Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/aF4w0qmjBNbwNaUgjQHRi3LjrO4.roa
File: aF4w0qmjBNbwNaUgjQHRi3LjrO4.roa (raw, json)
Hash identifier: Kkz7yWYVVu73Ow9p3Fr3UxAdYuFgfze9rd+psUC/6JU=
Subject key identifier: 68:5E:30:D2:A9:A3:04:D6:F0:35:A5:20:8D:01:D1:8B:72:E3:AC:EE
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0EB1
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/aF4w0qmjBNbwNaUgjQHRi3LjrO4.roa
Signing time: Mon 10 Feb 2025 13:59:47 +0000
ROA not before: Mon 10 Feb 2025 13:59:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38843
IP address blocks: 103.20.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3761 (0xeb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Feb 10 13:59:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=685E30D2A9A304D6F035A5208D01D18B72E3ACEE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:98:f0:9e:13:70:21:16:01:a7:c9:6e:5e:97:
23:4c:2d:96:f7:aa:45:7a:66:90:2f:fb:75:75:63:
fd:74:71:64:fa:fc:e6:0a:fd:e9:18:66:be:68:82:
6b:35:f6:af:81:23:c6:f8:0f:bc:da:bc:3e:6f:b4:
0c:48:11:8a:ae:03:16:bc:9f:fd:1d:4b:9b:32:ae:
9e:d3:ed:18:1a:11:d0:f9:b0:b3:cc:91:0f:ea:69:
0e:68:05:66:37:e2:8d:74:f1:0d:89:2e:da:28:9e:
6f:91:db:4f:49:dc:f7:78:ea:e6:53:59:bc:fc:6b:
36:f4:49:75:45:c9:7f:b0:ca:c8:16:66:d9:17:ff:
35:a8:a3:4a:97:15:20:d4:8d:2f:20:00:b4:d7:a7:
58:9e:fc:44:76:bc:ad:b0:a4:5d:a9:28:b0:e3:f0:
48:b5:c6:55:4e:15:ab:c5:d7:6d:fb:8e:31:46:3e:
f1:fd:05:96:9e:0c:24:0f:f5:9e:3d:79:87:41:d8:
39:17:c6:a8:84:a8:9d:81:94:84:e8:9e:8b:38:c9:
07:8d:dd:61:37:fd:29:75:7b:1d:c2:25:02:74:15:
30:b3:f4:e4:9e:0b:33:d6:91:a3:f5:9d:df:68:7d:
bd:e3:05:f1:9f:cd:ad:c3:95:78:0b:6e:b3:79:01:
11:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:5E:30:D2:A9:A3:04:D6:F0:35:A5:20:8D:01:D1:8B:72:E3:AC:EE
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/aF4w0qmjBNbwNaUgjQHRi3LjrO4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.20.40.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:b3:da:b6:9b:8b:91:fe:60:d4:5b:24:4d:00:7a:a0:e4:da:
43:8a:b8:c1:0b:3e:1d:26:ca:d8:8d:af:e7:91:76:92:47:a0:
d3:b6:9c:c3:55:f2:98:32:62:b0:93:d5:20:1e:6e:fb:e6:1d:
b3:5e:16:18:2b:44:58:47:18:59:75:81:db:24:2f:57:ce:3e:
5e:62:97:94:05:d9:ce:88:65:48:4f:9a:f5:2d:f7:e6:12:6e:
02:fe:a3:2f:32:5c:5e:21:e7:39:b8:b5:67:78:6b:ec:85:ab:
8a:84:ff:f4:92:fa:c2:01:a4:f8:f8:af:25:d2:1b:40:88:93:
1a:0d:e7:11:30:b0:63:80:70:83:04:72:80:6b:bf:88:be:c9:
7c:05:37:c3:3e:9e:87:93:e0:cf:bc:be:ba:5f:41:14:14:c4:
d5:65:40:3b:de:e5:be:c1:4c:71:10:9c:5f:48:7f:5e:86:04:
ab:a6:f4:b8:3f:98:a7:7d:61:97:9d:68:61:12:b6:ff:59:f7:
ac:79:e3:db:56:1a:0a:88:ad:d6:39:29:a7:a0:7d:4c:b7:b0:
b2:f5:84:b6:df:48:84:d4:7d:c8:e5:d1:bc:8a:63:dd:23:ce:
93:22:e9:16:16:ce:f2:49:eb:6d:45:00:83:40:80:f2:83:d7:
50:26:23:72
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDrEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yNTAyMTAx
MzU5NDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDY4NUUzMEQyQTlBMzA0
RDZGMDM1QTUyMDhEMDFEMThCNzJFM0FDRUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTmPCeE3AhFgGnyW5elyNMLZb3qkV6ZpAv+3V1Y/10cWT6/OYK
/ekYZr5ogms19q+BI8b4D7zavD5vtAxIEYquAxa8n/0dS5syrp7T7RgaEdD5sLPM
kQ/qaQ5oBWY34o108Q2JLtoonm+R209J3Pd46uZTWbz8azb0SXVFyX+wysgWZtkX
/zWoo0qXFSDUjS8gALTXp1ie/ER2vK2wpF2pKLDj8Ei1xlVOFavF1237jjFGPvH9
BZaeDCQP9Z49eYdB2DkXxqiEqJ2BlITonos4yQeN3WE3/Sl1ex3CJQJ0FTCz9OSe
CzPWkaP1nd9ofb3jBfGfza3DlXgLbrN5AREZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUaF4w0qmjBNbwNaUgjQHRi3LjrO4wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vYUY0dzBxbWpCTmJ3TmFVZ2pRSFJp
M0xqck80LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmcUKDAN
BgkqhkiG9w0BAQsFAAOCAQEApLPatpuLkf5g1FskTQB6oOTaQ4q4wQs+HSbK2I2v
55F2kkeg07acw1XymDJisJPVIB5u++Yds14WGCtEWEcYWXWB2yQvV84+XmKXlAXZ
zohlSE+a9S335hJuAv6jLzJcXiHnObi1Z3hr7IWrioT/9JL6wgGk+PivJdIbQIiT
Gg3nETCwY4BwgwRygGu/iL7JfAU3wz6eh5Pgz7y+ul9BFBTE1WVAO97lvsFMcRCc
X0h/XoYEq6b0uD+Yp31hl51oYRK2/1n3rHnj21YaCoit1jkpp6B9TLewsvWEtt9I
hNR9yOXRvIpj3SPOkyLpFhbO8knrbUUAg0CA8oPXUCYjcg==
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:08:27 2025 by rpki-client