Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/id9pl2rcUZ6LK7CBZ3qcuZbIgbw.roa
File: id9pl2rcUZ6LK7CBZ3qcuZbIgbw.roa (raw, json)
Hash identifier: Ta9wem5W7zv9x893t/A9x76ODT7g+LVmPRgUzscP3Ck=
Subject key identifier: 89:DF:69:97:6A:DC:51:9E:8B:2B:B0:81:67:7A:9C:B9:96:C8:81:BC
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0D1B
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/id9pl2rcUZ6LK7CBZ3qcuZbIgbw.roa
Signing time: Mon 26 Aug 2024 05:19:34 +0000
ROA not before: Mon 26 Aug 2024 05:19:34 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9416
IP address blocks: 220.157.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3355 (0xd1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Aug 26 05:19:34 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=89DF69976ADC519E8B2BB081677A9CB996C881BC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ab:c7:fc:ca:ab:ea:64:ce:27:71:66:79:0a:
ee:50:3a:44:a7:b6:dc:a9:69:9b:70:d1:d0:fd:a6:
81:64:1b:7c:38:21:ca:f3:37:9e:03:35:cf:50:b8:
bd:64:f0:6a:a9:2d:1b:cc:f6:ec:07:0a:67:41:54:
33:b7:60:e9:7a:a8:f3:31:09:b2:df:bd:78:c3:39:
aa:78:28:b3:04:e1:ff:ea:14:48:ee:ea:b2:83:22:
e5:27:45:ee:97:26:d9:30:e9:e7:9d:ac:9d:4c:43:
1f:a4:20:44:e2:5f:66:81:29:87:9d:68:ff:1f:9d:
14:90:07:c4:f2:bc:05:5f:79:fb:ae:03:83:58:d6:
a9:27:c6:e7:6a:25:14:91:ae:e6:f2:26:23:67:63:
39:af:f8:e2:ef:8b:21:33:a8:33:26:44:9f:92:78:
d6:81:07:46:75:24:fe:b4:46:78:ae:5e:f1:6b:8e:
b1:8b:49:36:dd:9a:c3:b1:3c:bc:a1:a3:79:1e:5a:
64:64:0e:e6:d5:1f:bd:77:72:8d:2e:f7:50:ca:f7:
7d:0f:aa:b6:0b:1d:c3:35:ac:e0:43:de:dc:63:43:
26:fd:fc:b0:bc:40:d8:0c:8b:d6:ee:3b:df:f0:be:
88:41:cb:75:65:23:fd:4b:f5:7d:c2:22:5b:35:1d:
f1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DF:69:97:6A:DC:51:9E:8B:2B:B0:81:67:7A:9C:B9:96:C8:81:BC
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/id9pl2rcUZ6LK7CBZ3qcuZbIgbw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.157.112.0/20
Signature Algorithm: sha256WithRSAEncryption
8a:c1:90:e5:71:b6:7b:34:bf:ee:b6:ec:5c:4f:13:f1:e5:7f:
34:dc:ca:f2:92:03:6e:b7:75:39:bf:ec:60:ea:17:6f:94:c5:
22:c1:38:f0:9c:a5:92:46:71:90:b6:83:31:b9:c6:2c:99:a4:
5f:72:68:d2:ac:9f:c0:c3:50:29:7b:ee:f0:fd:97:b0:e5:fa:
a2:d7:d7:52:f3:9c:66:db:b5:82:07:28:d1:c2:d3:99:86:79:
2e:7b:7f:68:f8:b3:8d:55:3b:37:ed:b6:f7:c1:95:43:d2:3a:
21:8e:f2:e7:f6:d4:b9:3a:2c:18:51:97:a7:32:99:25:59:03:
c8:1d:4a:fb:16:74:68:ef:8b:80:e2:f2:d0:bb:4f:13:e6:1e:
0d:8d:e6:3b:e6:b8:dd:01:2f:a8:a0:44:38:c6:fa:ad:c5:25:
a5:14:dc:3e:da:d9:db:15:02:79:58:af:b5:6a:53:80:02:be:
be:39:aa:36:98:5a:b4:d4:e1:ca:c0:df:db:0c:f8:88:87:1f:
13:5b:89:f0:30:b4:3e:ff:30:a0:08:b7:f8:c1:d7:d4:25:cf:
98:01:a8:a3:27:6f:59:7d:be:97:14:e6:8c:a7:9a:68:40:17:
60:71:36:ba:88:3c:08:69:e2:e2:05:96:f6:68:cc:43:72:ab:
72:48:bc:53
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDRswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yNDA4MjYw
NTE5MzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg5REY2OTk3NkFEQzUx
OUU4QjJCQjA4MTY3N0E5Q0I5OTZDODgxQkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkq8f8yqvqZM4ncWZ5Cu5QOkSnttypaZtw0dD9poFkG3w4Icrz
N54DNc9QuL1k8GqpLRvM9uwHCmdBVDO3YOl6qPMxCbLfvXjDOap4KLME4f/qFEju
6rKDIuUnRe6XJtkw6eedrJ1MQx+kIETiX2aBKYedaP8fnRSQB8TyvAVfefuuA4NY
1qknxudqJRSRrubyJiNnYzmv+OLviyEzqDMmRJ+SeNaBB0Z1JP60RniuXvFrjrGL
STbdmsOxPLyho3keWmRkDubVH713co0u91DK930PqrYLHcM1rOBD3txjQyb9/LC8
QNgMi9buO9/wvohBy3VlI/1L9X3CIls1HfFXAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUid9pl2rcUZ6LK7CBZ3qcuZbIgbwwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL2lkOXBsMnJjVVo2TEs3Q0Ja
M3FjdVpiSWdidy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATc
nXAwDQYJKoZIhvcNAQELBQADggEBAIrBkOVxtns0v+627FxPE/HlfzTcyvKSA263
dTm/7GDqF2+UxSLBOPCcpZJGcZC2gzG5xiyZpF9yaNKsn8DDUCl77vD9l7Dl+qLX
11LznGbbtYIHKNHC05mGeS57f2j4s41VOzfttvfBlUPSOiGO8uf21Lk6LBhRl6cy
mSVZA8gdSvsWdGjvi4Di8tC7TxPmHg2N5jvmuN0BL6igRDjG+q3FJaUU3D7a2dsV
AnlYr7VqU4ACvr45qjaYWrTU4crA39sM+IiHHxNbifAwtD7/MKAIt/jB19Qlz5gB
qKMnb1l9vpcU5oynmmhAF2BxNrqIPAhp4uIFlvZozENyq3JIvFM=
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:35:27 2025 by rpki-client