Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/2dcUUC5GGi-Td-xYKKDZwwxyHq4.roa
File: 2dcUUC5GGi-Td-xYKKDZwwxyHq4.roa (raw, json)
Hash identifier: trNEIdMi4UFTKf7OnhO5iupCOnT/I8tMpEA5f2S8ApM=
Subject key identifier: D9:D7:14:50:2E:46:1A:2F:93:77:EC:58:28:A0:D9:C3:0C:72:1E:AE
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 1120
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/2dcUUC5GGi-Td-xYKKDZwwxyHq4.roa
Signing time: Mon 10 Feb 2025 13:56:51 +0000
ROA not before: Mon 10 Feb 2025 13:56:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 203.222.0.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4384 (0x1120)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:51 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D9D714502E461A2F9377EC5828A0D9C30C721EAE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:03:36:25:7d:23:91:d8:4b:af:8c:b5:b9:00:
87:d7:25:6d:2d:b4:a0:03:62:a9:ef:4d:bf:bb:43:
30:e7:fb:83:1d:f1:b4:db:4b:7f:45:5c:68:f0:43:
ec:b5:dc:12:d7:69:f8:7c:07:93:8b:c7:91:ce:01:
e5:71:c2:71:0c:c8:e2:9b:a3:f4:3e:d7:98:66:d8:
f4:00:31:b2:89:79:49:3e:1b:1d:69:4c:ce:f5:25:
03:32:f8:66:26:c5:e4:e7:c2:4c:a1:be:bc:97:ab:
e4:4e:29:98:49:93:97:b6:c2:d4:17:e7:51:ec:d5:
9d:43:cd:99:48:54:c1:82:36:c8:f9:2d:df:86:ad:
93:7e:f9:28:12:9c:8b:8a:96:59:13:79:63:a7:0c:
a7:9c:40:ec:17:fb:74:a7:fc:07:25:2e:e3:a1:9b:
6c:5f:b7:8d:6a:b7:ab:af:6a:1e:dd:0f:aa:db:f9:
b9:9f:a1:51:1e:eb:f1:3f:20:2f:00:4a:23:04:13:
fe:d0:59:0f:18:5d:e4:70:c8:9e:dc:0a:e7:e8:e4:
8f:b1:cb:e0:1b:bf:b6:8d:b7:8a:51:4a:7c:2c:5e:
a2:63:64:ae:96:93:5f:5e:5e:94:0b:2d:4e:a7:e9:
2b:35:8e:55:8b:6a:9b:f5:ac:a6:3a:6e:ff:73:01:
a6:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D7:14:50:2E:46:1A:2F:93:77:EC:58:28:A0:D9:C3:0C:72:1E:AE
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/2dcUUC5GGi-Td-xYKKDZwwxyHq4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.0.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:da:35:16:73:d9:e6:15:e2:a6:32:f8:a8:72:19:39:4c:79:
d7:66:7e:04:2f:4e:18:8d:7d:83:84:e4:4b:d7:cd:a3:66:f6:
d4:db:51:ee:99:4f:11:3b:3c:cd:e0:98:14:74:c5:01:c3:a6:
b6:ad:a6:c6:1e:d7:fc:f6:57:70:26:69:a7:2b:20:fe:b5:93:
fb:fa:d4:14:fc:7a:d6:9b:23:59:42:44:3d:05:87:6a:3c:07:
cb:41:f3:d6:b8:49:e5:38:b4:c7:2a:c4:e1:d7:b8:d2:2e:4f:
17:8c:14:00:ed:19:5a:89:45:f7:55:d6:e8:05:20:cb:73:c0:
2a:ec:0a:d1:ff:17:75:94:69:a8:9b:92:b7:f9:a6:ad:b3:70:
a4:df:7c:2b:23:8e:fe:26:fb:b6:b1:fc:26:48:ec:c2:60:0e:
02:ea:5f:18:33:4f:37:29:15:3f:fc:23:0a:9e:8c:f6:22:e3:
e2:a4:de:36:f7:1d:f0:10:87:61:f8:a4:b2:7e:57:b7:ac:72:
1b:64:bf:b2:9f:bb:13:7e:12:77:83:30:ca:68:26:e9:49:5c:
61:14:b1:ed:f4:32:35:14:05:e7:69:68:e3:dc:17:63:36:fb:
1f:2a:a2:7f:3d:f9:89:28:2a:34:d6:42:46:0e:a5:96:52:a1:
d3:47:1f:14
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICESAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2NTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ5RDcxNDUwMkU0NjFB
MkY5Mzc3RUM1ODI4QTBEOUMzMEM3MjFFQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWAzYlfSOR2EuvjLW5AIfXJW0ttKADYqnvTb+7QzDn+4Md8bTb
S39FXGjwQ+y13BLXafh8B5OLx5HOAeVxwnEMyOKbo/Q+15hm2PQAMbKJeUk+Gx1p
TM71JQMy+GYmxeTnwkyhvryXq+ROKZhJk5e2wtQX51Hs1Z1DzZlIVMGCNsj5Ld+G
rZN++SgSnIuKllkTeWOnDKecQOwX+3Sn/AclLuOhm2xft41qt6uvah7dD6rb+bmf
oVEe6/E/IC8ASiMEE/7QWQ8YXeRwyJ7cCufo5I+xy+Abv7aNt4pRSnwsXqJjZK6W
k19eXpQLLU6n6Ss1jlWLapv1rKY6bv9zAaZrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2dcUUC5GGi+Td+xYKKDZwwxyHq4wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvMmRjVVVDNUdHaS1UZC14WUtLRFp3
d3h5SHE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veADAN
BgkqhkiG9w0BAQsFAAOCAQEALto1FnPZ5hXipjL4qHIZOUx512Z+BC9OGI19g4Tk
S9fNo2b21NtR7plPETs8zeCYFHTFAcOmtq2mxh7X/PZXcCZppysg/rWT+/rUFPx6
1psjWUJEPQWHajwHy0Hz1rhJ5Ti0xyrE4de40i5PF4wUAO0ZWolF91XW6AUgy3PA
KuwK0f8XdZRpqJuSt/mmrbNwpN98KyOO/ib7trH8JkjswmAOAupfGDNPNykVP/wj
Cp6M9iLj4qTeNvcd8BCHYfiksn5Xt6xyG2S/sp+7E34Sd4Mwymgm6UlcYRSx7fQy
NRQF52lo49wXYzb7Hyqifz35iSgqNNZCRg6lllKh00cfFA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:07:56 2025 by rpki-client