Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IMCRS/KDRe0F6SL1T6Lz8V0BGTXKfUvE0.roa
File: KDRe0F6SL1T6Lz8V0BGTXKfUvE0.roa (raw, json)
Hash identifier: zPWXOmGkH5dLzl9vxFuMqXfTcBSYvrDkL2Sp/TY3nDE=
Subject key identifier: 28:34:5E:D0:5E:92:2F:54:FA:2F:3F:15:D0:11:93:5C:A7:D4:BC:4D
Certificate issuer: /CN=22C51298D97A102902731FDC49BDFAB39D52AB2B
Certificate serial: 03FB
Authority key identifier: 22:C5:12:98:D9:7A:10:29:02:73:1F:DC:49:BD:FA:B3:9D:52:AB:2B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IsUSmNl6ECkCcx_cSb36s51Sqys.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/KDRe0F6SL1T6Lz8V0BGTXKfUvE0.roa
Signing time: Mon 21 Jul 2025 15:52:34 +0000
ROA not before: Mon 21 Jul 2025 15:52:34 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 213607
IP address blocks: 103.177.32.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1019 (0x3fb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22C51298D97A102902731FDC49BDFAB39D52AB2B
Validity
Not Before: Jul 21 15:52:34 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=28345ED05E922F54FA2F3F15D011935CA7D4BC4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bb:41:aa:6c:15:8b:34:44:b4:18:e4:84:ed:
06:1d:42:63:5b:bb:96:bb:d5:d3:c5:55:bd:70:10:
e3:ac:f1:5d:f0:db:49:6c:0a:e7:e0:47:f7:34:c2:
65:d2:bf:bf:89:a8:80:b2:b7:93:7e:c1:37:a5:91:
3e:26:ea:66:de:c3:a9:83:d7:78:2b:74:d9:4a:eb:
64:24:33:9d:c1:e9:39:d2:02:15:6d:b1:ab:a2:e4:
a5:22:4d:dc:db:79:6f:f2:9e:4a:48:d1:87:8e:a1:
78:25:f3:4c:6c:63:c0:50:d1:61:65:64:9e:1a:14:
c7:24:a8:33:d8:48:95:0a:b8:49:dc:4c:18:72:e1:
80:a1:cf:5a:7c:76:51:aa:be:c5:dc:90:e2:99:8a:
6e:dc:a4:4d:a1:c7:77:5d:8e:de:30:c2:66:39:ca:
92:77:2a:59:6c:80:31:dd:46:dc:b4:dd:53:85:55:
57:82:83:3e:7e:26:df:1b:f5:cd:05:43:14:8f:da:
18:3b:9b:a0:26:c7:62:b7:aa:30:4c:b9:b0:dc:0a:
61:0b:2b:40:1a:7d:ac:16:9f:7e:0f:53:d9:2f:aa:
e2:32:e0:84:81:ba:07:a6:85:68:be:bf:8d:27:71:
2d:d6:18:6a:0a:f9:b6:cd:24:a8:e4:1e:48:c7:88:
20:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:34:5E:D0:5E:92:2F:54:FA:2F:3F:15:D0:11:93:5C:A7:D4:BC:4D
X509v3 Authority Key Identifier:
keyid:22:C5:12:98:D9:7A:10:29:02:73:1F:DC:49:BD:FA:B3:9D:52:AB:2B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/IsUSmNl6ECkCcx_cSb36s51Sqys.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IsUSmNl6ECkCcx_cSb36s51Sqys.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IMCRS/KDRe0F6SL1T6Lz8V0BGTXKfUvE0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.177.32.0/24
Signature Algorithm: sha256WithRSAEncryption
32:28:89:ac:2f:4a:88:87:db:59:3d:49:03:12:80:c9:9c:de:
67:6d:e9:08:3c:c7:2a:5f:06:99:de:bd:f2:2f:23:53:29:51:
81:90:59:c9:87:a7:28:e3:4e:66:dc:b0:06:85:a6:c7:a0:c0:
c0:35:9c:5d:8c:de:2e:d0:9a:f7:34:66:86:ee:89:ce:6d:5c:
de:1b:35:93:99:18:56:29:de:ea:00:af:55:7f:82:62:3a:c3:
3f:5e:f1:bf:b3:d8:18:69:76:bc:b3:74:23:d7:84:37:2a:68:
d0:21:0d:d2:d1:87:77:b1:56:ae:c3:03:f0:0a:02:e0:1c:97:
dd:2d:c9:1e:78:74:f1:22:17:bb:1c:d6:47:49:87:fa:38:47:
28:58:21:c1:36:81:e7:56:2a:a2:3f:27:6e:0f:fa:19:20:e6:
9e:90:cb:f5:b9:46:48:e1:4e:9b:7c:0a:ab:89:09:00:1b:df:
9e:dd:77:a2:5b:fe:5b:d9:cf:16:77:8e:3e:c1:b1:40:b4:77:
9c:77:3c:42:54:6e:3f:4a:9b:9d:7b:9b:64:45:4a:ef:b8:b7:
a5:d3:47:8f:38:18:d7:d6:1e:59:03:d1:25:32:e5:b4:d4:e3:
2c:de:06:78:57:22:e6:ff:01:59:50:04:6c:ad:4c:61:20:22:
46:64:de:19
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICA/swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjJD
NTEyOThEOTdBMTAyOTAyNzMxRkRDNDlCREZBQjM5RDUyQUIyQjAeFw0yNTA3MjEx
NTUyMzRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI4MzQ1RUQwNUU5MjJG
NTRGQTJGM0YxNUQwMTE5MzVDQTdENEJDNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAu0GqbBWLNES0GOSE7QYdQmNbu5a71dPFVb1wEOOs8V3w20ls
CufgR/c0wmXSv7+JqICyt5N+wTelkT4m6mbew6mD13grdNlK62QkM53B6TnSAhVt
saui5KUiTdzbeW/ynkpI0YeOoXgl80xsY8BQ0WFlZJ4aFMckqDPYSJUKuEncTBhy
4YChz1p8dlGqvsXckOKZim7cpE2hx3ddjt4wwmY5ypJ3KllsgDHdRty03VOFVVeC
gz5+Jt8b9c0FQxSP2hg7m6Amx2K3qjBMubDcCmELK0AafawWn34PU9kvquIy4ISB
ugemhWi+v40ncS3WGGoK+bbNJKjkHkjHiCCVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKDRe0F6SL1T6Lz8V0BGTXKfUvE0wHwYDVR0jBBgwFoAUIsUSmNl6ECkCcx/c
Sb36s51SqyswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSU1DUlMv
SXNVU21ObDZFQ2tDY3hfY1NiMzZzNTFTcXlzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9Jc1VTbU5sNkVDa0NjeF9jU2IzNnM1MVNxeXMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JTUNSUy9LRFJlMEY2U0wxVDZMejhWMEJH
VFhLZlV2RTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ7Eg
MA0GCSqGSIb3DQEBCwUAA4IBAQAyKImsL0qIh9tZPUkDEoDJnN5nbekIPMcqXwaZ
3r3yLyNTKVGBkFnJh6co405m3LAGhabHoMDANZxdjN4u0Jr3NGaG7onObVzeGzWT
mRhWKd7qAK9Vf4JiOsM/XvG/s9gYaXa8s3Qj14Q3KmjQIQ3S0Yd3sVauwwPwCgLg
HJfdLckeeHTxIhe7HNZHSYf6OEcoWCHBNoHnViqiPyduD/oZIOaekMv1uUZI4U6b
fAqriQkAG9+e3XeiW/5b2c8Wd44+wbFAtHecdzxCVG4/Spude5tkRUrvuLel00eP
OBjX1h5ZA9ElMuW01OMs3gZ4VyLm/wFZUARsrUxhICJGZN4Z
-----END CERTIFICATE-----
Generated at Fri Jul 25 12:55:09 2025 by rpki-client