Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/1eSfSntra-ca5Lr8nUQ1zK5nOOU.roa
File: 1eSfSntra-ca5Lr8nUQ1zK5nOOU.roa (raw, json)
Hash identifier: 6/YXwZoj2PwcoCAykO7n382MAN5eiVvhL55SSSkIfRs=
Subject key identifier: D5:E4:9F:4A:7B:6B:6B:E7:1A:E4:BA:FC:9D:44:35:CC:AE:67:38:E5
Certificate issuer: /CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Certificate serial: DF
Authority key identifier: D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/1eSfSntra-ca5Lr8nUQ1zK5nOOU.roa
Signing time: Mon 10 Feb 2025 14:19:45 +0000
ROA not before: Mon 10 Feb 2025 14:19:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131147
IP address blocks: 157.66.167.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 223 (0xdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Validity
Not Before: Feb 10 14:19:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D5E49F4A7B6B6BE71AE4BAFC9D4435CCAE6738E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ad:19:2d:53:fe:d7:cd:4e:e6:2d:5d:4e:43:
d5:5e:03:ea:5a:7c:92:21:2f:63:71:61:01:67:57:
0a:3f:bd:ff:fa:5d:54:b4:c3:f8:53:7a:3e:5d:e5:
0a:ff:f1:d0:88:a1:18:d6:8b:89:19:8e:ee:70:dc:
6e:0d:f9:be:cd:d4:22:8e:4c:ad:be:96:78:28:e8:
71:71:db:ed:d6:d8:48:1a:bf:60:8e:54:b0:50:d3:
11:e8:f1:71:8b:78:38:23:63:92:2d:76:ae:f2:31:
a8:3e:bc:e9:84:7e:0f:61:fc:20:ca:89:29:a0:af:
53:31:ba:c0:2c:38:af:9f:4b:25:5a:24:63:ea:8a:
ee:47:f8:69:62:a4:60:fb:30:c4:5c:18:04:92:a2:
e4:d5:a5:e1:25:fa:32:92:45:d3:c1:36:3f:37:fc:
8a:2e:e9:2c:c8:07:86:f0:cd:7d:bc:69:3d:f3:22:
9d:ba:d2:c6:f7:23:15:27:13:c1:23:b8:a1:97:b4:
2b:0c:57:72:15:21:d7:2c:36:dd:24:b4:f1:2b:d4:
77:1a:49:a3:bd:ad:0a:3d:7a:65:0a:b0:97:2a:47:
5a:84:02:35:8e:8a:5e:6e:31:7f:f2:3a:fc:bb:dd:
c2:8d:bd:7b:52:05:4f:7d:3b:95:6e:75:7a:39:65:
c2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E4:9F:4A:7B:6B:6B:E7:1A:E4:BA:FC:9D:44:35:CC:AE:67:38:E5
X509v3 Authority Key Identifier:
keyid:D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/1eSfSntra-ca5Lr8nUQ1zK5nOOU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.167.0/24
Signature Algorithm: sha256WithRSAEncryption
27:20:2a:59:f1:99:f2:86:63:67:9e:f4:a5:7d:39:37:6b:1b:
a4:fe:89:fc:47:93:d9:f4:aa:78:b2:ee:e1:5a:16:1f:08:a8:
fc:50:10:51:aa:16:23:c2:3a:cd:f1:45:08:5e:27:4a:0e:28:
ce:38:31:a3:9e:c2:8f:09:3c:12:00:44:e2:55:85:e9:6d:6f:
d3:bb:c9:36:1b:00:52:f2:f7:06:13:05:12:55:1b:6d:a2:f7:
45:5b:b9:a6:ab:ab:74:c6:2d:2b:c0:97:5d:cf:87:47:d0:69:
4a:3d:9e:2c:52:7d:20:88:fe:cf:8e:2d:23:a7:18:d3:1b:30:
d0:bc:1e:c0:95:05:82:90:82:e2:a0:a4:18:37:65:61:31:ca:
4c:c7:81:7a:a2:f7:f2:ac:d0:74:b1:32:93:9b:b2:64:aa:7e:
20:55:39:10:25:56:9a:21:ce:c5:5f:35:09:3b:f1:e7:b8:a1:
ec:9c:b0:00:33:0c:8a:92:c7:a6:d3:e1:41:93:da:ff:94:4e:
0a:37:ec:ab:3e:4f:9b:0f:a1:da:54:33:3a:1b:e1:13:f5:2e:
fc:51:ad:10:fa:67:15:75:a2:ae:f9:22:d6:0a:1e:57:4e:ad:
87:32:e4:1c:9a:79:fe:f4:86:6b:88:f6:6f:21:dc:6c:52:74:
2a:1c:54:ec
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICAN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDk2
NkI1NTkwOTMyNDE4MEE4OEE0NUUxRjY4M0NGNEQyRUQ5QkNBNTAeFw0yNTAyMTAx
NDE5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ1RTQ5RjRBN0I2QjZC
RTcxQUU0QkFGQzlENDQzNUNDQUU2NzM4RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdrRktU/7XzU7mLV1OQ9VeA+pafJIhL2NxYQFnVwo/vf/6XVS0
w/hTej5d5Qr/8dCIoRjWi4kZju5w3G4N+b7N1CKOTK2+lngo6HFx2+3W2Egav2CO
VLBQ0xHo8XGLeDgjY5Itdq7yMag+vOmEfg9h/CDKiSmgr1MxusAsOK+fSyVaJGPq
iu5H+GlipGD7MMRcGASSouTVpeEl+jKSRdPBNj83/Iou6SzIB4bwzX28aT3zIp26
0sb3IxUnE8EjuKGXtCsMV3IVIdcsNt0ktPEr1HcaSaO9rQo9emUKsJcqR1qEAjWO
il5uMX/yOvy73cKNvXtSBU99O5VudXo5ZcIvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU1eSfSntra+ca5Lr8nUQ1zK5nOOUwHwYDVR0jBBgwFoAU2Wa1WQkyQYCoikXh
9oPPTS7ZvKUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElSVU4v
MldhMVdRa3lRWUNvaWtYaDlvUFBUUzdadktVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8yV2ExV1FreVFZQ29pa1hoOW9QUFRTN1p2S1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi8xZVNmU250cmEtY2E1THI4blVR
MXpLNW5PT1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnUKn
MA0GCSqGSIb3DQEBCwUAA4IBAQAnICpZ8ZnyhmNnnvSlfTk3axuk/on8R5PZ9Kp4
su7hWhYfCKj8UBBRqhYjwjrN8UUIXidKDijOODGjnsKPCTwSAETiVYXpbW/Tu8k2
GwBS8vcGEwUSVRttovdFW7mmq6t0xi0rwJddz4dH0GlKPZ4sUn0giP7Pji0jpxjT
GzDQvB7AlQWCkILioKQYN2VhMcpMx4F6ovfyrNB0sTKTm7Jkqn4gVTkQJVaaIc7F
XzUJO/HnuKHsnLAAMwyKksem0+FBk9r/lE4KN+yrPk+bD6HaVDM6G+ET9S78Ua0Q
+mcVdaKu+SLWCh5XTq2HMuQcmnn+9IZriPZvIdxsUnQqHFTs
-----END CERTIFICATE-----
Generated at Mon Apr 28 23:08:50 2025 by rpki-client on console.sobornost.net