Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/zJ3pmHhQL_mVNoKIfTJqBZukdC0.roa
File: zJ3pmHhQL_mVNoKIfTJqBZukdC0.roa (raw, json)
Hash identifier: Mm+sieCTJb8r+VHa0+dZDb/dVjAf+11T7c3CukMPzTY=
Subject key identifier: CC:9D:E9:98:78:50:2F:F9:95:36:82:88:7D:32:6A:05:9B:A4:74:2D
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 1125
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/zJ3pmHhQL_mVNoKIfTJqBZukdC0.roa
Signing time: Mon 10 Feb 2025 13:56:52 +0000
ROA not before: Mon 10 Feb 2025 13:56:52 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 203.222.0.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4389 (0x1125)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Feb 10 13:56:52 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CC9DE99878502FF9953682887D326A059BA4742D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:48:ea:41:d5:d4:8b:32:71:83:d5:28:df:68:
b8:01:0f:13:bb:f1:c9:4c:a5:e4:0c:3c:d2:5b:65:
aa:fd:46:3c:38:56:44:8d:b3:33:46:b3:06:6f:0c:
a7:1b:f7:c8:49:53:af:90:40:4b:39:d4:4f:38:d4:
7f:c8:8c:da:be:db:86:8c:59:49:b4:3c:cf:1d:71:
59:5f:7f:6e:db:b3:5d:31:7b:73:71:5f:57:d2:1e:
9c:ab:4b:46:82:a4:8a:b5:2d:bf:0e:89:b6:0d:5a:
e0:8e:a0:33:9c:72:89:29:a2:ef:63:e8:71:6b:04:
97:b9:fb:e6:81:30:a9:f6:69:7f:ca:39:53:01:f3:
3b:ec:93:7c:58:07:6a:38:3a:2b:66:46:db:39:f4:
27:e0:cf:97:c9:a2:a4:63:82:64:04:83:b0:95:d4:
72:a9:77:1c:46:05:9a:af:ad:d1:20:69:0c:55:82:
b9:c3:b4:4c:03:53:23:46:8a:33:f1:21:0a:77:74:
0d:fe:46:43:a7:ee:3a:14:6b:9f:42:e0:9d:99:73:
29:a0:93:da:ed:17:99:d1:b9:fe:29:5b:2e:7e:22:
23:3d:61:47:25:35:80:f6:49:71:bf:12:d9:6b:45:
07:f0:1c:3b:10:8d:f9:17:6f:87:d7:be:98:2d:66:
9b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9D:E9:98:78:50:2F:F9:95:36:82:88:7D:32:6A:05:9B:A4:74:2D
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/zJ3pmHhQL_mVNoKIfTJqBZukdC0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.0.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:c1:fa:35:c7:5a:a4:e5:ce:88:5d:76:de:6f:6e:93:03:44:
36:5d:72:18:c7:2c:02:cf:fa:ea:28:8e:2d:c3:f8:1a:d0:63:
92:a7:a4:bb:56:73:17:e4:6e:fb:bf:8b:77:42:50:b3:89:77:
ae:4b:02:e8:9e:e6:52:29:f9:c3:3a:8f:a9:e0:1f:57:2f:0f:
5c:39:fa:c0:2c:4e:f5:08:1e:cf:dd:3e:0a:c5:5d:a1:83:c2:
50:5f:0d:8a:8c:1a:43:21:2a:61:a8:4d:24:75:de:58:86:81:
e0:1a:aa:4b:41:d7:d7:d6:02:75:74:1c:4f:0e:dd:1a:a8:a4:
58:2c:9e:63:24:2f:52:b4:5f:8d:88:4f:7d:ff:0f:97:92:cd:
18:18:48:c4:47:67:9a:fc:ed:7f:6c:e1:ef:2c:12:55:d6:9c:
ac:9d:4a:ec:66:cd:d1:71:7f:aa:6c:ea:41:87:90:c0:47:c8:
60:37:93:00:fc:92:76:a0:8e:f4:f6:79:28:fe:6e:aa:1b:ef:
5c:26:0f:ac:0b:a6:bb:83:08:33:0b:3d:0e:2a:fc:9f:56:3e:
e6:57:e1:fb:ff:c3:ec:85:16:ad:d1:60:67:5c:3d:34:04:b8:
1f:c4:0b:d5:8e:0a:79:ba:6e:32:b5:a9:50:d0:98:d0:9a:a6:
76:6f:e4:ff
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICESUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTAyMTAx
MzU2NTJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENDOURFOTk4Nzg1MDJG
Rjk5NTM2ODI4ODdEMzI2QTA1OUJBNDc0MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCqSOpB1dSLMnGD1SjfaLgBDxO78clMpeQMPNJbZar9Rjw4VkSN
szNGswZvDKcb98hJU6+QQEs51E841H/IjNq+24aMWUm0PM8dcVlff27bs10xe3Nx
X1fSHpyrS0aCpIq1Lb8OibYNWuCOoDOccokpou9j6HFrBJe5++aBMKn2aX/KOVMB
8zvsk3xYB2o4OitmRts59Cfgz5fJoqRjgmQEg7CV1HKpdxxGBZqvrdEgaQxVgrnD
tEwDUyNGijPxIQp3dA3+RkOn7joUa59C4J2Zcymgk9rtF5nRuf4pWy5+IiM9YUcl
NYD2SXG/EtlrRQfwHDsQjfkXb4fXvpgtZpvHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUzJ3pmHhQL/mVNoKIfTJqBZukdC0wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvekozcG1IaFFMX21WTm9LSWZUSnFC
WnVrZEMwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveADAN
BgkqhkiG9w0BAQsFAAOCAQEAK8H6NcdapOXOiF123m9ukwNENl1yGMcsAs/66iiO
LcP4GtBjkqeku1ZzF+Ru+7+Ld0JQs4l3rksC6J7mUin5wzqPqeAfVy8PXDn6wCxO
9Qgez90+CsVdoYPCUF8NiowaQyEqYahNJHXeWIaB4BqqS0HX19YCdXQcTw7dGqik
WCyeYyQvUrRfjYhPff8Pl5LNGBhIxEdnmvztf2zh7ywSVdacrJ1K7GbN0XF/qmzq
QYeQwEfIYDeTAPySdqCO9PZ5KP5uqhvvXCYPrAumu4MIMws9Dir8n1Y+5lfh+//D
7IUWrdFgZ1w9NAS4H8QL1Y4KebpuMrWpUNCY0Jqmdm/k/w==
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:59:40 2025 by rpki-client