Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/w4giOLeJgtwZBEclKCl9L2zpNqE.roa
File: w4giOLeJgtwZBEclKCl9L2zpNqE.roa (raw, json)
Hash identifier: H4LPJK8YFwv9mpRc7i2sfXu142PvmyjG/+Tfg1lsVSw=
Subject key identifier: C3:88:22:38:B7:89:82:DC:19:04:47:25:28:29:7D:2F:6C:E9:36:A1
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0F90
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/w4giOLeJgtwZBEclKCl9L2zpNqE.roa
Signing time: Mon 10 Feb 2025 14:30:51 +0000
ROA not before: Mon 10 Feb 2025 14:30:51 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18424
IP address blocks: 103.136.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3984 (0xf90)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Feb 10 14:30:51 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C3882238B78982DC1904472528297D2F6CE936A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:b8:6a:4e:b4:ab:e1:47:24:d8:a8:76:3e:
fb:16:b2:7d:d5:93:75:aa:2b:1a:3f:a2:92:ba:e6:
20:f6:e2:e0:8f:49:75:b3:1f:09:3a:8b:4f:73:82:
09:b6:e4:3c:62:7a:42:49:02:8b:a1:4d:69:17:97:
16:9e:c1:d8:80:03:8c:fe:58:29:9f:b4:a6:79:eb:
63:17:95:b6:0a:51:44:aa:5a:3f:b6:ed:2e:cc:b1:
30:cf:20:66:a1:42:10:e5:e8:81:a2:73:98:e7:94:
0c:ff:79:26:eb:a2:b0:f5:06:8f:e1:05:ed:22:bc:
94:b6:3d:34:4a:15:a7:55:2d:dc:91:a9:05:b4:1e:
e9:59:b2:49:8b:b8:bc:8c:79:5a:ca:17:a8:bc:3a:
e5:58:d1:ae:9e:32:d8:9a:df:72:4b:a6:ce:bb:38:
2d:02:10:07:29:e4:d3:6c:1b:07:e6:a1:d2:e8:85:
e6:aa:80:80:93:0e:42:10:00:b9:a0:5a:39:cd:65:
36:8c:de:98:91:07:3a:62:74:44:e8:8b:94:dc:5e:
f7:16:4f:d1:a6:ab:8d:cc:32:bc:aa:89:7a:ee:74:
8c:11:e7:82:13:de:c7:40:e5:d7:2c:3e:73:79:6e:
6e:72:25:6b:9a:29:cc:2e:bb:24:e8:32:c9:76:ba:
af:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:88:22:38:B7:89:82:DC:19:04:47:25:28:29:7D:2F:6C:E9:36:A1
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/w4giOLeJgtwZBEclKCl9L2zpNqE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:d4:c8:39:4d:82:50:a0:c0:77:10:e4:81:da:5b:71:ed:6e:
21:fd:4d:f4:c8:ef:04:e5:67:3c:f6:e1:03:e8:15:fd:86:8f:
bd:da:f3:22:22:52:fb:9a:bf:d0:ec:6d:a9:e9:0f:ac:86:e8:
f2:8d:8f:9b:4a:54:0f:37:17:d7:c3:61:b8:2b:18:00:71:e4:
4b:eb:91:07:e0:55:28:e5:91:27:1d:75:57:52:fb:bf:7d:32:
92:9b:00:9e:da:0b:a3:23:8d:84:cc:c7:87:b4:99:14:26:73:
cf:2c:01:0d:55:30:c7:6c:72:c7:83:b3:da:29:58:b1:15:e2:
62:ba:f7:a5:0c:72:41:f4:27:c1:2b:ef:ac:6e:c6:d4:a9:0e:
53:7a:09:68:ec:05:7d:12:77:0b:b1:3d:c1:55:49:bc:02:68:
3d:44:55:f7:f4:f1:4a:ac:05:bb:21:81:58:1f:be:39:5a:cd:
5e:f1:e4:47:22:1d:88:1f:5d:f4:09:dc:61:64:43:2d:24:af:
9c:b3:69:ca:69:73:bc:6a:f4:97:08:f1:98:8c:54:f0:66:7f:
57:ab:a6:4b:47:0e:fb:de:3c:09:4c:53:20:38:d7:da:db:a9:
34:ee:fc:0f:26:75:6e:60:8e:66:9a:5b:cd:ef:6a:ce:c3:5f:
6c:a8:63:64
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD5AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTAyMTAx
NDMwNTFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMzODgyMjM4Qjc4OTgy
REMxOTA0NDcyNTI4Mjk3RDJGNkNFOTM2QTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCi0bhqTrSr4Uck2Kh2PvsWsn3Vk3WqKxo/opK65iD24uCPSXWz
Hwk6i09zggm25DxiekJJAouhTWkXlxaewdiAA4z+WCmftKZ562MXlbYKUUSqWj+2
7S7MsTDPIGahQhDl6IGic5jnlAz/eSbrorD1Bo/hBe0ivJS2PTRKFadVLdyRqQW0
HulZskmLuLyMeVrKF6i8OuVY0a6eMtia33JLps67OC0CEAcp5NNsGwfmodLoheaq
gICTDkIQALmgWjnNZTaM3piRBzpidEToi5TcXvcWT9Gmq43MMryqiXrudIwR54IT
3sdA5dcsPnN5bm5yJWuaKcwuuyToMsl2uq/nAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUw4giOLeJgtwZBEclKCl9L2zpNqEwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL3c0Z2lPTGVKZ3R3WkJFY2xLQ2w5TDJ6
cE5xRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniDwwDQYJ
KoZIhvcNAQELBQADggEBAGvUyDlNglCgwHcQ5IHaW3HtbiH9TfTI7wTlZzz24QPo
Ff2Gj73a8yIiUvuav9DsbanpD6yG6PKNj5tKVA83F9fDYbgrGABx5EvrkQfgVSjl
kScddVdS+799MpKbAJ7aC6MjjYTMx4e0mRQmc88sAQ1VMMdscseDs9opWLEV4mK6
96UMckH0J8Er76xuxtSpDlN6CWjsBX0SdwuxPcFVSbwCaD1EVff08UqsBbshgVgf
vjlazV7x5EciHYgfXfQJ3GFkQy0kr5yzacppc7xq9JcI8ZiMVPBmf1erpktHDvve
PAlMUyA419rbqTTu/A8mdW5gjmaaW83vas7DX2yoY2Q=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:37 2025 by rpki-client