52:74:30:5d:4a:
cc:b0:9a:4a:3e:b0:28:66:4f:fd:32:ea:15:ea:97:97:f5:5e:
32:73:c3:c8:7d:4f:50:da:74:2f:f1:98:e3:ab:df:23:38:5f:
ed:75:ff:a3:d7:5c:9f:0b:28:4e:18:7e:00:ac:dc:a7:09:64:
47:d2:f3:3e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEtEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNDA4MjYw
NTMyMzVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDM4QkY1MTg3OTJGQkMz
ODEyMEEyNjUzQkM0N0UyRTc0Q0Y2MDgxNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUiq7jW9NEvy9lc8U3c2h8XpiU1cCm9K0Fq6Cp07V8j4ku3OG0
Yy5m+7vqXp7yiDq80Km4iUcRItgD9uO8C3YCWyORUBVDyBo4l38Re/kg9Da8ysIJ
wRtyTlaNZaF+CH4F1ECUx/fUN9eSjFBByHSaYX2CK6iwWOE40q5UlRpTawGDmcbP
dOeh5yyeVqJkNzidLG4f14Q9FG3GKVUC5IcyGDVoEQv46ocIx7/0wy/DQDRQylqZ
cFVH2gs3iUcw+mSR4UPx/sEcbSAaiXQ/S+X1EtMjRfGq9XzB3CzLVpas3WhN7+UN
BLimWNi6u8JAMY/ylM/qSmJxYTmRKjEKKRoRAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUOL9Rh5L7w4EgomU7xH4udM9ggVswHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9PTDlSaDVMN3c0RWdvbVU3eEg0
dWRNOWdnVnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy3cD
MA0GCSqGSIb3DQEBCwUAA4IBAQCIx5k00uSxHqMnT0pnMNgfzsSsE9REov8UECIm
VNB6m96toF6pGi5M34WqxGtxGSZsLdQUiaHLsRPBfXMeKIO6EuoRyVpOa5detLRb
2RuMX8dMxMhliHaLV9/jgZxpJawseFR48rMvlyuvfV3h2zWNHy43MLmWqj+JAZ3o
XSsZ8o7MIXoao6106i27xcHP6ta8CmhbCNBB8Y2yVslGBuIihjtuJPU6Vo14GQS3
MuyGBDmrCivXywzDB5XYiR6T8J5uUnQwXUrMsJpKPrAoZk/9MuoV6peX9V4yc8PI
fU9Q2nQv8Zjjq98jOF/tdf+j11yfCyhOGH4ArNynCWRH0vM+
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:41:26 2025 by rpki-client