Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/z6GfaBOgWGWFbK9dKl0T1DdFjUg.roa
File: z6GfaBOgWGWFbK9dKl0T1DdFjUg.roa (raw, json)
Hash identifier: xDcFnVzlYrK7jZYkbZb0iOoX57VyWnP7hfKUaiAkhP0=
Subject key identifier: CF:A1:9F:68:13:A0:58:65:85:6C:AF:5D:2A:5D:13:D4:37:45:8D:48
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0F98
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/z6GfaBOgWGWFbK9dKl0T1DdFjUg.roa
Signing time: Mon 10 Feb 2025 14:30:53 +0000
ROA not before: Mon 10 Feb 2025 14:30:53 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131641
IP address blocks: 103.136.60.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3992 (0xf98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Feb 10 14:30:53 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=CFA19F6813A05865856CAF5D2A5D13D437458D48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:fb:9e:da:0c:ba:7e:59:9f:25:52:7e:88:79:
3b:78:e3:fc:07:df:b7:99:0c:e2:5b:34:68:9d:98:
ad:45:31:e7:da:d3:65:f3:51:bb:1a:1d:45:16:cd:
fa:1e:4b:82:3f:af:c9:3f:5d:81:84:f5:d9:27:1f:
38:fd:8f:42:6b:74:49:59:68:7d:c0:7b:1f:77:0e:
43:cd:1a:b7:95:91:b4:39:88:c0:9d:5d:da:1f:d2:
4f:0a:f4:c9:ec:e4:3a:59:bd:87:cf:94:fb:42:da:
69:be:ed:04:5f:d5:46:d3:ac:b7:fa:09:2f:81:88:
f3:11:28:85:65:14:c7:95:6f:14:06:be:53:01:85:
2e:c9:12:01:29:af:9d:03:9c:8f:c7:87:fa:80:57:
2c:20:87:db:5e:ee:2c:00:6a:0d:3e:1f:ed:03:b6:
9e:34:41:ab:b2:07:fe:16:1a:80:88:0d:e2:00:b4:
ba:eb:20:60:5c:b5:a3:db:fb:7f:66:03:0b:45:4a:
d2:e8:eb:33:a2:b2:2e:36:eb:79:8a:2e:c5:a8:72:
18:10:10:44:78:c1:f7:57:f8:ed:37:8a:3e:78:2f:
6f:6f:d5:b9:af:18:18:f1:5d:c3:ee:b0:fa:90:c8:
5c:cc:a7:14:3d:7f:d6:17:93:9e:02:b4:0d:1f:40:
c3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A1:9F:68:13:A0:58:65:85:6C:AF:5D:2A:5D:13:D4:37:45:8D:48
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/z6GfaBOgWGWFbK9dKl0T1DdFjUg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/24
Signature Algorithm: sha256WithRSAEncryption
36:a8:b1:26:cb:a4:9f:7c:5f:9b:01:30:9a:0c:7b:cb:76:ca:
ff:30:aa:e3:7b:93:be:71:38:45:23:37:e0:29:65:e8:73:3e:
1a:ae:a6:07:ec:d6:c0:a0:29:f6:f6:eb:b0:d9:25:8a:cf:7b:
83:7f:c4:4e:39:91:f8:80:c6:0a:89:70:2c:71:23:7e:e0:eb:
8b:08:ff:3f:a1:ae:b8:34:77:1d:ad:f9:ec:b1:77:ed:1b:9f:
07:41:2f:d3:75:30:d7:de:7e:6c:f8:ed:0d:0d:e2:a9:44:b5:
a6:df:65:31:34:14:cb:96:ea:5a:9f:07:cd:c1:1b:98:f7:67:
4d:a1:e5:3d:d9:8a:28:7d:b8:a7:d9:d7:94:3a:71:34:74:94:
bf:d1:da:4b:82:79:c2:fb:84:ae:ec:54:b9:2d:dc:cd:0d:9e:
7f:0d:62:ce:0b:85:89:6c:6a:2b:27:4b:bd:46:d0:7e:ed:8e:
79:b5:d1:25:3f:b7:f0:91:a1:e9:be:72:8a:11:5c:dc:c8:2a:
c4:be:bf:eb:b1:be:f8:63:81:2e:e8:e8:66:3c:84:bb:03:97:
38:68:5f:9d:03:c0:5d:54:85:5b:0e:95:d0:87:b1:b1:48:17:
02:5e:7a:2e:ad:00:17:40:20:b1:6e:91:36:c9:e3:f1:52:a9:
94:0f:db:8e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICD5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yNTAyMTAx
NDMwNTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKENGQTE5RjY4MTNBMDU4
NjU4NTZDQUY1RDJBNUQxM0Q0Mzc0NThENDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDq+57aDLp+WZ8lUn6IeTt44/wH37eZDOJbNGidmK1FMefa02Xz
UbsaHUUWzfoeS4I/r8k/XYGE9dknHzj9j0JrdElZaH3Aex93DkPNGreVkbQ5iMCd
Xdof0k8K9Mns5DpZvYfPlPtC2mm+7QRf1UbTrLf6CS+BiPMRKIVlFMeVbxQGvlMB
hS7JEgEpr50DnI/Hh/qAVywgh9te7iwAag0+H+0Dtp40QauyB/4WGoCIDeIAtLrr
IGBctaPb+39mAwtFStLo6zOisi4263mKLsWochgQEER4wfdX+O03ij54L29v1bmv
GBjxXcPusPqQyFzMpxQ9f9YXk54CtA0fQMO7AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUz6GfaBOgWGWFbK9dKl0T1DdFjUgwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL3o2R2ZhQk9nV0dXRmJLOWRLbDBUMURk
RmpVZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniDwwDQYJ
KoZIhvcNAQELBQADggEBADaosSbLpJ98X5sBMJoMe8t2yv8wquN7k75xOEUjN+Ap
ZehzPhqupgfs1sCgKfb267DZJYrPe4N/xE45kfiAxgqJcCxxI37g64sI/z+hrrg0
dx2t+eyxd+0bnwdBL9N1MNfefmz47Q0N4qlEtabfZTE0FMuW6lqfB83BG5j3Z02h
5T3Ziih9uKfZ15Q6cTR0lL/R2kuCecL7hK7sVLkt3M0Nnn8NYs4LhYlsaisnS71G
0H7tjnm10SU/t/CRoem+cooRXNzIKsS+v+uxvvhjgS7o6GY8hLsDlzhoX50DwF1U
hVsOldCHsbFIFwJeei6tABdAILFukTbJ4/FSqZQP244=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:37 2025 by rpki-client