Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/iSLhi5lcGevrresGm09sVOKRk88.roa
File: iSLhi5lcGevrresGm09sVOKRk88.roa (raw, json)
Hash identifier: +ikscN/u1nUrZbVNH2pXF//Q6P/CKONVbVexBUfXPQ0=
Subject key identifier: 89:22:E1:8B:99:5C:19:EB:EB:AD:EB:06:9B:4F:6C:54:E2:91:93:CF
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0E76
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/iSLhi5lcGevrresGm09sVOKRk88.roa
Signing time: Mon 10 Feb 2025 14:16:23 +0000
ROA not before: Mon 10 Feb 2025 14:16:23 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9916
IP address blocks: 140.129.64.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3702 (0xe76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Feb 10 14:16:23 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8922E18B995C19EBEBADEB069B4F6C54E29193CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:02:26:7f:0c:0f:71:68:f3:8b:c9:42:23:97:
88:02:9c:bd:74:37:ca:85:f0:51:46:7a:21:03:42:
70:47:5c:3e:23:ea:1e:7d:91:2f:14:6e:b7:6b:f1:
c5:11:fb:ef:d4:d3:bb:ad:c6:3e:b2:a8:0f:f3:ba:
19:76:7e:30:d3:81:11:9d:81:68:a1:94:92:b4:22:
1b:34:ee:68:9f:12:02:83:35:f0:f6:01:6e:e9:80:
09:54:8a:6c:9d:85:ec:44:16:56:9a:95:59:46:df:
80:21:b5:eb:88:8a:ad:b1:29:52:ce:5e:ab:b4:54:
e4:0a:b2:4d:19:c6:52:07:15:cf:b1:c7:0f:d8:bb:
fe:f5:21:16:72:17:5e:84:60:3d:27:ae:3f:7a:2b:
36:65:d1:f9:1c:99:ce:22:c4:f9:10:2f:9f:35:3e:
31:87:4e:8f:c3:24:47:86:9b:09:42:94:f9:87:b4:
25:c2:54:07:dd:77:a6:70:1a:ef:ce:14:d2:ff:4e:
00:24:e4:b6:4b:a3:a2:40:82:84:0d:ea:74:d3:6e:
32:27:43:3d:83:ab:dd:08:d5:3a:9e:22:fe:2b:81:
70:b3:b6:8d:19:a6:f5:7f:ff:60:61:06:15:31:1e:
21:e6:29:c1:08:d6:f4:16:9f:c4:ae:b8:bd:84:83:
03:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:22:E1:8B:99:5C:19:EB:EB:AD:EB:06:9B:4F:6C:54:E2:91:93:CF
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/iSLhi5lcGevrresGm09sVOKRk88.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.129.64.0/20
Signature Algorithm: sha256WithRSAEncryption
8b:5d:ee:2e:d2:f8:81:19:03:1e:7f:67:0e:3c:de:55:0c:ea:
bd:dd:81:3c:67:e2:c8:15:0f:a7:84:30:c2:a3:08:a7:af:21:
4d:0a:5f:d0:16:99:21:b3:fe:8d:81:37:1f:a9:65:78:49:5c:
84:16:8c:88:59:9a:db:ce:eb:17:a1:80:69:87:10:96:82:f7:
77:0a:a7:44:89:f5:f0:9a:d9:e5:46:00:38:8e:89:c1:29:f5:
83:1c:59:42:ff:67:0a:1e:a2:ca:a2:c3:4a:fb:41:33:4f:85:
78:66:5e:14:f6:84:c4:44:01:12:a1:b9:7a:2d:64:21:c6:bb:
d3:e0:8d:eb:db:2d:6b:11:24:0f:2f:9a:f7:95:53:10:c6:dd:
fc:7a:02:15:63:a3:54:ac:07:2a:84:7e:59:d1:80:7c:fe:88:
b8:8a:29:80:39:b2:70:ce:cb:c6:07:bd:97:41:ac:90:18:fd:
3d:59:56:28:df:fc:06:34:47:60:f7:0f:2a:40:ea:a6:9f:2c:
83:4c:26:db:a5:68:2b:12:8e:c7:14:d2:7a:cc:4d:05:d3:bf:
24:5e:82:8a:5b:61:88:af:e3:54:ca:82:70:9d:e2:50:56:f5:
f8:ac:81:0a:d0:a4:14:bc:40:60:ee:c1:fa:50:0f:ca:93:e6:
8b:52:a2:56
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yNTAyMTAx
NDE2MjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5MjJFMThCOTk1QzE5
RUJFQkFERUIwNjlCNEY2QzU0RTI5MTkzQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiAiZ/DA9xaPOLyUIjl4gCnL10N8qF8FFGeiEDQnBHXD4j6h59
kS8Ubrdr8cUR++/U07utxj6yqA/zuhl2fjDTgRGdgWihlJK0Ihs07mifEgKDNfD2
AW7pgAlUimydhexEFlaalVlG34AhteuIiq2xKVLOXqu0VOQKsk0ZxlIHFc+xxw/Y
u/71IRZyF16EYD0nrj96KzZl0fkcmc4ixPkQL581PjGHTo/DJEeGmwlClPmHtCXC
VAfdd6ZwGu/OFNL/TgAk5LZLo6JAgoQN6nTTbjInQz2Dq90I1TqeIv4rgXCzto0Z
pvV//2BhBhUxHiHmKcEI1vQWn8SuuL2EgwOxAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUiSLhi5lcGevrresGm09sVOKRk88wHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9pU0xoaTVsY0dldnJyZXNHbTA5
c1ZPS1JrODgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEjIFA
MA0GCSqGSIb3DQEBCwUAA4IBAQCLXe4u0viBGQMef2cOPN5VDOq93YE8Z+LIFQ+n
hDDCowinryFNCl/QFpkhs/6NgTcfqWV4SVyEFoyIWZrbzusXoYBphxCWgvd3CqdE
ifXwmtnlRgA4jonBKfWDHFlC/2cKHqLKosNK+0EzT4V4Zl4U9oTERAESobl6LWQh
xrvT4I3r2y1rESQPL5r3lVMQxt38egIVY6NUrAcqhH5Z0YB8/oi4iimAObJwzsvG
B72XQayQGP09WVYo3/wGNEdg9w8qQOqmnyyDTCbbpWgrEo7HFNJ6zE0F078kXoKK
W2GIr+NUyoJwneJQVvX4rIEK0KQUvEBg7sH6UA/Kk+aLUqJW
-----END CERTIFICATE-----
Generated at Wed Jun 25 11:55:18 2025 by rpki-client