Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CTII/x4jsko3iCe9RJfqSBNeBDNeWef0.roa
File: x4jsko3iCe9RJfqSBNeBDNeWef0.roa (raw, json)
Hash identifier: m5eKf3hFQOmswbX/ymlbGEWNHzNv0TwWwtH+N8UqWBA=
Subject key identifier: C7:88:EC:92:8D:E2:09:EF:51:25:FA:92:04:D7:81:0C:D7:96:79:FD
Certificate issuer: /CN=FBD3AC9FC44C3DD2AB7B5D20BC158C82D83D260A
Certificate serial: 1283
Authority key identifier: FB:D3:AC:9F:C4:4C:3D:D2:AB:7B:5D:20:BC:15:8C:82:D8:3D:26:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-9Osn8RMPdKre10gvBWMgtg9Jgo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CTII/x4jsko3iCe9RJfqSBNeBDNeWef0.roa
Signing time: Thu 28 Nov 2024 14:14:11 +0000
ROA not before: Thu 28 Nov 2024 14:14:11 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 984
IP address blocks: 103.130.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4739 (0x1283)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FBD3AC9FC44C3DD2AB7B5D20BC158C82D83D260A
Validity
Not Before: Nov 28 14:14:11 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C788EC928DE209EF5125FA9204D7810CD79679FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:85:e0:79:9c:bd:39:41:42:25:65:44:51:79:
20:7b:e2:e4:ff:08:a1:b0:b5:f5:52:12:49:f3:4e:
b3:1d:b0:0f:b8:d3:64:fd:fe:09:8b:9a:99:49:16:
b1:69:f8:61:1a:33:b7:7e:8f:ba:a7:e0:66:3a:5c:
9e:f8:26:f6:d9:c4:0f:f5:92:bc:e9:63:d0:5e:27:
54:02:77:91:d5:32:1b:f6:a7:a1:b2:5d:9c:3b:07:
61:f8:b0:54:7f:88:4e:69:d8:de:be:17:99:75:20:
70:b9:9f:2b:78:74:09:d7:c7:65:3a:3e:e9:c2:92:
4f:41:6e:d6:db:62:78:9b:c9:58:55:8f:76:8c:c8:
c6:b5:1b:a2:68:6d:8a:82:76:62:cb:04:7d:ca:f2:
b2:62:13:99:f4:06:f1:a6:78:6e:39:2e:75:ca:34:
53:da:04:e4:c1:39:33:fb:35:2e:fb:ee:4c:d6:8d:
92:67:e3:63:0d:05:2e:b9:4b:82:1f:e5:0a:a9:be:
4c:21:91:14:16:c0:1b:6a:a1:98:0b:34:21:6e:58:
0b:0b:00:45:f2:dc:03:1c:b9:8d:33:3f:90:b5:a5:
f6:43:2e:fc:4e:12:e0:28:fa:93:a2:9b:9f:3e:b9:
8c:2e:b5:78:47:35:2e:3a:7e:0c:88:c2:ad:bc:df:
4c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:88:EC:92:8D:E2:09:EF:51:25:FA:92:04:D7:81:0C:D7:96:79:FD
X509v3 Authority Key Identifier:
keyid:FB:D3:AC:9F:C4:4C:3D:D2:AB:7B:5D:20:BC:15:8C:82:D8:3D:26:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CTII/-9Osn8RMPdKre10gvBWMgtg9Jgo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-9Osn8RMPdKre10gvBWMgtg9Jgo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CTII/x4jsko3iCe9RJfqSBNeBDNeWef0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.248.0/24
Signature Algorithm: sha256WithRSAEncryption
45:eb:02:7b:24:79:80:25:9e:7b:e4:e1:74:3c:11:42:95:93:
06:98:e9:80:60:80:06:d9:ce:6a:05:a5:c1:7d:79:ba:15:7a:
34:60:ed:7b:77:60:c7:8e:b4:27:b1:ab:73:a0:d6:53:38:9c:
5e:cc:80:f9:83:1b:c9:d6:59:1d:3f:23:05:45:ca:f4:32:d8:
00:54:ca:a5:66:02:08:fc:fd:14:3d:65:9f:f7:62:73:00:4f:
93:46:37:ac:59:bc:13:30:09:47:b5:59:26:a2:7b:87:ac:6f:
c6:51:77:e3:78:2f:1a:39:46:ad:d6:71:6c:b4:2d:00:74:22:
82:b7:72:a9:c4:0f:f8:15:db:57:eb:09:2e:30:b9:32:ed:2e:
dd:e3:e3:30:9a:61:07:90:4e:88:65:9f:ff:e3:28:67:e6:ad:
b8:fd:70:6e:63:29:ae:85:f8:ff:cb:29:0b:dc:ee:23:6a:aa:
80:ec:f1:fc:f8:d3:26:22:87:97:19:b9:42:bf:fd:b8:9a:df:
2a:ac:85:79:76:75:d8:40:25:00:0f:be:b2:7f:8a:de:fa:7d:
de:7c:aa:9e:b7:5e:e2:12:5d:1c:e6:63:60:24:e2:0e:89:dc:
ce:fa:8c:9a:7b:7e:1b:88:2a:0d:5d:d6:8b:9e:29:01:b2:f3:
6e:a7:cf:64
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEoMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkJE
M0FDOUZDNDRDM0REMkFCN0I1RDIwQkMxNThDODJEODNEMjYwQTAeFw0yNDExMjgx
NDE0MTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM3ODhFQzkyOERFMjA5
RUY1MTI1RkE5MjA0RDc4MTBDRDc5Njc5RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDheB5nL05QUIlZURReSB74uT/CKGwtfVSEknzTrMdsA+402T9
/gmLmplJFrFp+GEaM7d+j7qn4GY6XJ74JvbZxA/1krzpY9BeJ1QCd5HVMhv2p6Gy
XZw7B2H4sFR/iE5p2N6+F5l1IHC5nyt4dAnXx2U6PunCkk9BbtbbYnibyVhVj3aM
yMa1G6JobYqCdmLLBH3K8rJiE5n0BvGmeG45LnXKNFPaBOTBOTP7NS777kzWjZJn
42MNBS65S4If5QqpvkwhkRQWwBtqoZgLNCFuWAsLAEXy3AMcuY0zP5C1pfZDLvxO
EuAo+pOim58+uYwutXhHNS46fgyIwq2830x1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUx4jsko3iCe9RJfqSBNeBDNeWef0wHwYDVR0jBBgwFoAU+9Osn8RMPdKre10g
vBWMgtg9JgowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ1RJSS8t
OU9zbjhSTVBkS3JlMTBndkJXTWd0ZzlKZ28uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly05T3NuOFJNUGRLcmUxMGd2QldNZ3RnOUpnby5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0NUSUkveDRqc2tvM2lDZTlSSmZxU0JOZUJE
TmVXZWYwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeC+DAN
BgkqhkiG9w0BAQsFAAOCAQEAResCeyR5gCWee+ThdDwRQpWTBpjpgGCABtnOagWl
wX15uhV6NGDte3dgx460J7Grc6DWUzicXsyA+YMbydZZHT8jBUXK9DLYAFTKpWYC
CPz9FD1ln/dicwBPk0Y3rFm8EzAJR7VZJqJ7h6xvxlF343gvGjlGrdZxbLQtAHQi
grdyqcQP+BXbV+sJLjC5Mu0u3ePjMJphB5BOiGWf/+MoZ+atuP1wbmMproX4/8sp
C9zuI2qqgOzx/PjTJiKHlxm5Qr/9uJrfKqyFeXZ12EAlAA++sn+K3vp93nyqnrde
4hJdHOZjYCTiDonczvqMmnt+G4gqDV3Wi54pAbLzbqfPZA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:34:05 2025 by rpki-client