Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa
File: 0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa (raw, json)
Hash identifier: 24D4mx/uH5LvCFZuHi9VL8FD4fAuH87qD+r4s8KSvsc=
Subject key identifier: D1:00:4D:F0:DD:E0:59:E1:9F:3C:3D:4C:CC:B3:66:4C:13:9E:DD:D9
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0CD2
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa
Signing time: Mon 10 Feb 2025 13:49:21 +0000
ROA not before: Mon 10 Feb 2025 13:49:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 5065
IP address blocks: 103.129.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3282 (0xcd2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Feb 10 13:49:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D1004DF0DDE059E19F3C3D4CCCB3664C139EDDD9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:11:46:14:f2:0b:97:ae:d0:a2:57:a0:d6:b7:
9c:2c:a7:d2:7d:5f:82:00:4f:d7:64:b4:ef:ab:4b:
44:0b:4e:b4:8f:d0:c7:a6:d4:dd:5d:6c:aa:b7:cc:
5a:20:fe:a7:50:6a:b4:73:b0:1b:7d:98:6d:79:08:
50:41:76:a9:18:27:6c:68:e6:80:76:f1:43:41:fb:
62:e9:df:d8:09:01:dc:04:f8:82:8c:f6:d7:a1:a4:
3b:0d:f0:c2:2c:b3:8f:16:05:23:97:43:6d:9c:ab:
a8:3d:6a:d7:0c:71:1b:63:ef:45:6b:03:d1:ec:af:
4e:e1:2b:0e:fd:5d:ee:7f:d3:5a:6f:dc:da:d8:b9:
6f:9a:e2:4d:1b:4a:47:23:fe:cb:ac:22:fb:2e:50:
5a:a3:8f:9d:84:e8:37:fa:21:34:5f:45:84:06:97:
3f:0a:72:92:a6:2c:43:5b:4f:7d:89:82:1e:aa:45:
c9:e3:bc:ac:62:a5:d7:a0:2f:3b:c7:86:d5:de:23:
07:51:13:ba:73:de:7f:ef:ad:6b:10:d5:34:14:9c:
1a:e4:d7:93:a3:bf:5a:e1:e6:3a:8c:40:0c:2f:99:
1c:f7:f7:13:65:e5:68:0b:2f:46:f2:76:da:ec:3e:
ff:47:58:bc:99:42:1b:23:53:d5:af:d6:b4:4a:ac:
3d:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:00:4D:F0:DD:E0:59:E1:9F:3C:3D:4C:CC:B3:66:4C:13:9E:DD:D9
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0QBN8N3gWeGfPD1MzLNmTBOe3dk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.144.0/24
Signature Algorithm: sha256WithRSAEncryption
82:11:86:36:54:ef:94:cb:e7:f9:ae:1a:db:6d:47:6b:f8:50:
c2:6d:28:86:f1:0d:da:78:de:92:60:28:0a:3d:63:1e:01:c9:
f4:b8:72:4f:b8:5d:18:31:e7:09:c6:23:36:6e:d8:f3:52:31:
d8:69:02:f2:5d:94:3d:e9:9e:85:f7:17:d1:59:1e:e7:2f:df:
dd:37:5b:d4:39:a1:17:2d:a0:a5:05:c4:6d:70:67:14:f2:2d:
29:84:57:bc:54:0f:a1:f1:a0:79:a4:04:d2:2f:4e:c1:9f:67:
b6:5b:d3:9a:eb:11:12:49:41:18:c6:95:34:b5:df:89:99:59:
da:f7:c0:21:2c:e7:c4:32:b2:5a:09:ed:f8:e2:75:35:31:16:
4c:41:26:3a:d4:16:52:63:4f:de:36:b6:46:19:81:bd:bd:bf:
76:e0:77:ab:c1:a5:06:04:0e:36:7d:98:1b:eb:f9:04:7c:10:
62:ef:c6:7b:a9:04:67:30:f2:cd:31:bf:dd:90:66:43:3a:e0:
e1:12:7e:10:e5:29:f6:74:74:ac:c6:b5:e7:5d:72:e5:83:d8:
0b:e5:08:d6:47:eb:2b:a0:22:87:e9:81:e5:72:db:0b:1c:18:
ae:97:b6:19:7e:11:77:f1:72:0b:97:b9:39:72:02:02:5f:1a:
f5:19:f7:e9
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDNIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTAyMTAx
MzQ5MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQxMDA0REYwRERFMDU5
RTE5RjNDM0Q0Q0NDQjM2NjRDMTM5RURERDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyEUYU8guXrtCiV6DWt5wsp9J9X4IAT9dktO+rS0QLTrSP0Mem
1N1dbKq3zFog/qdQarRzsBt9mG15CFBBdqkYJ2xo5oB28UNB+2Lp39gJAdwE+IKM
9tehpDsN8MIss48WBSOXQ22cq6g9atcMcRtj70VrA9Hsr07hKw79Xe5/01pv3NrY
uW+a4k0bSkcj/susIvsuUFqjj52E6Df6ITRfRYQGlz8KcpKmLENbT32Jgh6qRcnj
vKxipdegLzvHhtXeIwdRE7pz3n/vrWsQ1TQUnBrk15Ojv1rh5jqMQAwvmRz39xNl
5WgLL0bydtrsPv9HWLyZQhsjU9Wv1rRKrD1XAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU0QBN8N3gWeGfPD1MzLNmTBOe3dkwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzBRQk44TjNnV2VHZlBEMU16TE5tVEJP
ZTNkay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZAwDQYJ
KoZIhvcNAQELBQADggEBAIIRhjZU75TL5/muGtttR2v4UMJtKIbxDdp43pJgKAo9
Yx4ByfS4ck+4XRgx5wnGIzZu2PNSMdhpAvJdlD3pnoX3F9FZHucv3903W9Q5oRct
oKUFxG1wZxTyLSmEV7xUD6HxoHmkBNIvTsGfZ7Zb05rrERJJQRjGlTS134mZWdr3
wCEs58QysloJ7fjidTUxFkxBJjrUFlJjT942tkYZgb29v3bgd6vBpQYEDjZ9mBvr
+QR8EGLvxnupBGcw8s0xv92QZkM64OESfhDlKfZ0dKzGteddcuWD2AvlCNZH6yug
IofpgeVy2wscGK6Xthl+EXfxcguXuTlyAgJfGvUZ9+k=
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:26:36 2025 by rpki-client