Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/UgBJSmTAzyoc6saofnq_nDJR-r0.roa
File: UgBJSmTAzyoc6saofnq_nDJR-r0.roa (raw, json)
Hash identifier: YGaa/UIoTz5L7m+seY6wVw/+sXR/GFaJGuYahbQ75i8=
Subject key identifier: 52:00:49:4A:64:C0:CF:2A:1C:EA:C6:A8:7E:7A:BF:9C:32:51:FA:BD
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10F9
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/UgBJSmTAzyoc6saofnq_nDJR-r0.roa
Signing time: Mon 10 Feb 2025 13:56:40 +0000
ROA not before: Mon 10 Feb 2025 13:56:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 203.222.8.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4345 (0x10f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:40 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5200494A64C0CF2A1CEAC6A87E7ABF9C3251FABD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:18:cf:9b:3a:05:59:d4:79:92:d2:98:4c:40:
83:0b:77:1b:a0:b5:e9:f0:fa:ea:60:df:4b:8e:67:
cb:62:0e:87:db:4e:3b:f3:aa:34:47:e9:eb:5c:17:
7f:4a:30:81:f0:15:2f:4f:c4:92:09:09:0a:5b:47:
22:84:7c:d4:d6:12:7d:0c:f6:da:87:23:80:45:04:
d3:9e:c6:95:ca:21:c8:76:0c:ae:67:e1:a8:fd:4a:
c1:14:8c:3b:66:f7:36:a6:a9:1c:06:1d:ef:77:fb:
83:44:51:4c:aa:52:a1:1a:e3:dd:5a:38:26:1d:10:
90:fd:47:ef:ae:55:92:43:e6:55:80:2c:dc:0b:0d:
14:97:93:75:2c:33:e0:6b:8c:28:aa:97:69:6f:5c:
63:bb:b2:b3:e4:8e:2a:f7:4f:ad:f4:7a:3b:bb:7a:
b5:6b:ba:71:75:9c:8b:62:48:d3:5a:44:6a:4a:12:
f7:27:e5:d9:41:02:c1:51:af:19:7e:a4:a0:60:49:
23:65:32:79:a4:2e:26:26:93:18:46:3b:d4:4f:35:
c8:e1:07:98:f7:4f:fd:cb:3d:c4:ae:46:6a:8a:12:
a7:2d:ab:72:4a:40:d0:53:db:f8:5d:9b:24:d1:fe:
cd:31:7e:aa:43:f9:85:4c:7f:0b:4d:5f:fd:c5:68:
db:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:00:49:4A:64:C0:CF:2A:1C:EA:C6:A8:7E:7A:BF:9C:32:51:FA:BD
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/UgBJSmTAzyoc6saofnq_nDJR-r0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.8.0/21
Signature Algorithm: sha256WithRSAEncryption
1e:01:97:f6:5b:bd:40:37:5d:82:aa:2f:96:f8:c6:c5:c6:51:
65:54:0b:0b:3a:31:5a:08:30:42:3a:4d:ca:38:af:ce:55:c1:
40:9b:e4:52:a4:33:6c:c7:c9:9d:da:20:75:80:6b:b5:4d:d1:
66:1f:7d:13:55:e0:87:5c:d4:3a:03:c7:38:f0:57:21:12:b1:
d7:c0:e0:d8:08:08:44:94:66:f8:40:ca:c8:6f:7e:3e:2e:f2:
96:bc:cd:1f:54:f5:36:3c:28:28:30:2b:7c:eb:67:6b:25:79:
0c:ce:9f:58:28:01:39:b5:e3:04:4b:dc:f8:96:f1:30:03:6a:
b1:15:91:88:e1:b7:cd:2e:1e:9a:24:3b:14:72:0f:1c:52:dc:
d9:07:9c:19:bf:b4:fd:39:6b:64:26:51:fe:d9:9d:96:54:52:
38:88:94:a7:34:f9:db:af:0e:5f:f8:d0:6e:84:57:8a:7c:5b:
12:52:71:ec:9f:7c:41:a6:71:7d:53:dc:e4:f9:b1:f4:03:d6:
92:8c:4c:06:0d:b5:6a:6d:d7:d8:25:6b:0f:a4:7c:a2:95:b8:
24:01:2e:f0:fa:42:df:78:f1:38:07:59:e8:b8:7b:1b:80:cb:
2b:b9:5e:e6:b6:61:f6:d6:25:ee:62:60:67:3d:e8:60:ec:de:
bc:13:35:1a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUyMDA0OTRBNjRDMENG
MkExQ0VBQzZBODdFN0FCRjlDMzI1MUZBQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdGM+bOgVZ1HmS0phMQIMLdxugtenw+upg30uOZ8tiDofbTjvz
qjRH6etcF39KMIHwFS9PxJIJCQpbRyKEfNTWEn0M9tqHI4BFBNOexpXKIch2DK5n
4aj9SsEUjDtm9zamqRwGHe93+4NEUUyqUqEa491aOCYdEJD9R++uVZJD5lWALNwL
DRSXk3UsM+BrjCiql2lvXGO7srPkjir3T630eju7erVrunF1nItiSNNaRGpKEvcn
5dlBAsFRrxl+pKBgSSNlMnmkLiYmkxhGO9RPNcjhB5j3T/3LPcSuRmqKEqctq3JK
QNBT2/hdmyTR/s0xfqpD+YVMfwtNX/3FaNtNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUUgBJSmTAzyoc6saofnq/nDJR+r0wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvVWdCSlNtVEF6eW9jNnNhb2ZucV9u
REpSLXIwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veCDAN
BgkqhkiG9w0BAQsFAAOCAQEAHgGX9lu9QDddgqovlvjGxcZRZVQLCzoxWggwQjpN
yjivzlXBQJvkUqQzbMfJndogdYBrtU3RZh99E1Xgh1zUOgPHOPBXIRKx18Dg2AgI
RJRm+EDKyG9+Pi7ylrzNH1T1NjwoKDArfOtnayV5DM6fWCgBObXjBEvc+JbxMANq
sRWRiOG3zS4emiQ7FHIPHFLc2QecGb+0/TlrZCZR/tmdllRSOIiUpzT5268OX/jQ
boRXinxbElJx7J98QaZxfVPc5Pmx9APWkoxMBg21am3X2CVrD6R8opW4JAEu8PpC
33jxOAdZ6Lh7G4DLK7le5rZh9tYl7mJgZz3oYOzevBM1Gg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 17:59:02 2025 by rpki-client