Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/FgtM4NDYRc0Mbsdp2Xyyk9Jh2kQ.roa
File: FgtM4NDYRc0Mbsdp2Xyyk9Jh2kQ.roa (raw, json)
Hash identifier: M/FW8YNornDmeYZDtwWVHrBYguTYE3MvXQoDZ0f0A38=
Subject key identifier: 16:0B:4C:E0:D0:D8:45:CD:0C:6E:C7:69:D9:7C:B2:93:D2:61:DA:44
Certificate issuer: /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial: 0CEE
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/FgtM4NDYRc0Mbsdp2Xyyk9Jh2kQ.roa
Signing time: Mon 10 Feb 2025 13:50:56 +0000
ROA not before: Mon 10 Feb 2025 13:50:56 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 2914
IP address blocks: 61.58.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3310 (0xcee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Validity
Not Before: Feb 10 13:50:56 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=160B4CE0D0D845CD0C6EC769D97CB293D261DA44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:df:dc:3a:d4:4d:40:2d:70:ac:08:d3:17:99:
d2:e0:8f:ac:ff:d2:d7:33:d4:e0:38:2f:ee:6a:8c:
92:1e:35:b0:0b:d8:f7:c3:e6:60:20:f3:85:af:19:
15:55:78:f2:4f:98:9a:5f:e3:b5:8f:9c:1d:ae:29:
9e:72:6c:3e:ce:cd:21:3d:f9:fe:e7:76:51:d2:49:
cc:24:ba:15:d1:f0:42:79:5e:b9:26:9a:fe:fa:b5:
f2:29:02:20:00:f7:7e:3d:f2:b1:21:7b:ae:1b:2d:
84:61:da:30:af:d1:3e:95:ec:c5:81:45:18:3a:5d:
14:15:45:66:d9:01:f6:12:4d:95:d0:7e:a9:dc:6f:
05:6c:85:bc:9f:cb:80:87:5e:2c:8a:11:e3:57:3d:
76:a4:fa:48:9b:fd:58:99:b6:ef:13:99:d6:3f:e6:
c5:78:79:a4:91:c8:3d:e1:be:dc:7a:e6:29:f3:3f:
4d:fb:81:75:30:54:d1:57:cc:fd:52:a5:24:ac:b2:
62:f1:5a:27:ca:98:45:e7:c9:9b:d2:27:b7:65:3b:
ce:37:a6:6d:78:b1:8e:ad:13:31:a1:f1:b3:26:2d:
54:1b:14:a9:2c:1f:f8:f2:72:a0:cd:b1:78:eb:1f:
54:41:7b:89:41:02:65:f2:ed:0c:96:0c:37:b4:80:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0B:4C:E0:D0:D8:45:CD:0C:6E:C7:69:D9:7C:B2:93:D2:61:DA:44
X509v3 Authority Key Identifier:
keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/FgtM4NDYRc0Mbsdp2Xyyk9Jh2kQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.58.32.0/20
Signature Algorithm: sha256WithRSAEncryption
c6:6d:e1:65:5f:33:0f:3f:cc:38:8a:50:ab:d6:cd:4c:3b:79:
7d:d8:2c:55:37:ed:96:31:91:f2:b8:13:7c:29:b1:57:b4:55:
a4:f4:5a:56:ab:da:59:92:a3:5b:14:49:cf:7a:ab:53:25:23:
5c:3d:58:72:dc:c6:17:83:73:32:13:05:df:9f:d3:1a:09:1d:
f7:e8:52:ba:22:d2:22:fb:9a:14:39:b4:de:4e:0a:3c:71:de:
58:b5:de:07:29:80:ab:c8:00:a8:f1:14:40:be:df:ed:05:52:
7d:35:8b:03:21:1b:cb:55:e1:8f:51:19:3b:f9:ec:d0:79:16:
66:01:e0:9d:43:55:66:41:16:6d:32:ab:fe:ae:fd:fe:39:e5:
7e:6e:82:52:f4:2c:b5:77:b1:9b:f9:ce:d4:2f:a4:60:25:5f:
53:37:dc:c1:cc:1c:52:ac:28:44:ee:af:59:d8:95:59:bd:f4:
5c:9c:6f:ad:c5:a1:71:c8:8d:71:59:67:97:53:71:13:65:fe:
44:bd:7b:c3:6a:48:37:80:62:3d:00:3b:ac:eb:00:e3:37:10:
7f:b9:74:53:31:71:f8:af:0e:40:9e:ad:8f:8a:e2:b2:b1:08:
4b:4f:0a:e3:0c:1f:1d:67:04:56:ee:44:d2:32:ff:d4:27:ab:
b8:30:5f:29
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDO4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yNTAyMTAx
MzUwNTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDE2MEI0Q0UwRDBEODQ1
Q0QwQzZFQzc2OUQ5N0NCMjkzRDI2MURBNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG39w61E1ALXCsCNMXmdLgj6z/0tcz1OA4L+5qjJIeNbAL2PfD
5mAg84WvGRVVePJPmJpf47WPnB2uKZ5ybD7OzSE9+f7ndlHSScwkuhXR8EJ5Xrkm
mv76tfIpAiAA93498rEhe64bLYRh2jCv0T6V7MWBRRg6XRQVRWbZAfYSTZXQfqnc
bwVshbyfy4CHXiyKEeNXPXak+kib/ViZtu8TmdY/5sV4eaSRyD3hvtx65inzP037
gXUwVNFXzP1SpSSssmLxWifKmEXnyZvSJ7dlO843pm14sY6tEzGh8bMmLVQbFKks
H/jycqDNsXjrH1RBe4lBAmXy7QyWDDe0gFOVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUFgtM4NDYRc0Mbsdp2Xyyk9Jh2kQwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9GZ3RNNE5EWVJjME1ic2RwMlh5
eWs5Smgya1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTog
MA0GCSqGSIb3DQEBCwUAA4IBAQDGbeFlXzMPP8w4ilCr1s1MO3l92CxVN+2WMZHy
uBN8KbFXtFWk9FpWq9pZkqNbFEnPeqtTJSNcPVhy3MYXg3MyEwXfn9MaCR336FK6
ItIi+5oUObTeTgo8cd5Ytd4HKYCryACo8RRAvt/tBVJ9NYsDIRvLVeGPURk7+ezQ
eRZmAeCdQ1VmQRZtMqv+rv3+OeV+boJS9Cy1d7Gb+c7UL6RgJV9TN9zBzBxSrChE
7q9Z2JVZvfRcnG+txaFxyI1xWWeXU3ETZf5EvXvDakg3gGI9ADus6wDjNxB/uXRT
MXH4rw5Anq2PiuKysQhLTwrjDB8dZwRW7kTSMv/UJ6u4MF8p
-----END CERTIFICATE-----
Generated at Sat Apr 12 05:37:05 2025 by rpki-client