Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/qZAnPuIsZ-wdbzdyou5tqpF40Zg.roa
File: qZAnPuIsZ-wdbzdyou5tqpF40Zg.roa (raw, json)
Hash identifier: f2idFSznlDWbD+BndphmUxux6HJe+jn4cHvz2HPGs3g=
Subject key identifier: A9:90:27:3E:E2:2C:67:EC:1D:6F:37:72:A2:EE:6D:AA:91:78:D1:98
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0F8D
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/qZAnPuIsZ-wdbzdyou5tqpF40Zg.roa
Signing time: Mon 10 Feb 2025 14:30:51 +0000
ROA not before: Mon 10 Feb 2025 14:30:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131641
IP address blocks: 103.136.60.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3981 (0xf8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Feb 10 14:30:51 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A990273EE22C67EC1D6F3772A2EE6DAA9178D198
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:d3:bf:b0:9e:1b:4e:47:5e:51:7d:09:96:c7:
fb:f3:3d:70:3a:ba:53:18:06:48:43:a0:c9:34:67:
a1:c6:ce:4c:52:5f:e4:12:0b:ff:41:27:a7:f3:f0:
52:c6:ec:b2:19:0b:2d:d9:81:62:52:8e:32:2d:f3:
31:36:66:ac:d8:51:50:12:07:2a:a8:ed:2a:9f:6f:
53:07:49:7e:dc:3a:5d:62:7d:5c:e1:7c:f3:ba:c7:
6b:5d:ff:63:80:0e:80:c2:71:60:45:71:42:84:cb:
fb:bf:b9:4d:0b:f8:0a:cf:66:ed:98:c9:fa:a0:a0:
3a:4e:8a:9c:33:cc:d9:a8:15:79:1e:c1:ea:e0:f4:
03:d6:ae:4c:e0:3f:54:0e:86:c0:c9:c2:61:e4:62:
85:dc:1c:09:82:dc:90:86:77:03:82:bf:d4:54:1e:
ea:2c:c5:a1:ea:11:e6:3a:98:0d:16:9d:5c:18:68:
52:c0:da:6f:77:16:de:99:c8:d6:9d:61:6f:7b:6f:
92:5e:bb:26:e2:90:3d:86:87:12:58:13:22:67:36:
dd:d9:27:56:2f:8e:91:f1:25:1c:18:bf:98:6f:48:
8d:8e:c1:d5:4d:4c:6a:34:bb:8b:68:cb:c7:64:b3:
30:16:ad:67:65:d5:96:d7:31:6b:91:0d:e0:64:58:
39:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:90:27:3E:E2:2C:67:EC:1D:6F:37:72:A2:EE:6D:AA:91:78:D1:98
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/qZAnPuIsZ-wdbzdyou5tqpF40Zg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:e0:7b:6c:79:04:3e:4d:e2:ea:3e:46:f6:60:23:69:dc:55:
f7:70:0c:00:93:1b:1e:cf:83:fa:af:8e:cd:4b:0d:a1:1e:4c:
e8:ef:ce:1b:38:d6:f0:d9:af:d5:9e:a2:20:e6:3e:ab:91:61:
fa:bb:ac:e8:e7:b4:05:3d:67:22:27:9f:9a:66:c4:0b:69:da:
6f:18:a1:a6:b3:d5:27:ef:5a:55:0e:0e:be:77:d4:00:fa:c6:
57:66:7d:de:6b:2b:94:a0:4d:37:3b:db:f8:de:ba:f5:f4:cb:
5c:9a:86:c6:c9:d9:91:23:b5:64:7f:bd:d9:98:32:09:ea:65:
eb:d7:15:ac:57:e9:c3:71:40:05:e8:8d:e6:f5:40:67:c8:6e:
53:d0:ba:ef:f3:eb:fd:b7:dc:c1:0d:50:54:65:b4:7d:9d:d5:
a0:0e:2d:62:ba:77:6d:ae:63:c8:56:92:35:45:ca:5e:bc:5f:
4a:96:46:cf:29:f2:02:01:4c:d9:81:03:73:0f:26:01:ff:9d:
4f:f8:3f:e0:24:43:da:4a:cb:86:86:75:e4:2d:0f:2a:a8:7f:
0b:07:f3:52:84:fc:ca:8b:7c:4c:e0:0b:8d:b3:c7:55:ad:93:
af:b2:5b:bc:11:bc:11:1a:08:93:7f:38:bf:81:16:65:2b:bb:
86:0c:98:98
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTAyMTAx
NDMwNTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE5OTAyNzNFRTIyQzY3
RUMxRDZGMzc3MkEyRUU2REFBOTE3OEQxOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD107+wnhtOR15RfQmWx/vzPXA6ulMYBkhDoMk0Z6HGzkxSX+QS
C/9BJ6fz8FLG7LIZCy3ZgWJSjjIt8zE2ZqzYUVASByqo7Sqfb1MHSX7cOl1ifVzh
fPO6x2td/2OADoDCcWBFcUKEy/u/uU0L+ArPZu2YyfqgoDpOipwzzNmoFXkewerg
9APWrkzgP1QOhsDJwmHkYoXcHAmC3JCGdwOCv9RUHuosxaHqEeY6mA0WnVwYaFLA
2m93Ft6ZyNadYW97b5JeuybikD2GhxJYEyJnNt3ZJ1YvjpHxJRwYv5hvSI2OwdVN
TGo0u4toy8dkszAWrWdl1ZbXMWuRDeBkWDk1AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUqZAnPuIsZ+wdbzdyou5tqpF40ZgwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL3FaQW5QdUlzWi13ZGJ6ZHlvdTV0cXBG
NDBaZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFniDwwDQYJ
KoZIhvcNAQELBQADggEBAKfge2x5BD5N4uo+RvZgI2ncVfdwDACTGx7Pg/qvjs1L
DaEeTOjvzhs41vDZr9WeoiDmPquRYfq7rOjntAU9ZyInn5pmxAtp2m8Yoaaz1Sfv
WlUODr531AD6xldmfd5rK5SgTTc72/jeuvX0y1yahsbJ2ZEjtWR/vdmYMgnqZevX
FaxX6cNxQAXojeb1QGfIblPQuu/z6/233MENUFRltH2d1aAOLWK6d22uY8hWkjVF
yl68X0qWRs8p8gIBTNmBA3MPJgH/nU/4P+AkQ9pKy4aGdeQtDyqofwsH81KE/MqL
fEzgC42zx1Wtk6+yW7wRvBEaCJN/OL+BFmUru4YMmJg=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:04 2025 by rpki-client