Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWT/48Qdohz0IbQimRbsD674Y9SDZfM.roa
File: 48Qdohz0IbQimRbsD674Y9SDZfM.roa (raw, json)
Hash identifier: hfCrPnJnz1Iez2BmdRHpIPFxdxd23EOVlZm+6LdlfX8=
Subject key identifier: E3:C4:1D:A2:1C:F4:21:B4:22:99:16:EC:0F:AE:F8:63:D4:83:65:F3
Certificate issuer: /CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Certificate serial: 0CC5
Authority key identifier: 7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/48Qdohz0IbQimRbsD674Y9SDZfM.roa
Signing time: Mon 10 Feb 2025 14:23:22 +0000
ROA not before: Mon 10 Feb 2025 14:23:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38851
IP address blocks: 103.229.100.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3269 (0xcc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7EC7F1677BB492380282153BB77EC2EBE3185378
Validity
Not Before: Feb 10 14:23:22 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=E3C41DA21CF421B4229916EC0FAEF863D48365F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5f:c6:f3:c9:06:44:a7:62:fc:c8:64:f7:45:
ea:37:b8:03:37:11:73:4f:12:cd:3a:12:1e:fd:79:
d2:56:e6:37:3f:43:dd:01:88:5f:94:ae:ed:b2:5a:
70:ff:4f:76:32:95:49:63:6b:28:91:9d:e6:64:a9:
e7:7f:a4:b7:75:92:01:73:fd:c5:02:7f:65:35:d8:
5b:f6:ee:18:65:0b:7d:7b:5e:0d:d9:1b:78:33:af:
da:48:5b:b5:51:1b:f8:a2:de:58:97:07:b2:7f:21:
1f:02:7f:1c:f1:f6:97:df:82:1f:0c:fa:34:54:5f:
04:13:6c:e7:52:0f:16:35:1e:e2:ce:f1:46:0e:d0:
20:e3:36:51:5d:06:29:7f:dd:9e:e2:0b:a9:8c:4e:
e6:62:61:ed:59:62:06:bf:a8:9f:56:dd:c9:eb:93:
37:dd:18:47:5b:fa:cc:b2:94:f0:53:ff:79:ce:cb:
ef:c9:89:22:14:91:21:96:f1:3c:a2:71:de:e8:77:
51:1f:5d:5c:18:e6:7c:d2:96:3d:cf:19:0f:90:3e:
66:36:e3:11:19:fa:a4:d0:58:81:63:6b:69:05:ad:
57:ca:c6:56:09:67:f6:9d:ba:4f:70:2f:9a:af:07:
a8:4e:2c:02:9d:80:42:25:36:73:e9:33:32:8f:44:
03:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C4:1D:A2:1C:F4:21:B4:22:99:16:EC:0F:AE:F8:63:D4:83:65:F3
X509v3 Authority Key Identifier:
keyid:7E:C7:F1:67:7B:B4:92:38:02:82:15:3B:B7:7E:C2:EB:E3:18:53:78
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/fsfxZ3u0kjgCghU7t37C6-MYU3g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fsfxZ3u0kjgCghU7t37C6-MYU3g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWT/48Qdohz0IbQimRbsD674Y9SDZfM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.229.100.0/22
Signature Algorithm: sha256WithRSAEncryption
17:42:cd:93:28:e6:0a:3a:33:e1:9e:d9:52:4c:ea:a2:6f:f5:
9b:39:39:37:db:d1:4a:e0:a2:29:a2:49:be:07:da:00:b0:22:
7a:78:1c:e7:eb:3a:4c:10:46:b3:fc:9e:17:fa:f2:40:57:c3:
71:3a:31:e8:09:c3:c2:d3:e0:05:3c:f9:21:f6:c0:cb:ea:df:
3d:a0:3e:8a:9c:9b:ef:5b:0d:a2:7f:a0:0f:90:3d:98:8b:a8:
7c:ca:28:7c:fc:2c:ae:02:ee:07:7d:6a:aa:99:dd:35:49:44:
1f:4f:46:bf:96:c4:ad:a1:2e:7c:45:63:22:f3:bd:2d:6f:68:
ae:6a:66:de:1b:12:b9:7f:52:0d:c0:0a:22:3c:22:5b:a6:9e:
51:27:6c:6d:93:e9:f6:e0:fb:e4:a7:18:c7:76:24:c4:c2:6d:
cc:4f:82:9b:8a:94:25:cf:dd:a9:6f:81:01:d1:7a:bf:52:d3:
9e:f9:41:0e:02:f7:58:32:3d:5d:98:7f:da:32:fd:de:0b:8c:
de:be:16:80:11:42:c7:89:60:54:1f:b8:3a:ad:cd:5a:a3:d1:
0e:2a:c6:b3:3c:14:9a:bb:99:12:10:c0:19:aa:cb:23:ab:84:
25:a1:6f:7a:f1:f1:16:1f:7e:13:b7:cd:33:d5:be:96:c9:1e:
67:de:e8:1f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDMUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0VD
N0YxNjc3QkI0OTIzODAyODIxNTNCQjc3RUMyRUJFMzE4NTM3ODAeFw0yNTAyMTAx
NDIzMjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUzQzQxREEyMUNGNDIx
QjQyMjk5MTZFQzBGQUVGODYzRDQ4MzY1RjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPX8bzyQZEp2L8yGT3Reo3uAM3EXNPEs06Eh79edJW5jc/Q90B
iF+Uru2yWnD/T3YylUljayiRneZkqed/pLd1kgFz/cUCf2U12Fv27hhlC317Xg3Z
G3gzr9pIW7VRG/ii3liXB7J/IR8Cfxzx9pffgh8M+jRUXwQTbOdSDxY1HuLO8UYO
0CDjNlFdBil/3Z7iC6mMTuZiYe1ZYga/qJ9W3cnrkzfdGEdb+syylPBT/3nOy+/J
iSIUkSGW8Tyicd7od1EfXVwY5nzSlj3PGQ+QPmY24xEZ+qTQWIFja2kFrVfKxlYJ
Z/aduk9wL5qvB6hOLAKdgEIlNnPpMzKPRANDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU48Qdohz0IbQimRbsD674Y9SDZfMwHwYDVR0jBBgwFoAUfsfxZ3u0kjgCghU7
t37C6+MYU3gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdUL2Zz
ZnhaM3Uwa2pnQ2doVTd0MzdDNi1NWVUzZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZnNmeFozdTBramdDZ2hVN3QzN0M2LU1ZVTNnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFdULzQ4UWRvaHowSWJRaW1SYnNENjc0WTlT
RFpmTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn5WQwDQYJ
KoZIhvcNAQELBQADggEBABdCzZMo5go6M+Ge2VJM6qJv9Zs5OTfb0UrgoimiSb4H
2gCwInp4HOfrOkwQRrP8nhf68kBXw3E6MegJw8LT4AU8+SH2wMvq3z2gPoqcm+9b
DaJ/oA+QPZiLqHzKKHz8LK4C7gd9aqqZ3TVJRB9PRr+WxK2hLnxFYyLzvS1vaK5q
Zt4bErl/Ug3ACiI8IlumnlEnbG2T6fbg++SnGMd2JMTCbcxPgpuKlCXP3alvgQHR
er9S0575QQ4C91gyPV2Yf9oy/d4LjN6+FoARQseJYFQfuDqtzVqj0Q4qxrM8FJq7
mRIQwBmqyyOrhCWhb3rx8RYffhO3zTPVvpbJHmfe6B8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:23:21 2025 by rpki-client