Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCCC/41x7IhEG1FrnuX9cR2zWYCoDdBg.roa
File: 41x7IhEG1FrnuX9cR2zWYCoDdBg.roa (raw, json)
Hash identifier: JFUR1qKu+B+WO9hWzyO1sP9uV7Ftk/Hq94BZeRD6Dd8=
Subject key identifier: E3:5C:7B:22:11:06:D4:5A:E7:B9:7F:5C:47:6C:D6:60:2A:03:74:18
Certificate issuer: /CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Certificate serial: 11
Authority key identifier: 07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/41x7IhEG1FrnuX9cR2zWYCoDdBg.roa
Signing time: Mon 18 Mar 2024 09:59:45 +0000
ROA not before: Mon 18 Mar 2024 09:59:45 +0000
ROA not after: Wed 26 Feb 2025 15:30:21 +0000
asID: 3462
IP address blocks: 157.20.106.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17 (0x11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Validity
Not Before: Mar 18 09:59:45 2024 GMT
Not After : Feb 26 15:30:21 2025 GMT
Subject: CN=E35C7B221106D45AE7B97F5C476CD6602A037418
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f6:cd:8b:2f:97:63:5c:8a:2a:0a:07:ac:20:
17:5c:7b:44:5e:ed:33:87:00:b4:f7:51:12:50:a6:
d6:0c:11:4d:ae:7e:90:e9:66:55:57:18:a3:2e:c3:
1e:1f:19:a0:1c:6e:49:49:63:61:84:af:72:f1:d3:
f6:e7:a4:b8:a4:ae:99:0f:99:e8:2e:2c:fd:99:ab:
16:e4:8c:57:17:a4:81:34:ff:a5:67:7f:56:b1:3b:
b2:54:ba:38:eb:8d:de:4d:86:78:08:e4:0b:15:8e:
08:84:20:2a:b7:d3:34:0a:bd:03:54:02:6b:f9:ca:
27:88:73:7e:56:b7:20:fb:d9:06:ab:a7:c2:f3:cc:
ce:f8:22:f0:bc:08:cc:b9:f7:02:48:0f:47:02:6f:
e2:e0:dd:0d:2d:a4:6f:8a:22:77:63:79:1a:d6:6b:
6c:72:c1:c2:b2:cf:18:bd:f1:95:2c:8f:4e:06:79:
02:4c:20:01:88:6d:d8:7b:54:fc:ac:2d:6b:df:72:
25:42:00:45:23:fe:c2:ce:d7:36:ac:cd:e4:64:94:
2f:67:a3:02:0c:97:8f:f1:f1:8b:5e:21:51:17:6e:
d1:c0:b9:95:d8:da:a8:14:3d:d7:f7:f1:5d:56:71:
f3:75:88:db:46:0d:5d:e6:07:69:a5:03:46:e1:c0:
0c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5C:7B:22:11:06:D4:5A:E7:B9:7F:5C:47:6C:D6:60:2A:03:74:18
X509v3 Authority Key Identifier:
keyid:07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/41x7IhEG1FrnuX9cR2zWYCoDdBg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.106.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:b9:67:38:56:b3:77:6d:d0:7b:dd:a3:a7:56:57:56:4c:31:
c3:12:d3:37:72:2b:3d:33:ce:a3:7f:c1:f2:ed:24:64:37:cb:
57:18:ec:ef:cf:39:00:fb:13:51:33:13:7c:6a:87:2b:6e:9d:
11:85:07:b2:78:e6:fb:8c:5d:52:96:2b:e5:f1:13:b6:53:9a:
9a:68:fa:3e:d7:10:08:d9:9e:06:9b:65:53:21:9a:ef:c6:cd:
fe:72:21:53:32:f8:51:a7:9a:e7:2b:63:ab:61:b5:47:76:ed:
ae:11:24:a7:75:bb:c3:a6:0a:d3:54:ea:ac:c3:6f:7e:69:22:
11:be:fb:38:1c:f1:89:f0:46:b2:66:24:f8:8b:ee:a6:43:81:
5f:39:62:3b:5b:b7:36:f7:70:1a:37:a1:05:dd:96:ca:f2:b6:
44:98:ac:08:24:36:2d:25:8f:39:eb:c3:73:59:20:f7:2b:a0:
57:ca:7a:da:df:b4:10:0d:b9:61:b0:26:89:d0:24:70:6c:3e:
2c:71:6c:e7:1c:b1:af:c2:b6:81:cf:ee:f5:1e:9d:dd:6d:56:
0a:e8:f1:4c:76:5f:56:d1:29:ed:b0:e8:b7:04:85:1c:cf:1d:
f7:2a:4b:fa:f7:d0:de:0a:58:cc:88:1f:2d:f7:3d:bc:0a:80:
0e:00:eb:e9
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwN0Uz
NkEzRDIxOUE4QUZDODRGODhCMzA1NTNFNjM4Q0U2QzJDRUNFMB4XDTI0MDMxODA5
NTk0NVoXDTI1MDIyNjE1MzAyMVowMzExMC8GA1UEAxMoRTM1QzdCMjIxMTA2RDQ1
QUU3Qjk3RjVDNDc2Q0Q2NjAyQTAzNzQxODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMf2zYsvl2NciioKB6wgF1x7RF7tM4cAtPdRElCm1gwRTa5+kOlm
VVcYoy7DHh8ZoBxuSUljYYSvcvHT9uekuKSumQ+Z6C4s/ZmrFuSMVxekgTT/pWd/
VrE7slS6OOuN3k2GeAjkCxWOCIQgKrfTNAq9A1QCa/nKJ4hzfla3IPvZBqunwvPM
zvgi8LwIzLn3AkgPRwJv4uDdDS2kb4oid2N5GtZrbHLBwrLPGL3xlSyPTgZ5Akwg
AYht2HtU/Kwta99yJUIARSP+ws7XNqzN5GSUL2ejAgyXj/Hxi14hURdu0cC5ldja
qBQ91/fxXVZx83WI20YNXeYHaaUDRuHADPcCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBTjXHsiEQbUWue5f1xHbNZgKgN0GDAfBgNVHSMEGDAWgBQH42o9IZqK/IT4izBV
PmOM5sLOzjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0NDL0It
TnFQU0dhaXZ5RS1Jc3dWVDVqak9iQ3pzNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Qi1OcVBTR2FpdnlFLUlzd1ZUNWpqT2JDenM0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTkNDQy80MXg3SWhFRzFGcm51WDljUjJ6V1lD
b0RkQmcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnRRqMA0G
CSqGSIb3DQEBCwUAA4IBAQAPuWc4VrN3bdB73aOnVldWTDHDEtM3cis9M86jf8Hy
7SRkN8tXGOzvzzkA+xNRMxN8aocrbp0RhQeyeOb7jF1Slivl8RO2U5qaaPo+1xAI
2Z4Gm2VTIZrvxs3+ciFTMvhRp5rnK2OrYbVHdu2uESSndbvDpgrTVOqsw29+aSIR
vvs4HPGJ8EayZiT4i+6mQ4FfOWI7W7c293AaN6EF3ZbK8rZEmKwIJDYtJY8568Nz
WSD3K6BXynra37QQDblhsCaJ0CRwbD4scWznHLGvwraBz+71Hp3dbVYK6PFMdl9W
0SntsOi3BIUczx33Kkv699DeCljMiB8t9z28CoAOAOvp
-----END CERTIFICATE-----
Generated at Sat Apr 26 21:12:55 2025 by rpki-client