Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/9J92GhwvBw_-CsrjqF-46WiJf9A.roa
File: 9J92GhwvBw_-CsrjqF-46WiJf9A.roa (raw, json)
Hash identifier: AXCuCWZl2v1bQQ+5iYPYB6soe50YEJjCXN8W3Gyuk6g=
Subject key identifier: F4:9F:76:1A:1C:2F:07:0F:FE:0A:CA:E3:A8:5F:B8:E9:68:89:7F:D0
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 119C
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/9J92GhwvBw_-CsrjqF-46WiJf9A.roa
Signing time: Mon 10 Feb 2025 14:27:32 +0000
ROA not before: Mon 10 Feb 2025 14:27:32 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131601
IP address blocks: 210.203.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4508 (0x119c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:32 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F49F761A1C2F070FFE0ACAE3A85FB8E968897FD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:15:5c:7d:3c:24:29:9e:98:b5:53:3b:fc:
93:6b:c3:83:bc:89:99:e5:52:e4:6f:a5:1a:9a:58:
07:b5:ee:44:3a:ee:25:43:2f:98:b9:61:77:6e:4a:
ff:0c:53:46:64:40:1d:7f:e0:b6:fc:6e:fc:9e:82:
71:ed:db:91:40:91:71:54:18:1f:78:fb:83:56:07:
3c:a0:36:b8:85:ba:84:60:16:99:00:bd:98:7c:14:
b0:ac:d8:c1:c9:c5:1d:67:d4:70:29:36:d6:47:eb:
8c:c0:31:70:da:c7:78:fc:71:cf:36:ff:5e:78:eb:
96:dc:32:a2:49:e7:9d:ec:ba:63:e4:3d:4a:c3:83:
b9:a6:b1:cb:5a:1c:ec:f4:70:b2:33:0d:f5:58:b2:
53:7f:9e:42:85:88:13:fb:bf:1c:0c:5f:e2:9d:ef:
fe:7a:fb:84:d7:51:2e:8e:97:a7:0e:2b:6d:74:bd:
81:98:85:7a:c6:b3:d4:2f:5d:50:bd:b3:58:00:65:
64:53:d2:7a:5d:8a:36:68:48:08:84:81:b7:4e:1e:
3b:37:21:13:5d:7e:bb:23:99:cd:38:79:b4:39:9f:
77:e0:b9:0b:cb:87:43:5f:f4:63:54:c0:67:8e:4c:
3f:74:d1:b3:49:aa:20:b2:15:3a:ac:b2:21:66:0c:
4d:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:9F:76:1A:1C:2F:07:0F:FE:0A:CA:E3:A8:5F:B8:E9:68:89:7F:D0
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/9J92GhwvBw_-CsrjqF-46WiJf9A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.20.0/22
Signature Algorithm: sha256WithRSAEncryption
41:c4:55:8c:78:80:02:f4:e4:5e:f7:b0:91:79:c5:59:a8:03:
8c:08:5e:f5:d4:c2:83:65:50:1e:77:f9:83:6a:67:81:43:74:
af:ed:59:75:62:27:98:75:75:28:81:41:2f:b2:37:41:f4:b3:
3b:14:95:a5:97:8b:a2:22:3a:97:11:22:06:8d:51:71:f5:26:
c7:a5:54:bb:03:53:fb:dc:eb:85:c0:fe:98:28:02:d2:25:9e:
3d:b9:1e:57:65:82:80:9a:0c:ba:4a:9e:d2:7f:6b:59:54:68:
1e:98:13:22:ee:7e:c3:e3:21:30:02:b0:5f:c4:b9:65:0b:7d:
7e:63:ca:b1:47:d1:3f:07:2f:d1:ca:2b:28:60:3a:8b:7f:a3:
f5:48:97:70:55:4a:5f:2d:85:5b:ac:44:1e:4c:14:5b:ee:21:
8b:96:d2:f6:6e:89:06:9e:cc:3f:06:07:90:84:ae:cf:c4:e9:
2f:c4:a1:d8:1b:13:20:ac:f1:a8:62:87:40:df:17:4a:53:b6:
87:c5:20:62:f1:3f:c8:40:cb:f9:81:a2:33:c1:34:6d:e9:af:
5b:41:48:79:16:a6:60:5c:06:5a:4e:34:34:cb:0a:b7:1f:b5:
d6:2b:fc:19:d8:7b:68:b1:03:7f:47:82:80:67:78:e4:bb:34:
cc:09:4d:4c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEZwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY0OUY3NjFBMUMyRjA3
MEZGRTBBQ0FFM0E4NUZCOEU5Njg4OTdGRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSXRVcfTwkKZ6YtVM7/JNrw4O8iZnlUuRvpRqaWAe17kQ67iVD
L5i5YXduSv8MU0ZkQB1/4Lb8bvyegnHt25FAkXFUGB94+4NWBzygNriFuoRgFpkA
vZh8FLCs2MHJxR1n1HApNtZH64zAMXDax3j8cc82/15465bcMqJJ553sumPkPUrD
g7mmsctaHOz0cLIzDfVYslN/nkKFiBP7vxwMX+Kd7/56+4TXUS6Ol6cOK210vYGY
hXrGs9QvXVC9s1gAZWRT0npdijZoSAiEgbdOHjs3IRNdfrsjmc04ebQ5n3fguQvL
h0Nf9GNUwGeOTD900bNJqiCyFTqssiFmDE3tAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU9J92GhwvBw/+CsrjqF+46WiJf9AwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVULzlKOTJHaHd2QndfLUNzcmpxRi00Nldp
SmY5QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSyxQwDQYJ
KoZIhvcNAQELBQADggEBAEHEVYx4gAL05F73sJF5xVmoA4wIXvXUwoNlUB53+YNq
Z4FDdK/tWXViJ5h1dSiBQS+yN0H0szsUlaWXi6IiOpcRIgaNUXH1JselVLsDU/vc
64XA/pgoAtIlnj25HldlgoCaDLpKntJ/a1lUaB6YEyLufsPjITACsF/EuWULfX5j
yrFH0T8HL9HKKyhgOot/o/VIl3BVSl8thVusRB5MFFvuIYuW0vZuiQaezD8GB5CE
rs/E6S/EodgbEyCs8ahih0DfF0pTtofFIGLxP8hAy/mBojPBNG3pr1tBSHkWpmBc
BlpONDTLCrcftdYr/BnYe2ixA39HgoBneOS7NMwJTUw=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:54:22 2025 by rpki-client