Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/M2NIM/qAhpBmuY95BefiIsRzZk9eFyaes.roa
File: qAhpBmuY95BefiIsRzZk9eFyaes.roa (raw, json)
Hash identifier: NCaIgL9QvkuXUeFG6UmLnbCmd+11ckY6/i2iATlk5NE=
Subject key identifier: A8:08:69:06:6B:98:F7:90:5E:7E:22:2C:47:36:64:F5:E1:72:69:EB
Certificate issuer: /CN=07D3E73EC5EB3D704863889E221845B7695D409C
Certificate serial: 07
Authority key identifier: 07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/qAhpBmuY95BefiIsRzZk9eFyaes.roa
Signing time: Mon 11 Mar 2024 03:08:16 +0000
ROA not before: Mon 11 Mar 2024 03:08:16 +0000
ROA not after: Fri 28 Feb 2025 15:30:27 +0000
asID: 32595
IP address blocks: 157.20.134.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7 (0x7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07D3E73EC5EB3D704863889E221845B7695D409C
Validity
Not Before: Mar 11 03:08:16 2024 GMT
Not After : Feb 28 15:30:27 2025 GMT
Subject: CN=A80869066B98F7905E7E222C473664F5E17269EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8f:e0:71:ae:de:a8:45:72:0d:71:5c:dc:f3:
57:e8:d7:7e:3d:3d:10:28:78:77:d6:97:70:cf:78:
2b:3f:99:23:8b:23:96:a0:d4:e2:16:57:5e:1e:9a:
12:ec:fc:46:5f:8a:b5:31:7d:69:c4:84:3a:77:d4:
d9:d9:d9:54:b1:94:17:53:02:fb:f9:0e:3d:2b:f1:
cf:f7:24:9e:ad:ed:a3:45:54:a8:26:5c:e4:56:55:
ec:33:ac:25:70:d1:42:ed:4b:c3:a8:aa:fa:38:cb:
3a:6b:29:1a:6e:a2:b1:87:eb:dc:12:f9:be:52:a3:
49:99:d7:b8:49:cc:d2:fb:9c:43:a8:6f:5e:12:49:
96:dd:26:51:a1:b6:ff:fa:f6:53:8c:40:d9:5a:3f:
e3:c1:bc:0b:e8:07:b2:19:1a:a4:e1:97:5e:95:60:
7a:6d:2e:0b:eb:b5:1e:fc:4f:da:4f:ec:ce:ec:ad:
30:ec:de:5f:2a:e9:d1:d9:f2:26:29:a3:9d:3e:09:
da:72:ac:b2:12:20:67:66:63:5f:e4:c4:4b:ec:b8:
b1:32:09:46:6f:47:58:81:53:10:40:07:16:ed:ac:
c2:22:b9:37:d8:4a:ce:2a:86:73:4b:80:15:fe:81:
d5:1e:33:17:e7:72:1e:8a:2e:45:eb:f3:de:e1:17:
15:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:08:69:06:6B:98:F7:90:5E:7E:22:2C:47:36:64:F5:E1:72:69:EB
X509v3 Authority Key Identifier:
keyid:07:D3:E7:3E:C5:EB:3D:70:48:63:88:9E:22:18:45:B7:69:5D:40:9C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/B9PnPsXrPXBIY4ieIhhFt2ldQJw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B9PnPsXrPXBIY4ieIhhFt2ldQJw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/M2NIM/qAhpBmuY95BefiIsRzZk9eFyaes.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.134.0/23
Signature Algorithm: sha256WithRSAEncryption
65:e5:4c:f8:3a:84:69:f9:5f:3d:6a:eb:89:03:d3:02:3e:e0:
7e:3d:da:4d:d6:1b:89:ad:a6:c1:b6:89:1c:ef:12:9c:da:2a:
e9:be:e4:da:d3:fd:9f:47:6e:61:b1:17:80:3d:8a:b4:08:a4:
a5:99:71:88:1c:f1:43:a2:61:c9:75:0e:95:a6:40:64:09:df:
31:2d:56:60:c2:97:96:27:86:dd:03:3a:2b:95:83:33:c1:04:
c1:de:23:33:a3:6a:c0:4c:3b:11:36:96:9c:b9:c6:93:d2:27:
6e:88:5e:8e:42:3c:58:5f:0a:79:98:d7:8e:f0:fa:8a:7b:4f:
7b:d7:59:6d:a4:9a:2e:31:8a:12:65:65:c6:80:50:4b:8b:ca:
fd:57:8c:40:59:10:81:82:54:db:58:7e:19:39:20:f0:f9:c2:
36:aa:d8:0f:3d:93:6c:ac:0b:2e:a1:4b:92:07:4c:7e:50:d4:
52:b9:ed:8c:eb:1e:b4:3b:df:9a:99:ec:9b:76:2c:2a:44:e0:
39:1c:7f:28:52:6a:24:d0:4d:47:fc:d2:2e:80:da:00:e6:e1:
73:87:b4:44:44:46:7c:47:5b:44:48:a7:2e:67:c2:dd:19:b3:
fe:3c:b6:98:ac:97:10:cf:6d:71:4f:ea:16:03:c5:09:e8:ea:
a1:0b:fd:71
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwN0Qz
RTczRUM1RUIzRDcwNDg2Mzg4OUUyMjE4NDVCNzY5NUQ0MDlDMB4XDTI0MDMxMTAz
MDgxNloXDTI1MDIyODE1MzAyN1owMzExMC8GA1UEAxMoQTgwODY5MDY2Qjk4Rjc5
MDVFN0UyMjJDNDczNjY0RjVFMTcyNjlFQjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALiP4HGu3qhFcg1xXNzzV+jXfj09ECh4d9aXcM94Kz+ZI4sjlqDU
4hZXXh6aEuz8Rl+KtTF9acSEOnfU2dnZVLGUF1MC+/kOPSvxz/cknq3to0VUqCZc
5FZV7DOsJXDRQu1Lw6iq+jjLOmspGm6isYfr3BL5vlKjSZnXuEnM0vucQ6hvXhJJ
lt0mUaG2//r2U4xA2Vo/48G8C+gHshkapOGXXpVgem0uC+u1HvxP2k/szuytMOze
Xyrp0dnyJimjnT4J2nKsshIgZ2ZjX+TES+y4sTIJRm9HWIFTEEAHFu2swiK5N9hK
ziqGc0uAFf6B1R4zF+dyHoouRevz3uEXFXkCAwEAAaOCAewwggHoMB0GA1UdDgQW
BBSoCGkGa5j3kF5+IixHNmT14XJp6zAfBgNVHSMEGDAWgBQH0+c+xes9cEhjiJ4i
GEW3aV1AnDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NMk5JTS9C
OVBuUHNYclBYQklZNGllSWhoRnQybGRRSncuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0I5UG5Qc1hyUFhCSVk0aWVJaGhGdDJsZFFKdy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL00yTklNL3FBaHBCbXVZOTVCZWZpSXNSelpr
OWVGeWFlcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGdFIYw
DQYJKoZIhvcNAQELBQADggEBAGXlTPg6hGn5Xz1q64kD0wI+4H492k3WG4mtpsG2
iRzvEpzaKum+5NrT/Z9HbmGxF4A9irQIpKWZcYgc8UOiYcl1DpWmQGQJ3zEtVmDC
l5Ynht0DOiuVgzPBBMHeIzOjasBMOxE2lpy5xpPSJ26IXo5CPFhfCnmY147w+op7
T3vXWW2kmi4xihJlZcaAUEuLyv1XjEBZEIGCVNtYfhk5IPD5wjaq2A89k2ysCy6h
S5IHTH5Q1FK57YzrHrQ735qZ7Jt2LCpE4DkcfyhSaiTQTUf80i6A2gDm4XOHtERE
RnxHW0RIpy5nwt0Zs/48tpislxDPbXFP6hYDxQno6qEL/XE=
-----END CERTIFICATE-----
Generated at Sun Apr 27 10:36:33 2025 by rpki-client