Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/XK0sMidMT4R5FTjRP-rChtMtfyI.roa
File: XK0sMidMT4R5FTjRP-rChtMtfyI.roa (raw, json)
Hash identifier: Gx2EKxPNheR7jWm1JVJ0Iw5SIPdriBXggonS99KxtPk=
Subject key identifier: 5C:AD:2C:32:27:4C:4F:84:79:15:38:D1:3F:EA:C2:86:D3:2D:7F:22
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 1104
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XK0sMidMT4R5FTjRP-rChtMtfyI.roa
Signing time: Mon 10 Feb 2025 13:56:43 +0000
ROA not before: Mon 10 Feb 2025 13:56:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 203.222.24.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4356 (0x1104)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:43 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5CAD2C32274C4F84791538D13FEAC286D32D7F22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:a6:39:74:3d:83:cf:7a:70:c6:f1:59:71:7f:
0a:b2:76:1f:86:58:a7:75:84:13:52:3b:d0:b9:9d:
d7:1f:2d:0b:de:9f:e8:db:c1:05:50:a2:94:99:98:
93:4c:44:40:30:68:c0:1f:65:99:ce:97:70:46:bf:
c5:5c:f9:21:2d:82:c4:f9:eb:d0:de:83:41:54:2d:
23:7f:14:2e:e5:fe:a5:23:d2:9d:d2:aa:6c:8c:d4:
a6:2c:91:0c:0c:93:a4:d8:fb:68:90:e7:c3:fb:c8:
b4:cb:4f:a9:88:57:27:08:5e:86:7b:f7:b0:e2:f6:
67:a6:7f:b1:14:e8:f7:67:2e:cb:14:94:66:2b:8f:
9a:73:67:85:56:e5:88:54:1e:42:68:17:61:51:93:
1d:3e:9c:fd:e1:ed:1f:17:1c:aa:59:b7:07:d1:08:
0e:76:23:c6:7a:80:6c:ab:48:16:85:c8:2e:1a:37:
8b:5b:d9:8e:e7:9f:7b:9d:e8:27:2c:eb:b7:a4:eb:
6f:cf:6e:0b:f3:30:45:12:df:80:4f:c2:f7:7b:f0:
69:bc:84:d2:31:f1:d9:c5:71:06:e6:35:10:77:eb:
b7:c4:f7:4a:ce:92:15:01:21:eb:ec:37:8c:a8:7d:
95:35:82:4d:68:7d:1f:43:69:75:2b:b6:ad:48:2a:
cb:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AD:2C:32:27:4C:4F:84:79:15:38:D1:3F:EA:C2:86:D3:2D:7F:22
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XK0sMidMT4R5FTjRP-rChtMtfyI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.24.0/22
Signature Algorithm: sha256WithRSAEncryption
27:1a:ef:f5:92:7f:61:2b:54:73:92:fb:12:72:5b:a7:ba:a4:
b5:f4:5d:ad:98:58:42:4b:64:01:1d:05:8b:e1:1d:43:e8:01:
18:e6:fa:79:76:0f:2e:d2:a4:39:8d:ee:8d:89:4e:14:55:d2:
2e:41:2d:a3:cc:e4:47:41:d9:10:c3:8e:ac:66:34:48:a1:f8:
b0:8b:06:bf:02:23:a7:00:0b:fb:c5:3a:ba:4f:3f:84:12:2c:
25:7f:0b:5a:7c:84:1c:e5:b1:97:05:d0:2a:fb:1d:fe:be:2a:
01:39:93:16:a4:0c:0a:4c:c6:9f:3f:60:34:ae:cb:c2:ec:88:
d4:e6:fa:fa:48:13:87:a1:6c:18:5b:60:c1:ab:d6:c2:76:ad:
13:1b:aa:96:a2:04:a9:c9:57:3a:ea:90:96:3d:c0:1f:a2:8a:
91:32:d2:d7:01:e1:e2:48:78:32:54:91:a1:b3:e3:3b:c7:11:
23:0c:cf:3b:3b:d2:d4:d4:97:41:2d:f1:c9:9f:82:bb:04:03:
f2:c3:82:77:d8:f4:85:60:41:57:c0:c1:f5:30:4e:72:ab:71:
dc:27:5d:c9:0c:2b:6d:12:16:3b:a9:62:19:80:49:ac:8d:15:
46:f2:5d:f4:97:13:3d:a0:67:8d:65:32:23:30:a0:7e:23:ca:
3b:60:25:2b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEQQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVDQUQyQzMyMjc0QzRG
ODQ3OTE1MzhEMTNGRUFDMjg2RDMyRDdGMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDupjl0PYPPenDG8Vlxfwqydh+GWKd1hBNSO9C5ndcfLQven+jb
wQVQopSZmJNMREAwaMAfZZnOl3BGv8Vc+SEtgsT569Deg0FULSN/FC7l/qUj0p3S
qmyM1KYskQwMk6TY+2iQ58P7yLTLT6mIVycIXoZ797Di9memf7EU6PdnLssUlGYr
j5pzZ4VW5YhUHkJoF2FRkx0+nP3h7R8XHKpZtwfRCA52I8Z6gGyrSBaFyC4aN4tb
2Y7nn3ud6Ccs67ek62/PbgvzMEUS34BPwvd78Gm8hNIx8dnFcQbmNRB367fE90rO
khUBIevsN4yofZU1gk1ofR9DaXUrtq1IKsuVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXK0sMidMT4R5FTjRP+rChtMtfyIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWEswc01pZE1UNFI1RlRqUlAtckNo
dE10ZnlJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveGDAN
BgkqhkiG9w0BAQsFAAOCAQEAJxrv9ZJ/YStUc5L7EnJbp7qktfRdrZhYQktkAR0F
i+EdQ+gBGOb6eXYPLtKkOY3ujYlOFFXSLkEto8zkR0HZEMOOrGY0SKH4sIsGvwIj
pwAL+8U6uk8/hBIsJX8LWnyEHOWxlwXQKvsd/r4qATmTFqQMCkzGnz9gNK7LwuyI
1Ob6+kgTh6FsGFtgwavWwnatExuqlqIEqclXOuqQlj3AH6KKkTLS1wHh4kh4MlSR
obPjO8cRIwzPOzvS1NSXQS3xyZ+CuwQD8sOCd9j0hWBBV8DB9TBOcqtx3CddyQwr
bRIWO6liGYBJrI0VRvJd9JcTPaBnjWUyIzCgfiPKO2AlKw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 15:06:10 2025 by rpki-client