Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3DTSPGls_vFr2O9lQc8zhL7CmpM.roa
File: 3DTSPGls_vFr2O9lQc8zhL7CmpM.roa (raw, json)
Hash identifier: o56V44aN0tUrLQtON6+ZAQIFnCX9lZlDHvJoFt8d5z0=
Subject key identifier: DC:34:D2:3C:69:6C:FE:F1:6B:D8:EF:65:41:CF:33:84:BE:C2:9A:93
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 126A
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3DTSPGls_vFr2O9lQc8zhL7CmpM.roa
Signing time: Mon 10 Feb 2025 14:14:49 +0000
ROA not before: Mon 10 Feb 2025 14:14:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131607
IP address blocks: 203.163.193.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4714 (0x126a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:14:49 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DC34D23C696CFEF16BD8EF6541CF3384BEC29A93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:88:04:2f:d7:3a:22:0d:b9:f4:05:67:05:ea:
e5:27:d6:ce:8d:bc:49:9c:09:46:e6:b0:5a:59:62:
a6:fa:02:8a:10:67:1b:55:8a:b8:b8:81:4f:6c:a8:
5e:3f:6b:0e:98:65:3c:3e:2d:7f:79:f6:22:69:9e:
97:3e:9c:7a:a2:e5:f7:46:8e:a5:b6:1b:2e:ef:4f:
be:86:79:86:89:b0:2c:4c:8a:ab:fb:9f:53:1a:4f:
8d:3b:1e:41:eb:eb:0e:f7:ba:ef:70:12:8a:c6:02:
1d:c0:2a:48:d3:66:18:21:81:0c:7f:80:8b:bb:eb:
15:54:64:5e:d7:e4:43:e5:24:91:80:4d:6a:11:1a:
61:f8:76:32:a2:19:56:00:24:1a:5f:e0:33:ec:7b:
00:40:01:f3:07:89:1b:6f:db:dc:30:cd:db:81:cc:
f7:90:82:e5:98:dd:c1:06:00:5a:33:4a:ad:8d:8a:
f7:a6:df:99:47:06:25:34:9c:81:cf:0a:d0:89:74:
a6:fe:42:aa:8f:42:3b:0d:c0:a0:76:4c:ad:32:b8:
df:ce:46:6c:e1:a5:18:e9:f0:f9:e8:54:bc:24:73:
cb:f1:2b:7d:c3:5a:e0:04:cc:4a:37:14:9d:81:b0:
3a:49:10:5a:29:89:8d:10:28:59:7a:e2:02:e8:32:
1c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:34:D2:3C:69:6C:FE:F1:6B:D8:EF:65:41:CF:33:84:BE:C2:9A:93
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/3DTSPGls_vFr2O9lQc8zhL7CmpM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.163.193.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ca:b6:6d:de:f4:76:3f:c3:c6:a5:aa:13:40:15:f6:8e:36:
5b:ab:0d:07:98:d5:6e:33:a3:67:42:ea:55:d7:db:49:21:9c:
e8:08:21:4a:2e:a7:39:c0:21:36:b9:a6:5e:27:cc:27:c8:a7:
29:52:e6:ac:f2:a8:57:5b:a2:83:e2:91:a0:d3:e2:8d:e9:02:
38:7e:b6:a3:c0:6d:ff:29:42:58:66:39:ef:50:db:d0:ef:d5:
bb:dd:06:3b:72:5c:fd:34:93:b5:b6:6b:f8:99:a1:b0:6c:c9:
04:51:0a:10:5f:4b:9f:44:d4:c8:66:1a:fa:b9:0b:85:14:76:
06:5a:bf:55:c6:03:79:de:c7:48:06:1f:b6:b7:8f:57:d4:07:
71:be:89:eb:d1:f3:d0:fc:88:e0:06:ab:e3:00:9d:dc:9a:b5:
35:91:a6:81:a7:72:c0:74:e0:4c:e4:e5:6c:73:e4:a1:52:e7:
a4:d8:bd:ca:02:4b:5c:9c:91:19:46:3f:13:94:14:0a:75:4a:
8b:c0:69:ed:88:c9:dc:9b:fe:4a:b0:85:e4:29:7a:4f:8f:dd:
37:a6:f8:6d:f0:f9:0f:e1:88:59:6d:ef:91:eb:83:fd:9e:a7:
98:99:40:27:be:47:07:af:78:3e:b7:d5:93:25:87:6f:6d:d5:
08:a8:28:86
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICEmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE0NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDMzREMjNDNjk2Q0ZF
RjE2QkQ4RUY2NTQxQ0YzMzg0QkVDMjlBOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyiAQv1zoiDbn0BWcF6uUn1s6NvEmcCUbmsFpZYqb6AooQZxtV
iri4gU9sqF4/aw6YZTw+LX959iJpnpc+nHqi5fdGjqW2Gy7vT76GeYaJsCxMiqv7
n1MaT407HkHr6w73uu9wEorGAh3AKkjTZhghgQx/gIu76xVUZF7X5EPlJJGATWoR
GmH4djKiGVYAJBpf4DPsewBAAfMHiRtv29wwzduBzPeQguWY3cEGAFozSq2Nivem
35lHBiU0nIHPCtCJdKb+QqqPQjsNwKB2TK0yuN/ORmzhpRjp8PnoVLwkc8vxK33D
WuAEzEo3FJ2BsDpJEFopiY0QKFl64gLoMhyRAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU3DTSPGls/vFr2O9lQc8zhL7CmpMwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8zRFRTUEdsc192RnIy
TzlsUWM4emhMN0NtcE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAy6PBMA0GCSqGSIb3DQEBCwUAA4IBAQA7yrZt3vR2P8PGpaoTQBX2jjZbqw0H
mNVuM6NnQupV19tJIZzoCCFKLqc5wCE2uaZeJ8wnyKcpUuas8qhXW6KD4pGg0+KN
6QI4frajwG3/KUJYZjnvUNvQ79W73QY7clz9NJO1tmv4maGwbMkEUQoQX0ufRNTI
Zhr6uQuFFHYGWr9VxgN53sdIBh+2t49X1Adxvonr0fPQ/IjgBqvjAJ3cmrU1kaaB
p3LAdOBM5OVsc+ShUuek2L3KAktcnJEZRj8TlBQKdUqLwGntiMncm/5KsIXkKXpP
j903pvht8PkP4YhZbe+R64P9nqeYmUAnvkcHr3g+t9WTJYdvbdUIqCiG
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:57:01 2025 by rpki-client