Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/y9OndPNDsDZQ_ZjyEPM0z3i53mc.roa
File: y9OndPNDsDZQ_ZjyEPM0z3i53mc.roa (raw, json)
Hash identifier: 5EOMWEpaQgA1x/upIL/7/otH/76TFpnA3bJgwJ6DyDk=
Subject key identifier: CB:D3:A7:74:F3:43:B0:36:50:FD:98:F2:10:F3:34:CF:78:B9:DE:67
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 128A
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/y9OndPNDsDZQ_ZjyEPM0z3i53mc.roa
Signing time: Mon 10 Feb 2025 14:14:58 +0000
ROA not before: Mon 10 Feb 2025 14:14:58 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 137263
IP address blocks: 150.116.81.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4746 (0x128a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:14:58 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CBD3A774F343B03650FD98F210F334CF78B9DE67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:44:31:a3:e9:8a:83:50:51:19:55:6a:c8:9b:
01:59:03:c4:12:4c:20:d5:0c:7e:76:ac:67:90:3a:
99:a4:a2:f6:d2:aa:fb:00:42:3c:e1:4a:fe:99:c8:
16:ea:54:78:36:ac:e3:3c:f3:a9:51:59:8a:5a:99:
6a:08:37:06:a3:da:35:b3:39:57:2d:21:82:b7:b4:
8a:7b:09:fc:0c:f6:9b:4f:87:23:90:fe:7b:53:f0:
71:67:79:e3:c9:1a:e1:94:ed:80:17:e4:e9:7c:00:
82:94:41:7c:3e:a8:69:8f:3e:88:9d:43:6e:82:d0:
e1:82:b9:64:51:13:b1:37:5f:b2:28:01:f2:0b:05:
64:53:68:d8:e6:3d:66:f6:82:42:77:41:05:d9:79:
77:15:ed:5f:73:76:07:29:0a:88:f5:46:cc:cf:e9:
48:11:e8:ce:88:c3:90:28:52:23:83:00:57:50:18:
70:cc:31:c9:42:22:c7:90:2d:e4:56:de:3a:57:e4:
c6:f4:3f:6a:f5:8c:6d:94:f0:7b:4c:b8:11:56:aa:
d8:7f:e3:52:b0:d7:3d:69:fa:17:9b:79:67:87:97:
97:e5:c7:a8:75:2f:34:3f:1a:77:36:07:fa:d3:c0:
0e:12:59:36:94:86:ba:11:f0:47:a4:b1:8f:60:87:
7f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:D3:A7:74:F3:43:B0:36:50:FD:98:F2:10:F3:34:CF:78:B9:DE:67
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/y9OndPNDsDZQ_ZjyEPM0z3i53mc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.81.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:46:0a:b5:6a:1b:ac:97:62:bc:f6:af:5f:6d:f7:98:83:db:
68:20:a3:bc:7f:fd:de:2d:6d:86:a2:bb:73:ea:14:3b:44:b3:
2d:22:64:b4:66:65:bc:ba:c8:9e:8c:80:58:88:f0:26:fa:d4:
42:5e:29:49:9c:fb:bc:c6:b6:e2:8d:79:b3:06:64:fb:9c:ef:
99:21:64:fc:56:9b:04:06:26:05:5f:c2:63:d5:11:fd:db:45:
90:ef:43:78:31:97:86:ad:5e:3a:d8:5a:4b:85:ca:26:ba:65:
65:e4:ba:57:11:13:f6:d2:ac:6f:3f:a1:5d:8b:9c:c3:94:a6:
e2:23:ef:03:de:48:6c:96:24:9f:26:49:05:2a:3d:66:ac:0e:
8a:98:64:5a:d3:55:73:55:3a:da:51:6c:02:69:6b:b0:dc:3b:
c1:00:4e:cc:5d:b1:00:b3:35:77:63:b7:74:b9:54:1e:92:11:
91:2c:81:45:65:c7:be:e8:d5:29:03:87:e6:ac:36:82:44:8b:
01:7c:6f:02:08:c6:06:24:d6:32:2d:5a:a2:a0:d6:5d:91:60:
ca:ac:df:96:40:33:86:b6:2b:34:8a:35:6d:3e:1b:f8:ef:7c:
48:19:6b:f1:f4:44:9e:15:9a:7c:e8:73:71:e7:1e:fa:16:9c:
fb:33:13:d4
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEoowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE0NThaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENCRDNBNzc0RjM0M0Iw
MzY1MEZEOThGMjEwRjMzNENGNzhCOURFNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPRDGj6YqDUFEZVWrImwFZA8QSTCDVDH52rGeQOpmkovbSqvsA
QjzhSv6ZyBbqVHg2rOM886lRWYpamWoINwaj2jWzOVctIYK3tIp7CfwM9ptPhyOQ
/ntT8HFneePJGuGU7YAX5Ol8AIKUQXw+qGmPPoidQ26C0OGCuWRRE7E3X7IoAfIL
BWRTaNjmPWb2gkJ3QQXZeXcV7V9zdgcpCoj1RszP6UgR6M6Iw5AoUiODAFdQGHDM
MclCIseQLeRW3jpX5Mb0P2r1jG2U8HtMuBFWqth/41Kw1z1p+hebeWeHl5flx6h1
LzQ/Gnc2B/rTwA4SWTaUhroR8EeksY9gh38hAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUy9OndPNDsDZQ/ZjyEPM0z3i53mcwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy95OU9uZFBORHNEWlFf
Wmp5RVBNMHozaTUzbWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAlnRRMA0GCSqGSIb3DQEBCwUAA4IBAQBcRgq1ahusl2K89q9fbfeYg9toIKO8
f/3eLW2Gortz6hQ7RLMtImS0ZmW8usiejIBYiPAm+tRCXilJnPu8xrbijXmzBmT7
nO+ZIWT8VpsEBiYFX8Jj1RH920WQ70N4MZeGrV462FpLhcomumVl5LpXERP20qxv
P6Fdi5zDlKbiI+8D3khsliSfJkkFKj1mrA6KmGRa01VzVTraUWwCaWuw3DvBAE7M
XbEAszV3Y7d0uVQekhGRLIFFZce+6NUpA4fmrDaCRIsBfG8CCMYGJNYyLVqioNZd
kWDKrN+WQDOGtis0ijVtPhv473xIGWvx9ESeFZp86HNx5x76Fpz7MxPU
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:29:44 2025 by rpki-client