Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/hJDgAXSK2wegW-Fu-vaSnvnsrKg.roa
File: hJDgAXSK2wegW-Fu-vaSnvnsrKg.roa (raw, json)
Hash identifier: 3rrgbSmlpg+QRVu9Wl5xjdCcYzbAuLZ+d/41iFvz+Kw=
Subject key identifier: 84:90:E0:01:74:8A:DB:07:A0:5B:E1:6E:FA:F6:92:9E:F9:EC:AC:A8
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 10E9
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/hJDgAXSK2wegW-Fu-vaSnvnsrKg.roa
Signing time: Mon 10 Feb 2025 13:56:36 +0000
ROA not before: Mon 10 Feb 2025 13:56:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 203.222.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4329 (0x10e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:36 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8490E001748ADB07A05BE16EFAF6929EF9ECACA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:89:41:63:f9:b7:d6:a2:b5:dd:2e:aa:03:4d:
16:db:99:0b:5e:ad:42:90:bc:91:aa:23:e7:6d:bf:
67:34:c2:5f:75:a0:ab:22:e5:c8:e0:45:a5:26:d6:
19:85:c3:c1:c3:5e:36:32:22:98:9f:4c:d6:21:e3:
4f:54:56:56:5e:94:e3:35:00:20:21:b1:17:23:01:
a4:20:0b:80:37:13:0b:14:69:cd:f7:39:b1:c9:cc:
da:15:5b:b9:b9:df:b6:3e:34:90:5d:49:7f:d5:00:
80:97:5f:93:44:7b:66:08:67:90:4d:23:01:7a:6b:
4a:bf:ec:e4:11:df:63:65:ca:a1:af:ab:d2:a3:08:
b6:49:1b:78:8d:dd:ef:20:e9:1c:57:29:96:22:ab:
56:3d:39:22:19:af:61:de:e8:96:01:22:86:35:b7:
a8:71:4a:5f:63:47:4c:8f:7b:f1:ec:75:3c:31:74:
10:34:48:d1:08:74:ef:67:b6:cd:13:b0:a5:20:7f:
a2:89:c5:27:cd:2a:c1:75:2c:69:72:97:cb:e1:b6:
98:78:92:90:2f:e0:d3:5f:cc:a4:86:f0:d1:4e:33:
e3:b4:3d:3b:e4:c5:af:0b:78:28:5d:4b:c5:54:49:
31:91:ba:60:af:be:cb:b0:ab:25:30:f3:52:d2:2b:
b5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:90:E0:01:74:8A:DB:07:A0:5B:E1:6E:FA:F6:92:9E:F9:EC:AC:A8
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/hJDgAXSK2wegW-Fu-vaSnvnsrKg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.20.0/22
Signature Algorithm: sha256WithRSAEncryption
55:5b:91:4f:ee:e8:16:20:71:1e:ba:3b:d0:b0:68:4a:21:38:
2b:05:59:48:d9:6f:01:ad:ca:2f:94:25:bc:cb:54:c1:f0:1b:
d3:2d:fb:7c:f2:7a:8c:a4:07:51:e3:fa:98:3b:9d:9b:db:74:
a1:b3:f6:68:4e:88:24:dd:c2:e7:e0:b0:a6:57:48:53:88:93:
97:cd:c8:af:8d:6d:77:42:50:94:3a:9b:81:30:95:9c:0d:60:
2d:f7:74:30:f0:a0:1f:f7:88:7a:4a:80:bc:96:77:04:6a:14:
b2:e0:9d:94:e8:95:ed:ff:12:4f:de:74:ec:32:b3:29:2b:bd:
a5:4e:74:41:02:51:54:0b:2f:35:eb:9c:33:b0:eb:7e:4d:cf:
4e:2a:d6:a1:0f:76:73:5a:aa:c4:d0:99:44:18:f5:5b:98:a7:
e7:32:ba:84:f7:15:46:d9:cf:80:fc:54:c3:fe:e3:58:d9:50:
85:b9:2c:71:7e:8b:d3:f6:fc:e8:9d:37:3d:ca:eb:af:4b:92:
55:fa:92:33:fc:88:09:b8:dc:19:90:af:33:d4:fc:76:ed:70:
ca:fd:77:54:a2:80:50:d5:41:87:f5:99:13:3d:29:6c:89:c3:
e5:bc:26:e1:41:4f:95:a8:16:fc:58:11:61:93:b8:10:b4:a2:
50:40:c3:cc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEOkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg0OTBFMDAxNzQ4QURC
MDdBMDVCRTE2RUZBRjY5MjlFRjlFQ0FDQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCiUFj+bfWorXdLqoDTRbbmQterUKQvJGqI+dtv2c0wl91oKsi
5cjgRaUm1hmFw8HDXjYyIpifTNYh409UVlZelOM1ACAhsRcjAaQgC4A3EwsUac33
ObHJzNoVW7m537Y+NJBdSX/VAICXX5NEe2YIZ5BNIwF6a0q/7OQR32NlyqGvq9Kj
CLZJG3iN3e8g6RxXKZYiq1Y9OSIZr2He6JYBIoY1t6hxSl9jR0yPe/HsdTwxdBA0
SNEIdO9nts0TsKUgf6KJxSfNKsF1LGlyl8vhtph4kpAv4NNfzKSG8NFOM+O0PTvk
xa8LeChdS8VUSTGRumCvvsuwqyUw81LSK7UbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhJDgAXSK2wegW+Fu+vaSnvnsrKgwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvaEpEZ0FYU0syd2VnVy1GdS12YVNu
dm5zcktnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveFDAN
BgkqhkiG9w0BAQsFAAOCAQEAVVuRT+7oFiBxHro70LBoSiE4KwVZSNlvAa3KL5Ql
vMtUwfAb0y37fPJ6jKQHUeP6mDudm9t0obP2aE6IJN3C5+CwpldIU4iTl83Ir41t
d0JQlDqbgTCVnA1gLfd0MPCgH/eIekqAvJZ3BGoUsuCdlOiV7f8ST9507DKzKSu9
pU50QQJRVAsvNeucM7Drfk3PTirWoQ92c1qqxNCZRBj1W5in5zK6hPcVRtnPgPxU
w/7jWNlQhbkscX6L0/b86J03Pcrrr0uSVfqSM/yICbjcGZCvM9T8du1wyv13VKKA
UNVBh/WZEz0pbInD5bwm4UFPlagW/FgRYZO4ELSiUEDDzA==
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:10:38 2025 by rpki-client