Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/sz4M1ZiLPSJ6UI_Ya8frER0kXjw.roa
File: sz4M1ZiLPSJ6UI_Ya8frER0kXjw.roa (raw, json)
Hash identifier: drG0UFyFBp3trqOt1dwrpRu6xOJsYl6Csm+P43n1iHs=
Subject key identifier: B3:3E:0C:D5:98:8B:3D:22:7A:50:8F:D8:6B:C7:EB:11:1D:24:5E:3C
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0F96
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/sz4M1ZiLPSJ6UI_Ya8frER0kXjw.roa
Signing time: Mon 10 Feb 2025 14:30:53 +0000
ROA not before: Mon 10 Feb 2025 14:30:53 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 24168
IP address blocks: 103.136.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3990 (0xf96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Feb 10 14:30:53 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=B33E0CD5988B3D227A508FD86BC7EB111D245E3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:46:1c:ad:f6:12:44:fd:ae:ce:c2:f4:50:43:
90:b1:8e:18:ed:bf:a4:79:b3:4b:69:f4:3e:01:3c:
a9:f2:1a:c6:6f:c0:58:17:94:8b:86:0c:d4:e9:8c:
94:74:ad:89:70:f3:73:db:05:47:89:86:74:a9:1f:
fd:14:92:fd:41:6f:3a:80:c8:a6:63:d3:ae:d3:35:
49:e0:8a:07:10:f3:a0:f4:8a:ea:29:12:df:1a:14:
58:55:f2:4f:b9:8c:ab:f5:9c:5a:49:1b:37:93:cf:
41:ee:9b:20:6c:1b:f1:7a:c6:45:c4:fa:d2:7d:7c:
45:a5:bc:5e:7a:d0:7c:06:4f:73:96:4b:f7:31:3c:
88:ad:8d:83:ca:f4:f9:69:38:bb:b4:4f:0a:17:05:
61:12:ea:ce:ac:58:d2:3a:77:bb:e3:cc:b1:f7:9e:
a9:8f:64:5e:28:4b:9b:f6:2d:a2:cb:02:d3:f4:23:
a5:b4:47:60:49:26:71:c8:6f:ec:6f:de:b4:34:56:
5d:9e:da:42:ed:0f:c4:89:51:48:77:18:cd:d5:bd:
8d:cb:1f:2c:9c:0b:ba:8f:e9:25:df:c1:f8:04:83:
0d:00:03:fd:d7:b2:62:08:44:63:4a:40:2e:b0:27:
0a:f6:73:ce:e8:b5:1c:3f:f0:9b:12:95:f5:85:a5:
d1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3E:0C:D5:98:8B:3D:22:7A:50:8F:D8:6B:C7:EB:11:1D:24:5E:3C
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/sz4M1ZiLPSJ6UI_Ya8frER0kXjw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/24
Signature Algorithm: sha256WithRSAEncryption
28:0e:ba:1d:14:35:98:ee:5d:2b:3c:bc:a3:9a:fa:e4:c8:4c:
84:9e:3d:6e:74:b7:31:65:4a:1b:82:1e:51:21:ef:29:9a:04:
b7:55:18:95:28:d3:50:c5:79:1f:21:f9:77:c2:7a:2e:40:70:
00:22:6b:22:f3:c7:57:0a:b5:97:0c:67:16:12:10:48:00:60:
56:21:b3:cc:9a:51:ad:4a:46:c2:84:25:b8:c9:26:53:ad:4a:
0b:a2:62:7c:b8:3e:de:65:8c:34:6e:70:21:99:6f:77:ff:9d:
a1:ce:3a:74:26:33:a6:8f:99:0b:ba:71:4b:f3:45:d5:fa:d1:
9c:e9:1d:93:bb:c6:5d:2b:73:a1:f3:00:6e:fb:60:ba:14:da:
1b:26:bf:b6:78:de:dc:0b:4a:1d:4a:d4:0b:3d:9b:68:f9:f3:
e5:ed:ec:54:45:ff:8e:13:08:b2:ac:2e:96:a7:22:2f:a1:74:
49:9a:30:7d:cc:7b:6b:90:25:0c:e2:71:1b:96:60:00:fc:c0:
f1:e0:e7:4d:b1:94:8f:c1:99:70:f3:32:dc:36:58:1d:e2:2b:
a7:21:2f:1c:95:86:b2:31:d1:46:af:1a:4b:4e:25:50:25:c5:
08:57:f0:a0:74:e5:1f:a0:09:2f:39:f9:68:55:08:9f:51:ea:
59:83:5f:0a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTAyMTAx
NDMwNTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEIzM0UwQ0Q1OTg4QjNE
MjI3QTUwOEZEODZCQzdFQjExMUQyNDVFM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1Rhyt9hJE/a7OwvRQQ5Cxjhjtv6R5s0tp9D4BPKnyGsZvwFgX
lIuGDNTpjJR0rYlw83PbBUeJhnSpH/0Ukv1BbzqAyKZj067TNUngigcQ86D0iuop
Et8aFFhV8k+5jKv1nFpJGzeTz0HumyBsG/F6xkXE+tJ9fEWlvF560HwGT3OWS/cx
PIitjYPK9PlpOLu0TwoXBWES6s6sWNI6d7vjzLH3nqmPZF4oS5v2LaLLAtP0I6W0
R2BJJnHIb+xv3rQ0Vl2e2kLtD8SJUUh3GM3VvY3LHyycC7qP6SXfwfgEgw0AA/3X
smIIRGNKQC6wJwr2c87otRw/8JsSlfWFpdGDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUsz4M1ZiLPSJ6UI/Ya8frER0kXjwwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL3N6NE0xWmlMUFNKNlVJX1lhOGZyRVIw
a1hqdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniDwwDQYJ
KoZIhvcNAQELBQADggEBACgOuh0UNZjuXSs8vKOa+uTITISePW50tzFlShuCHlEh
7ymaBLdVGJUo01DFeR8h+XfCei5AcAAiayLzx1cKtZcMZxYSEEgAYFYhs8yaUa1K
RsKEJbjJJlOtSguiYny4Pt5ljDRucCGZb3f/naHOOnQmM6aPmQu6cUvzRdX60Zzp
HZO7xl0rc6HzAG77YLoU2hsmv7Z43twLSh1K1As9m2j58+Xt7FRF/44TCLKsLpan
Ii+hdEmaMH3Me2uQJQzicRuWYAD8wPHg502xlI/BmXDzMtw2WB3iK6chLxyVhrIx
0UavGktOJVAlxQhX8KB05R+gCS85+WhVCJ9R6lmDXwo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:34 2025 by rpki-client