Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KKSMF/3ePymU6iN0MWod90eAcW00dlrGk.roa
File: 3ePymU6iN0MWod90eAcW00dlrGk.roa (raw, json)
Hash identifier: RZ8MzgtFjOe1HBHZsR/x2WmexqOAd2rrv723uMJapYU=
Subject key identifier: DD:E3:F2:99:4E:A2:37:43:16:A1:DF:74:78:07:16:D3:47:65:AC:69
Certificate issuer: /CN=FBCFA1880AC86CE4FB99F974E9953F3597DCDE0A
Certificate serial: 0DA1
Authority key identifier: FB:CF:A1:88:0A:C8:6C:E4:FB:99:F9:74:E9:95:3F:35:97:DC:DE:0A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/3ePymU6iN0MWod90eAcW00dlrGk.roa
Signing time: Mon 10 Feb 2025 14:01:27 +0000
ROA not before: Mon 10 Feb 2025 14:01:27 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131645
IP address blocks: 103.142.42.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3489 (0xda1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FBCFA1880AC86CE4FB99F974E9953F3597DCDE0A
Validity
Not Before: Feb 10 14:01:27 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DDE3F2994EA2374316A1DF74780716D34765AC69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ad:03:1d:33:98:be:79:3a:8c:5c:95:b0:72:
f9:70:77:06:29:58:88:f8:fb:df:82:c5:25:f5:8f:
fe:28:19:0b:88:c0:78:f4:10:6b:0a:fe:91:e3:b7:
ef:12:1c:bc:7b:10:0a:b0:82:39:e3:a1:d7:da:e3:
41:29:17:79:07:91:12:b8:a2:64:37:17:51:99:09:
32:0e:b1:db:91:d1:88:93:67:a3:cd:f4:f8:78:1f:
f8:31:8c:1c:fd:8a:58:70:36:a2:eb:c7:99:24:87:
96:5d:24:ff:d6:cb:00:28:eb:b2:ef:25:0c:99:e0:
a0:91:11:51:58:ce:f9:70:00:ba:74:2b:43:f3:5b:
c9:54:0f:4d:ee:ea:b6:55:6e:f6:8e:56:24:91:e3:
40:12:be:ed:8f:36:6d:4e:56:7e:d9:d0:d5:8f:71:
01:10:67:fd:e0:96:d7:0f:a8:16:2c:56:5a:9f:00:
b4:55:b5:16:f1:f4:5c:f4:f8:ff:48:2d:8c:3e:1e:
90:be:5a:c1:c0:60:da:bd:e1:c5:59:04:ed:4b:b3:
48:c0:f8:b0:d5:cf:2a:6c:ff:75:15:40:94:25:fa:
2a:bf:b6:a4:18:65:8e:2b:28:99:f1:23:3c:7c:1c:
62:1e:bf:c8:31:e3:4c:a0:c9:df:7c:51:0a:b7:98:
16:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:E3:F2:99:4E:A2:37:43:16:A1:DF:74:78:07:16:D3:47:65:AC:69
X509v3 Authority Key Identifier:
keyid:FB:CF:A1:88:0A:C8:6C:E4:FB:99:F9:74:E9:95:3F:35:97:DC:DE:0A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/-8-hiArIbOT7mfl06ZU_NZfc3go.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-8-hiArIbOT7mfl06ZU_NZfc3go.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KKSMF/3ePymU6iN0MWod90eAcW00dlrGk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.142.42.0/23
Signature Algorithm: sha256WithRSAEncryption
53:fc:bf:71:8e:1c:37:69:8e:08:76:0d:35:40:0e:8b:2f:ff:
95:c0:cd:5b:2c:55:b5:2d:f3:bf:d4:5e:b4:bc:8a:5a:c7:39:
0e:ce:63:54:dc:3a:53:42:ec:0f:69:6b:b9:35:19:be:40:b2:
ff:8b:85:9d:a0:7e:c8:bb:74:17:69:9c:1e:6a:e3:c9:1f:ab:
43:ee:d6:20:e6:9a:4b:c7:69:a4:dc:18:07:65:3d:6f:80:8f:
47:f9:12:4a:60:cd:4d:fb:72:1b:a7:84:cb:c9:3e:c4:f3:68:
03:96:05:67:ef:65:9d:19:5b:b2:f1:78:5b:15:93:89:4d:0e:
49:57:75:f2:91:17:91:71:9c:0f:50:8a:2c:7f:3f:40:9c:b8:
bb:09:84:48:d4:e7:19:fe:b8:81:a7:e5:88:1b:56:f7:ad:df:
a1:fa:8d:23:36:26:0f:1e:8c:94:19:79:5a:c5:bf:99:17:51:
be:e4:65:03:45:88:fd:01:e3:4c:e7:bd:3e:11:b5:16:5d:1d:
53:7b:c4:07:2e:5a:21:70:d2:37:4a:61:3a:70:32:73:24:d2:
e6:70:de:bd:6a:a9:ed:86:52:eb:f7:28:88:28:ce:02:11:34:
4b:52:2e:a4:35:ae:19:33:a6:68:b8:9f:d5:02:d5:13:9b:35:
12:ee:6a:1f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkJD
RkExODgwQUM4NkNFNEZCOTlGOTc0RTk5NTNGMzU5N0RDREUwQTAeFw0yNTAyMTAx
NDAxMjdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERERTNGMjk5NEVBMjM3
NDMxNkExREY3NDc4MDcxNkQzNDc2NUFDNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0rQMdM5i+eTqMXJWwcvlwdwYpWIj4+9+CxSX1j/4oGQuIwHj0
EGsK/pHjt+8SHLx7EAqwgjnjodfa40EpF3kHkRK4omQ3F1GZCTIOsduR0YiTZ6PN
9Ph4H/gxjBz9ilhwNqLrx5kkh5ZdJP/WywAo67LvJQyZ4KCREVFYzvlwALp0K0Pz
W8lUD03u6rZVbvaOViSR40ASvu2PNm1OVn7Z0NWPcQEQZ/3gltcPqBYsVlqfALRV
tRbx9Fz0+P9ILYw+HpC+WsHAYNq94cVZBO1Ls0jA+LDVzyps/3UVQJQl+iq/tqQY
ZY4rKJnxIzx8HGIev8gx40ygyd98UQq3mBbbAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3ePymU6iN0MWod90eAcW00dlrGkwHwYDVR0jBBgwFoAU+8+hiArIbOT7mfl0
6ZU/NZfc3gowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0tTTUYv
LTgtaGlBckliT1Q3bWZsMDZaVV9OWmZjM2dvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8tOC1oaUFySWJPVDdtZmwwNlpVX05aZmMzZ28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9LS1NNRi8zZVB5bVU2aU4wTVdvZDkwZUFj
VzAwZGxyR2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ44q
MA0GCSqGSIb3DQEBCwUAA4IBAQBT/L9xjhw3aY4Idg01QA6LL/+VwM1bLFW1LfO/
1F60vIpaxzkOzmNU3DpTQuwPaWu5NRm+QLL/i4WdoH7Iu3QXaZweauPJH6tD7tYg
5ppLx2mk3BgHZT1vgI9H+RJKYM1N+3Ibp4TLyT7E82gDlgVn72WdGVuy8XhbFZOJ
TQ5JV3XykReRcZwPUIosfz9AnLi7CYRI1OcZ/riBp+WIG1b3rd+h+o0jNiYPHoyU
GXlaxb+ZF1G+5GUDRYj9AeNM570+EbUWXR1Te8QHLlohcNI3SmE6cDJzJNLmcN69
aqnthlLr9yiIKM4CETRLUi6kNa4ZM6ZouJ/VAtUTmzUS7mof
-----END CERTIFICATE-----
Generated at Fri Apr 18 23:43:55 2025 by rpki-client