Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/XMnsdgY0khLvNmkbO5YvYbPHkdk.roa
File: XMnsdgY0khLvNmkbO5YvYbPHkdk.roa (raw, json)
Hash identifier: H0kp7AcqWuS+me3arqu9bHq0Ym/Eq/ydrYjNPbh7xNE=
Subject key identifier: 5C:C9:EC:76:06:34:92:12:EF:36:69:1B:3B:96:2F:61:B3:C7:91:D9
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 111B
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XMnsdgY0khLvNmkbO5YvYbPHkdk.roa
Signing time: Mon 10 Feb 2025 13:56:50 +0000
ROA not before: Mon 10 Feb 2025 13:56:50 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 203.222.28.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4379 (0x111b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:50 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=5CC9EC7606349212EF36691B3B962F61B3C791D9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d8:00:6c:80:fa:c3:7c:72:7e:7b:00:28:5a:
e1:a5:76:dd:bf:61:44:f4:ec:89:ea:83:d3:a9:c9:
06:d2:97:a4:20:10:43:1f:f1:dd:5f:38:13:cb:4f:
82:2a:13:f6:57:f5:c4:98:20:63:03:4a:05:24:29:
b5:ea:5d:93:fd:16:b5:df:b2:6f:60:15:d3:87:39:
46:53:eb:54:8f:c1:4e:d9:ae:f4:f1:e4:04:d2:ec:
1e:80:cc:80:ad:39:0b:28:3b:a7:11:35:6c:91:8e:
cd:fb:59:0b:6f:c9:da:02:48:33:8d:03:43:a9:a4:
63:e2:0e:76:03:26:83:67:12:93:be:f1:48:6b:7c:
b5:bd:28:b8:e0:86:b8:3e:38:13:88:40:7e:ef:07:
17:13:06:f1:51:18:f5:03:34:d6:6e:97:29:87:9e:
6c:ef:ab:3d:89:0a:bf:95:94:0f:a8:0f:ec:06:5c:
57:28:38:03:e0:e4:9f:cf:ff:be:26:c5:52:c1:fd:
3b:48:89:e7:07:44:d0:fa:3f:45:99:94:49:97:84:
bb:a7:ce:82:8d:8f:5b:1e:dc:ab:0f:21:11:05:e6:
06:c1:0d:3c:ac:de:a4:12:d2:70:2b:81:5d:01:c2:
11:67:14:e6:df:55:a9:dc:8a:b0:07:40:90:20:74:
22:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C9:EC:76:06:34:92:12:EF:36:69:1B:3B:96:2F:61:B3:C7:91:D9
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/XMnsdgY0khLvNmkbO5YvYbPHkdk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.28.0/22
Signature Algorithm: sha256WithRSAEncryption
31:7f:fe:ea:2c:1d:e0:5a:08:29:46:79:a7:c0:38:bf:34:b0:
a0:eb:9a:57:ac:5f:e0:9c:c4:06:c6:b0:33:c7:27:6c:03:a5:
96:14:7d:61:3a:f6:6a:94:8c:06:34:da:7f:30:46:ce:e1:4b:
b5:9c:30:69:66:0e:cc:54:18:86:e2:e6:e5:24:1c:3e:a0:2e:
6a:d9:ee:79:7d:08:5e:9d:06:55:64:6e:09:4f:c8:9d:fb:3b:
b9:8e:7c:b2:56:35:00:b3:0f:95:40:83:79:5c:c0:c8:de:d0:
8d:5a:fd:60:0c:4c:54:4a:b9:ff:59:54:78:d2:63:cc:78:b3:
f8:9d:5a:7d:35:7a:29:ae:56:bc:19:29:e2:86:25:7a:86:8b:
ea:b2:41:06:62:16:88:73:43:12:4b:bc:1c:ce:dc:ed:cc:86:
24:f4:ba:62:7b:67:50:f9:5b:00:ec:37:b3:13:9f:d7:c4:4d:
e2:ea:f9:67:72:e2:0b:d2:51:ff:1a:0e:f6:6e:5d:1c:7b:53:
57:fe:16:a7:47:84:0f:44:dd:71:a0:ef:be:cf:c6:3c:68:c3:
2f:0b:fe:02:a6:36:b7:68:65:ea:9f:11:49:d5:c1:2c:90:42:
a5:ff:7d:1d:bb:2c:0b:71:15:a3:1b:86:ec:66:04:a4:78:ca:
04:3d:11:e0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICERswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2NTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDVDQzlFQzc2MDYzNDky
MTJFRjM2NjkxQjNCOTYyRjYxQjNDNzkxRDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP2ABsgPrDfHJ+ewAoWuGldt2/YUT07Inqg9OpyQbSl6QgEEMf
8d1fOBPLT4IqE/ZX9cSYIGMDSgUkKbXqXZP9FrXfsm9gFdOHOUZT61SPwU7ZrvTx
5ATS7B6AzICtOQsoO6cRNWyRjs37WQtvydoCSDONA0OppGPiDnYDJoNnEpO+8Uhr
fLW9KLjghrg+OBOIQH7vBxcTBvFRGPUDNNZulymHnmzvqz2JCr+VlA+oD+wGXFco
OAPg5J/P/74mxVLB/TtIiecHRND6P0WZlEmXhLunzoKNj1se3KsPIREF5gbBDTys
3qQS0nArgV0BwhFnFObfVancirAHQJAgdCJzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXMnsdgY0khLvNmkbO5YvYbPHkdkwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWE1uc2RnWTBraEx2Tm1rYk81WXZZ
YlBIa2RrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveHDAN
BgkqhkiG9w0BAQsFAAOCAQEAMX/+6iwd4FoIKUZ5p8A4vzSwoOuaV6xf4JzEBsaw
M8cnbAOllhR9YTr2apSMBjTafzBGzuFLtZwwaWYOzFQYhuLm5SQcPqAuatnueX0I
Xp0GVWRuCU/Infs7uY58slY1ALMPlUCDeVzAyN7QjVr9YAxMVEq5/1lUeNJjzHiz
+J1afTV6Ka5WvBkp4oYleoaL6rJBBmIWiHNDEku8HM7c7cyGJPS6YntnUPlbAOw3
sxOf18RN4ur5Z3LiC9JR/xoO9m5dHHtTV/4Wp0eED0TdcaDvvs/GPGjDLwv+AqY2
t2hl6p8RSdXBLJBCpf99HbssC3EVoxuG7GYEpHjKBD0R4A==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:01:09 2025 by rpki-client