Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/QjWH8IvvcQRnRJwyrC-yfGiXzHs.roa
File: QjWH8IvvcQRnRJwyrC-yfGiXzHs.roa (raw, json)
Hash identifier: PZ9YEwp2XR9xSBGCVl6iG4XZkPUrM/aSAEYSJqEG048=
Subject key identifier: 42:35:87:F0:8B:EF:71:04:67:44:9C:32:AC:2F:B2:7C:68:97:CC:7B
Certificate issuer: /CN=EB7F4A8B7B210DB9208ED580357045E5971DE0D3
Certificate serial: 03F7
Authority key identifier: EB:7F:4A:8B:7B:21:0D:B9:20:8E:D5:80:35:70:45:E5:97:1D:E0:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/QjWH8IvvcQRnRJwyrC-yfGiXzHs.roa
Signing time: Mon 10 Feb 2025 14:20:44 +0000
ROA not before: Mon 10 Feb 2025 14:20:44 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131618
IP address blocks: 103.161.6.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1015 (0x3f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB7F4A8B7B210DB9208ED580357045E5971DE0D3
Validity
Not Before: Feb 10 14:20:44 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=423587F08BEF710467449C32AC2FB27C6897CC7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:19:62:4d:9f:a0:3a:24:4f:df:f8:dd:1a:48:
0f:bd:94:e2:f8:75:62:f5:fb:04:d5:1d:53:c5:66:
92:d9:4c:68:a7:78:d7:ec:d6:1f:ba:05:0a:be:eb:
7e:71:3c:26:9f:b6:fc:c5:5d:b2:d4:2c:c9:41:89:
a6:f1:8e:1c:c7:af:fb:0f:46:2a:86:e4:49:7a:ee:
8c:f2:95:83:1d:9e:22:5e:cc:ea:13:36:6d:d6:a0:
c9:95:d1:0a:af:8c:07:a7:e1:f9:3e:51:f1:f9:ff:
7d:03:04:62:da:74:b2:91:e8:cd:6a:b1:54:50:99:
de:84:20:37:8f:ee:b8:a6:2d:71:0d:05:8c:20:b7:
d4:d5:fe:2d:0d:7a:2f:ba:8a:ed:2d:18:a2:49:01:
af:d1:9f:d4:09:fc:ee:9d:80:1c:5e:b7:40:34:ac:
17:ca:af:8d:8f:7e:80:27:c1:dd:8d:5c:43:ee:59:
df:67:11:38:bb:da:1a:ba:76:16:71:78:c6:13:31:
60:70:5e:05:c4:79:38:1d:85:6b:7f:49:a7:af:4a:
55:91:31:9f:fe:19:a6:1b:b8:18:80:27:cf:cb:af:
34:85:e2:79:eb:03:cc:7a:91:99:ac:0e:d8:45:e5:
5e:f1:da:8d:ad:ff:14:81:54:ba:83:04:e3:87:86:
41:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:35:87:F0:8B:EF:71:04:67:44:9C:32:AC:2F:B2:7C:68:97:CC:7B
X509v3 Authority Key Identifier:
keyid:EB:7F:4A:8B:7B:21:0D:B9:20:8E:D5:80:35:70:45:E5:97:1D:E0:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/639Ki3shDbkgjtWANXBF5Zcd4NM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/639Ki3shDbkgjtWANXBF5Zcd4NM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CARLWATCH/QjWH8IvvcQRnRJwyrC-yfGiXzHs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:fe:50:7b:9b:5d:c1:60:7e:8d:96:7a:65:aa:da:d1:59:cd:
55:f3:ba:3e:18:f6:4f:c3:b8:9d:51:26:21:e9:d6:ec:3e:7f:
c7:48:9a:51:56:ca:82:d1:d6:5d:2a:9e:36:a5:76:e6:a2:08:
a8:f4:4a:a0:6e:bc:9c:81:aa:26:c6:b1:c3:c6:11:67:17:49:
28:44:00:99:fc:fe:19:f8:e6:30:1f:e7:da:17:f1:38:25:1e:
0d:95:a8:60:e2:2f:2e:eb:60:11:94:55:2b:b4:a7:54:06:9a:
12:70:e9:2d:00:6c:ed:2e:d1:33:20:cc:c8:87:f9:a6:fd:62:
e5:25:63:c3:01:77:16:2b:41:94:d8:9a:99:5d:05:22:46:a4:
59:05:af:50:91:9a:78:70:e0:93:b2:31:96:18:49:2d:d6:5d:
eb:98:76:e2:b1:f4:05:f3:e7:15:77:9a:53:7f:51:9f:b2:5a:
24:52:78:d7:7f:70:73:ec:e1:0c:50:9b:2a:e6:d5:b1:37:bc:
94:f2:be:67:4e:89:cf:ce:6a:bc:02:e0:3f:05:b3:04:42:d7:
76:1a:28:48:78:77:3d:c7:7a:a2:1e:21:5a:9a:65:06:b2:15:
0f:30:ce:16:70:c8:fe:47:02:ed:4b:78:6e:32:23:29:f1:63:
f2:31:be:c7
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICA/cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI3
RjRBOEI3QjIxMERCOTIwOEVENTgwMzU3MDQ1RTU5NzFERTBEMzAeFw0yNTAyMTAx
NDIwNDRaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQyMzU4N0YwOEJFRjcx
MDQ2NzQ0OUMzMkFDMkZCMjdDNjg5N0NDN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJGWJNn6A6JE/f+N0aSA+9lOL4dWL1+wTVHVPFZpLZTGineNfs
1h+6BQq+635xPCaftvzFXbLULMlBiabxjhzHr/sPRiqG5El67ozylYMdniJezOoT
Nm3WoMmV0QqvjAen4fk+UfH5/30DBGLadLKR6M1qsVRQmd6EIDeP7rimLXENBYwg
t9TV/i0Nei+6iu0tGKJJAa/Rn9QJ/O6dgBxet0A0rBfKr42PfoAnwd2NXEPuWd9n
ETi72hq6dhZxeMYTMWBwXgXEeTgdhWt/SaevSlWRMZ/+GaYbuBiAJ8/LrzSF4nnr
A8x6kZmsDthF5V7x2o2t/xSBVLqDBOOHhkFrAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUQjWH8IvvcQRnRJwyrC+yfGiXzHswHwYDVR0jBBgwFoAU639Ki3shDbkgjtWA
NXBF5Zcd4NMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FSTFdB
VENILzYzOUtpM3NoRGJrZ2p0V0FOWEJGNVpjZDROTS5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvNjM5S2kzc2hEYmtnanRXQU5YQkY1WmNkNE5NLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0FSTFdBVENIL1FqV0g4SXZ2Y1FS
blJKd3lyQy15ZkdpWHpIcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFnoQYwDQYJKoZIhvcNAQELBQADggEBAK7+UHubXcFgfo2WemWq2tFZzVXz
uj4Y9k/DuJ1RJiHp1uw+f8dImlFWyoLR1l0qnjalduaiCKj0SqBuvJyBqibGscPG
EWcXSShEAJn8/hn45jAf59oX8TglHg2VqGDiLy7rYBGUVSu0p1QGmhJw6S0AbO0u
0TMgzMiH+ab9YuUlY8MBdxYrQZTYmpldBSJGpFkFr1CRmnhw4JOyMZYYSS3WXeuY
duKx9AXz5xV3mlN/UZ+yWiRSeNd/cHPs4QxQmyrm1bE3vJTyvmdOic/OarwC4D8F
swRC13YaKEh4dz3HeqIeIVqaZQayFQ8wzhZwyP5HAu1LeG4yIynxY/Ixvsc=
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:32:23 2025 by rpki-client