Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/4LCuSTLL7qeP9mF1fUbtbwtI1uA.roa
File: 4LCuSTLL7qeP9mF1fUbtbwtI1uA.roa (raw, json)
Hash identifier: rQwJ9oPwvvyl/c2WYI+KqBsAiYtF0PmNP25R9m7Jzuc=
Subject key identifier: E0:B0:AE:49:32:CB:EE:A7:8F:F6:61:75:7D:46:ED:6F:0B:48:D6:E0
Certificate issuer: /CN=45F30B4C5ECE6E12E6D90889D7940D8E1871072B
Certificate serial: 0237
Authority key identifier: 45:F3:0B:4C:5E:CE:6E:12:E6:D9:08:89:D7:94:0D:8E:18:71:07:2B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RfMLTF7ObhLm2QiJ15QNjhhxBys.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/4LCuSTLL7qeP9mF1fUbtbwtI1uA.roa
Signing time: Mon 10 Feb 2025 14:17:21 +0000
ROA not before: Mon 10 Feb 2025 14:17:21 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 103.37.5.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 567 (0x237)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45F30B4C5ECE6E12E6D90889D7940D8E1871072B
Validity
Not Before: Feb 10 14:17:21 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=E0B0AE4932CBEEA78FF661757D46ED6F0B48D6E0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4c:8c:82:a4:3e:94:55:b7:f1:1d:a4:7a:a3:
4b:3c:15:92:a1:be:20:2b:86:7e:f6:78:4b:b7:6f:
b6:36:6a:c1:32:34:db:10:a3:bc:ae:f9:e5:03:64:
b0:16:de:27:e2:4a:d1:f5:08:cb:48:f0:9b:83:47:
5d:9f:b0:bf:e4:6d:63:2f:b4:72:32:b4:b7:7f:ec:
c0:34:44:c9:82:b3:ab:2f:ed:b7:e1:87:10:da:05:
13:20:ad:51:0b:bc:98:a8:4d:5f:8b:20:43:f8:e8:
e4:4a:c4:6b:b8:92:f4:af:d6:b1:24:dc:43:83:b4:
81:68:7e:ac:2b:4f:d7:4a:b7:02:2b:38:c7:0e:a8:
ce:be:ab:33:bb:0e:91:de:a1:78:ed:22:c1:d6:31:
af:7c:06:f2:77:93:04:8c:34:fe:46:19:da:54:ed:
be:8a:8b:19:a0:b4:3c:31:c3:9a:4f:d7:01:bb:7d:
21:59:3c:01:7f:21:43:22:be:52:f6:18:6f:4b:35:
1b:e3:e1:83:9a:fc:14:6e:99:8c:ce:61:2a:25:f8:
0e:f5:f5:7b:aa:65:14:36:57:aa:dc:e1:85:e6:a5:
60:0b:43:d9:8c:89:6f:53:af:7a:68:3f:52:0c:df:
d0:0f:bb:6b:65:95:9e:dd:2d:fd:a8:74:0a:60:8d:
37:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:B0:AE:49:32:CB:EE:A7:8F:F6:61:75:7D:46:ED:6F:0B:48:D6:E0
X509v3 Authority Key Identifier:
keyid:45:F3:0B:4C:5E:CE:6E:12:E6:D9:08:89:D7:94:0D:8E:18:71:07:2B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/RfMLTF7ObhLm2QiJ15QNjhhxBys.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RfMLTF7ObhLm2QiJ15QNjhhxBys.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SMTRTCH/4LCuSTLL7qeP9mF1fUbtbwtI1uA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.37.5.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ea:27:d6:ed:fb:7a:69:50:45:7a:d8:c3:b9:52:41:53:89:
e6:06:e9:40:7f:5f:93:c9:88:30:ed:5c:aa:c4:a2:62:b4:9d:
12:b4:90:6f:14:20:04:bf:00:80:be:8c:5c:a8:67:25:c7:b0:
00:55:f7:2b:9f:bd:52:df:5b:cf:3c:75:d7:81:3c:6c:c2:98:
26:4b:fa:09:8c:ca:df:b4:a4:3c:19:91:fe:ac:27:e0:a6:00:
80:44:db:46:cf:01:ae:e5:58:fc:61:93:2a:a7:69:07:6e:d6:
42:40:47:99:28:a6:4f:b7:ea:83:fa:ee:db:3c:9b:3b:1c:81:
dd:9e:31:00:44:b8:f3:82:23:38:72:27:7e:3a:97:35:80:da:
1d:87:4d:15:71:69:4e:4a:7d:4e:ed:06:e7:38:8a:e5:a7:74:
ac:6e:ce:41:36:73:42:9a:7b:93:a3:b9:3e:9c:85:bb:9d:cf:
20:20:a0:7f:4a:9e:cb:1a:07:59:6e:05:de:d8:38:5e:76:fb:
75:9b:f9:7a:13:07:ad:57:00:80:c6:66:0a:d0:ca:83:2a:23:
01:39:1c:b5:1a:aa:8f:fc:28:62:f1:e0:f5:c1:ad:f5:a5:9d:
b0:0e:da:f2:5d:a9:cb:db:83:2e:29:7b:a5:93:70:4f:b0:26:
4d:48:1d:b6
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAjcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDVG
MzBCNEM1RUNFNkUxMkU2RDkwODg5RDc5NDBEOEUxODcxMDcyQjAeFw0yNTAyMTAx
NDE3MjFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUwQjBBRTQ5MzJDQkVF
QTc4RkY2NjE3NTdENDZFRDZGMEI0OEQ2RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDITIyCpD6UVbfxHaR6o0s8FZKhviArhn72eEu3b7Y2asEyNNsQ
o7yu+eUDZLAW3ifiStH1CMtI8JuDR12fsL/kbWMvtHIytLd/7MA0RMmCs6sv7bfh
hxDaBRMgrVELvJioTV+LIEP46ORKxGu4kvSv1rEk3EODtIFofqwrT9dKtwIrOMcO
qM6+qzO7DpHeoXjtIsHWMa98BvJ3kwSMNP5GGdpU7b6KixmgtDwxw5pP1wG7fSFZ
PAF/IUMivlL2GG9LNRvj4YOa/BRumYzOYSol+A719XuqZRQ2V6rc4YXmpWALQ9mM
iW9Tr3poP1IM39APu2tllZ7dLf2odApgjTcvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU4LCuSTLL7qeP9mF1fUbtbwtI1uAwHwYDVR0jBBgwFoAURfMLTF7ObhLm2QiJ
15QNjhhxByswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU01UUlRD
SC9SZk1MVEY3T2JoTG0yUWlKMTVRTmpoaHhCeXMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1JmTUxURjdPYmhMbTJRaUoxNVFOamhoeEJ5cy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NNVFJUQ0gvNExDdVNUTEw3cWVQOW1G
MWZVYnRid3RJMXVBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGclBTANBgkqhkiG9w0BAQsFAAOCAQEAVeon1u37emlQRXrYw7lSQVOJ5gbpQH9f
k8mIMO1cqsSiYrSdErSQbxQgBL8AgL6MXKhnJcewAFX3K5+9Ut9bzzx114E8bMKY
Jkv6CYzK37SkPBmR/qwn4KYAgETbRs8BruVY/GGTKqdpB27WQkBHmSimT7fqg/ru
2zybOxyB3Z4xAES484IjOHInfjqXNYDaHYdNFXFpTkp9Tu0G5ziK5ad0rG7OQTZz
Qpp7k6O5PpyFu53PICCgf0qeyxoHWW4F3tg4Xnb7dZv5ehMHrVcAgMZmCtDKgyoj
ATkctRqqj/woYvHg9cGt9aWdsA7a8l2py9uDLil7pZNwT7AmTUgdtg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 11:29:32 2025 by rpki-client