Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/BNpGOFuzNJHR5ZAibNYWdzbjaBk.roa
File: BNpGOFuzNJHR5ZAibNYWdzbjaBk.roa (raw, json)
Hash identifier: wBsfzN1J0YCFmyR+q2vOIR9YA5zg0NSkIfjBMhEiZ/I=
Subject key identifier: 04:DA:46:38:5B:B3:34:91:D1:E5:90:22:6C:D6:16:77:36:E3:68:19
Certificate issuer: /CN=A61402819401D363CB1F9BFBD538875F41F211C3
Certificate serial: 0BE3
Authority key identifier: A6:14:02:81:94:01:D3:63:CB:1F:9B:FB:D5:38:87:5F:41:F2:11:C3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/phQCgZQB02PLH5v71TiHX0HyEcM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/BNpGOFuzNJHR5ZAibNYWdzbjaBk.roa
Signing time: Mon 26 Aug 2024 05:26:45 +0000
ROA not before: Mon 26 Aug 2024 05:26:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9216
IP address blocks: 211.76.128.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3043 (0xbe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A61402819401D363CB1F9BFBD538875F41F211C3
Validity
Not Before: Aug 26 05:26:45 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=04DA46385BB33491D1E590226CD6167736E36819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:94:82:9c:a6:5d:d5:bf:ba:13:95:38:c6:e1:
95:64:8c:03:96:71:fb:e5:80:70:b1:d6:9f:6c:7d:
ee:8d:62:dc:38:49:0b:8b:7b:8c:1e:01:22:a5:ed:
ef:fd:8d:44:fd:b9:12:62:ca:b4:61:80:5f:78:61:
b1:7a:5c:c4:21:8c:29:13:49:2b:9b:ff:6b:23:12:
ba:3d:bc:dc:18:54:b5:ed:8a:1c:35:81:fb:db:32:
1b:b7:45:b4:e0:66:3b:ca:92:b2:0f:a8:c5:1e:e6:
79:55:43:82:ce:99:13:b7:f8:ec:57:76:93:38:c6:
5b:fc:73:b9:b0:15:c5:70:a4:0d:77:60:be:01:6a:
33:41:5e:d4:d5:89:83:d4:d7:a0:6e:ad:6a:5f:bb:
2f:29:19:11:4f:75:f1:91:ab:c8:2b:4d:e3:89:89:
71:9f:35:c8:c7:ba:71:34:ca:63:90:b9:17:a4:07:
b5:2d:f6:5a:54:61:1e:f7:5d:6a:c4:00:0d:6d:0b:
c4:da:55:69:5a:f3:5b:41:30:57:ec:0d:76:a4:bd:
ba:ae:d5:91:a3:f2:e0:3c:37:3e:f1:ad:4f:ad:74:
6d:ae:a8:55:a8:d2:c9:21:ba:43:fb:e5:e3:5e:f7:
a4:57:4f:cd:b2:dc:5f:ce:d7:4e:67:74:8f:ad:37:
b3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:DA:46:38:5B:B3:34:91:D1:E5:90:22:6C:D6:16:77:36:E3:68:19
X509v3 Authority Key Identifier:
keyid:A6:14:02:81:94:01:D3:63:CB:1F:9B:FB:D5:38:87:5F:41:F2:11:C3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/phQCgZQB02PLH5v71TiHX0HyEcM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/phQCgZQB02PLH5v71TiHX0HyEcM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SYMPHOX/BNpGOFuzNJHR5ZAibNYWdzbjaBk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.128.0/20
Signature Algorithm: sha256WithRSAEncryption
73:a4:6b:cb:62:41:fb:4b:d6:3a:56:37:93:3f:b3:5f:db:36:
d6:34:03:af:54:1a:ff:eb:77:57:88:ee:27:5a:40:e3:8c:b7:
4f:12:c6:7e:c8:f2:0a:d1:a2:12:16:a1:75:8a:d3:9c:ee:e0:
3c:70:0a:42:c1:b4:ce:56:4b:d7:77:fe:40:44:9a:20:2c:9e:
98:7f:0c:37:79:24:62:25:50:db:5d:1a:90:dd:fc:78:51:22:
ee:81:4b:94:2b:45:a2:50:3b:79:05:04:0a:ad:53:94:85:ee:
12:bc:d1:0f:35:15:2d:6d:9a:8e:1a:0f:57:6c:fb:cd:c9:61:
6d:e5:8b:45:1c:4f:04:9c:44:32:4b:aa:67:05:fd:f7:e5:f7:
11:27:0c:0e:9b:64:5f:eb:c7:3e:88:10:ea:0d:c1:8b:38:7d:
03:a4:7d:77:f6:da:0c:5e:a2:ae:90:2d:e5:b8:1a:49:f7:2d:
82:cc:56:00:6c:cc:1e:37:d4:99:a1:ee:25:3b:dc:1f:64:f4:
f9:68:9f:b1:b5:e0:93:9d:3f:30:40:f0:83:b4:d2:8b:1a:3f:
51:c8:0d:d8:89:f0:4a:b5:df:84:3b:8f:7b:b3:11:d4:56:ea:
6c:13:49:4e:af:f1:05:49:5f:96:9c:c8:95:e6:05:b5:b9:03:
0f:a2:18:a2
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICC+MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTYx
NDAyODE5NDAxRDM2M0NCMUY5QkZCRDUzODg3NUY0MUYyMTFDMzAeFw0yNDA4MjYw
NTI2NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA0REE0NjM4NUJCMzM0
OTFEMUU1OTAyMjZDRDYxNjc3MzZFMzY4MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvlIKcpl3Vv7oTlTjG4ZVkjAOWcfvlgHCx1p9sfe6NYtw4SQuL
e4weASKl7e/9jUT9uRJiyrRhgF94YbF6XMQhjCkTSSub/2sjEro9vNwYVLXtihw1
gfvbMhu3RbTgZjvKkrIPqMUe5nlVQ4LOmRO3+OxXdpM4xlv8c7mwFcVwpA13YL4B
ajNBXtTViYPU16BurWpfuy8pGRFPdfGRq8grTeOJiXGfNcjHunE0ymOQuRekB7Ut
9lpUYR73XWrEAA1tC8TaVWla81tBMFfsDXakvbqu1ZGj8uA8Nz7xrU+tdG2uqFWo
0skhukP75eNe96RXT82y3F/O105ndI+tN7P7AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUBNpGOFuzNJHR5ZAibNYWdzbjaBkwHwYDVR0jBBgwFoAUphQCgZQB02PLH5v7
1TiHX0HyEcMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU1lNUEhP
WC9waFFDZ1pRQjAyUExINXY3MVRpSFgwSHlFY00uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3BoUUNnWlFCMDJQTEg1djcxVGlIWDBIeUVjTS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NZTVBIT1gvQk5wR09GdXpOSkhSNVpB
aWJOWVdkemJqYUJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BNNMgDANBgkqhkiG9w0BAQsFAAOCAQEAc6Rry2JB+0vWOlY3kz+zX9s21jQDr1Qa
/+t3V4juJ1pA44y3TxLGfsjyCtGiEhahdYrTnO7gPHAKQsG0zlZL13f+QESaICye
mH8MN3kkYiVQ210akN38eFEi7oFLlCtFolA7eQUECq1TlIXuErzRDzUVLW2ajhoP
V2z7zclhbeWLRRxPBJxEMkuqZwX99+X3EScMDptkX+vHPogQ6g3Bizh9A6R9d/ba
DF6irpAt5bgaSfctgsxWAGzMHjfUmaHuJTvcH2T0+WifsbXgk50/MEDwg7TSixo/
UcgN2InwSrXfhDuPe7MR1FbqbBNJTq/xBUlflpzIleYFtbkDD6IYog==
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:38:07 2025 by rpki-client