Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCDTV/lyYZ1OFa1NGk1xrIOiA96O5xcXY.roa
File: lyYZ1OFa1NGk1xrIOiA96O5xcXY.roa (raw, json)
Hash identifier: 7RcChM0pn7uSc0KOyzxcqTv76hOsPgb5aeNocDKAnKU=
Subject key identifier: 97:26:19:D4:E1:5A:D4:D1:A4:D7:1A:C8:3A:20:3D:E8:EE:71:71:76
Certificate issuer: /CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Certificate serial: 0C8F
Authority key identifier: 4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/lyYZ1OFa1NGk1xrIOiA96O5xcXY.roa
Signing time: Mon 10 Feb 2025 14:16:01 +0000
ROA not before: Mon 10 Feb 2025 14:16:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131597
IP address blocks: 103.196.172.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3215 (0xc8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4B81BB31FA5292C8025B828F802722DE0D5EADE3
Validity
Not Before: Feb 10 14:16:01 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=972619D4E15AD4D1A4D71AC83A203DE8EE717176
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:55:c2:0d:72:de:19:68:6a:88:3d:2b:f5:0e:
22:1d:26:b8:72:ba:ca:98:2c:14:af:17:94:f6:49:
b3:dd:38:b2:89:ad:90:89:2d:3d:d5:14:ba:ae:ac:
c3:30:ab:a3:b5:db:b9:04:75:45:af:2c:ca:76:09:
a1:77:2b:77:76:84:29:3b:3c:19:01:b5:5b:11:64:
1a:1b:55:6a:ec:9d:0b:eb:e7:ea:98:8b:33:14:1d:
c2:8e:a3:36:85:50:3b:b7:4c:b0:d0:59:c0:5f:a6:
9d:90:46:dc:1a:24:e1:01:0e:76:c6:48:d8:63:95:
52:d9:96:8a:d1:60:e3:5c:51:b7:c6:c0:42:5a:f3:
ec:94:98:e4:fd:a7:80:d9:8e:2d:11:ce:b0:51:f8:
86:5c:8e:86:28:1a:2f:08:a1:7e:22:6f:5e:7f:46:
4b:a4:c1:d6:35:6c:d9:a4:07:df:0e:dc:8c:f8:33:
19:72:79:c9:9c:d8:d0:b7:15:fe:76:41:e1:f8:9c:
96:a9:14:af:19:17:f8:2d:84:33:41:3f:4b:6f:15:
7b:9b:1d:78:1d:48:7f:18:73:ee:9c:0f:7c:b7:48:
71:67:4a:cf:34:8a:7f:cd:ad:f4:ba:fc:82:7d:ec:
97:44:ba:32:4d:96:87:02:ad:74:87:79:a0:ce:77:
85:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:26:19:D4:E1:5A:D4:D1:A4:D7:1A:C8:3A:20:3D:E8:EE:71:71:76
X509v3 Authority Key Identifier:
keyid:4B:81:BB:31:FA:52:92:C8:02:5B:82:8F:80:27:22:DE:0D:5E:AD:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/S4G7MfpSksgCW4KPgCci3g1ereM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/S4G7MfpSksgCW4KPgCci3g1ereM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCDTV/lyYZ1OFa1NGk1xrIOiA96O5xcXY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.196.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:52:3d:2a:20:1d:5d:76:74:b9:98:42:54:93:ee:74:19:f3:
0c:12:42:1e:5e:7c:ce:f9:b3:f9:21:83:d3:1d:10:8d:b9:39:
c1:ab:9b:2b:6a:83:83:78:20:fc:7a:7d:05:b9:24:df:df:69:
4f:f8:81:b1:ed:fa:5a:9e:0b:9f:30:68:6e:62:09:ed:ca:98:
3b:95:3b:1d:d4:08:6c:6c:7a:1e:ef:d6:3b:7f:51:07:04:ac:
af:e0:40:4b:95:4f:a1:52:3b:a4:b0:68:81:b0:ae:76:be:d9:
03:4e:d9:14:29:0a:54:f4:c9:2f:f7:c7:54:32:38:b3:65:ef:
65:dc:fd:4a:0d:2f:09:5c:c4:4e:da:f8:27:2a:8d:fb:a3:ac:
75:12:bb:9c:ba:76:10:03:8c:ee:f7:a1:d1:49:bc:23:c0:97:
18:8a:c6:95:aa:ad:2a:c3:0b:da:d9:af:e5:22:15:c8:ba:32:
70:fe:6c:6d:2b:de:3f:d5:b0:c1:cc:ca:dc:44:a9:e3:df:e4:
28:7d:b8:ce:3d:80:8c:d0:22:c4:ea:43:6b:76:fa:b0:1d:b4:
8a:b6:8b:cb:a5:94:20:bd:e5:6d:54:26:61:5e:e2:c4:1f:dd:
0f:51:02:64:bc:75:59:80:28:3b:20:28:ec:8a:77:52:23:e4:
3a:72:bf:0b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEI4
MUJCMzFGQTUyOTJDODAyNUI4MjhGODAyNzIyREUwRDVFQURFMzAeFw0yNTAyMTAx
NDE2MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk3MjYxOUQ0RTE1QUQ0
RDFBNEQ3MUFDODNBMjAzREU4RUU3MTcxNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+VcINct4ZaGqIPSv1DiIdJrhyusqYLBSvF5T2SbPdOLKJrZCJ
LT3VFLqurMMwq6O127kEdUWvLMp2CaF3K3d2hCk7PBkBtVsRZBobVWrsnQvr5+qY
izMUHcKOozaFUDu3TLDQWcBfpp2QRtwaJOEBDnbGSNhjlVLZlorRYONcUbfGwEJa
8+yUmOT9p4DZji0RzrBR+IZcjoYoGi8IoX4ib15/RkukwdY1bNmkB98O3Iz4Mxly
ecmc2NC3Ff52QeH4nJapFK8ZF/gthDNBP0tvFXubHXgdSH8Yc+6cD3y3SHFnSs80
in/NrfS6/IJ97JdEujJNlocCrXSHeaDOd4UbAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUlyYZ1OFa1NGk1xrIOiA96O5xcXYwHwYDVR0jBBgwFoAUS4G7MfpSksgCW4KP
gCci3g1ereMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNEVFYv
UzRHN01mcFNrc2dDVzRLUGdDY2kzZzFlcmVNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9TNEc3TWZwU2tzZ0NXNEtQZ0NjaTNnMWVyZU0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ0RUVi9seVlaMU9GYTFOR2sxeHJJT2lB
OTZPNXhjWFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ8Ss
MA0GCSqGSIb3DQEBCwUAA4IBAQCjUj0qIB1ddnS5mEJUk+50GfMMEkIeXnzO+bP5
IYPTHRCNuTnBq5sraoODeCD8en0FuSTf32lP+IGx7fpangufMGhuYgntypg7lTsd
1AhsbHoe79Y7f1EHBKyv4EBLlU+hUjuksGiBsK52vtkDTtkUKQpU9Mkv98dUMjiz
Ze9l3P1KDS8JXMRO2vgnKo37o6x1ErucunYQA4zu96HRSbwjwJcYisaVqq0qwwva
2a/lIhXIujJw/mxtK94/1bDBzMrcRKnj3+QofbjOPYCM0CLE6kNrdvqwHbSKtovL
pZQgveVtVCZhXuLEH90PUQJkvHVZgCg7ICjsindSI+Q6cr8L
-----END CERTIFICATE-----
Generated at Fri Apr 11 15:39:58 2025 by rpki-client