Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/p2CKhwUPwSBFS9UVt9rZEshhc5A.roa
File: p2CKhwUPwSBFS9UVt9rZEshhc5A.roa (raw, json)
Hash identifier: Po+5n/LlslKzgUoDmTfdCTIAUSC61wfAiR+WDM73vpE=
Subject key identifier: A7:60:8A:87:05:0F:C1:20:45:4B:D5:15:B7:DA:D9:12:C8:61:73:90
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 11EF
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/p2CKhwUPwSBFS9UVt9rZEshhc5A.roa
Signing time: Tue 03 Jun 2025 06:12:49 +0000
ROA not before: Tue 03 Jun 2025 06:12:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 210.209.240.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4591 (0x11ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Jun 3 06:12:49 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=A7608A87050FC120454BD515B7DAD912C8617390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:51:27:40:31:c9:97:ab:d3:74:62:60:80:ce:
d8:bb:91:d4:54:0e:f8:e8:f8:3c:97:69:1e:24:fd:
c5:f5:6c:6f:75:f6:fd:82:ca:85:60:09:3d:11:6c:
94:4f:f9:b9:4c:fc:4d:ec:77:52:67:5e:e0:43:6c:
dd:4c:ad:b8:f7:b2:e8:f8:00:59:06:45:07:74:54:
d7:9e:c2:82:0a:87:b9:71:12:3c:aa:74:7a:b5:91:
b9:93:46:12:57:5e:2f:a4:e3:a0:02:ed:14:42:73:
5f:05:6d:cb:62:a5:75:23:06:64:db:b4:da:6a:bb:
30:d1:98:15:57:6e:88:e8:ea:43:c5:e3:39:26:ab:
67:b3:1c:52:2f:34:98:f9:52:b2:6e:d5:75:9e:e2:
ca:2f:1f:2b:b8:22:08:09:c0:98:53:4c:dc:7f:64:
7c:fe:c2:af:d9:04:c2:92:22:f2:2d:3e:a7:66:27:
4f:8f:cb:71:78:ab:2e:cf:4e:5f:db:21:52:eb:56:
2a:fd:8e:86:d3:a9:be:ce:eb:99:bc:68:38:2f:9d:
a9:21:d3:b7:4b:62:b8:eb:67:ba:82:ad:5c:bd:ca:
7c:54:16:10:bd:9f:8b:78:1c:51:87:3c:a8:e8:cf:
fb:c2:95:de:fc:96:6a:6a:07:4e:4d:7f:fe:a2:8b:
2a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:60:8A:87:05:0F:C1:20:45:4B:D5:15:B7:DA:D9:12:C8:61:73:90
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/p2CKhwUPwSBFS9UVt9rZEshhc5A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.209.240.0/20
Signature Algorithm: sha256WithRSAEncryption
97:16:f5:b1:60:a3:95:e4:86:a0:ac:62:ff:43:1d:36:b8:70:
5b:dd:8a:ef:db:32:a1:20:c2:1a:39:a1:b4:45:2b:8d:5a:0f:
00:29:55:f0:0e:1d:29:5a:f3:74:54:78:00:32:2f:36:89:ab:
2f:74:aa:4e:ef:7b:01:da:0b:af:7d:06:da:1e:6b:7a:b5:4b:
2f:a3:4e:65:be:66:10:7a:ff:c5:5c:5f:8e:84:f9:3e:ad:11:
57:07:47:7d:cb:dd:48:28:28:48:b2:05:de:2b:69:6e:be:6a:
9f:a8:ac:7b:a3:44:b2:ba:50:34:3e:42:92:50:29:2b:70:51:
81:0a:7b:ad:4f:c4:f6:72:e7:0f:72:2e:1a:a5:da:19:3c:b9:
70:5a:89:73:aa:67:ff:8b:c8:0e:8b:be:78:0a:7a:01:bb:ba:
30:56:58:7d:ef:ab:89:02:bf:cc:83:01:a8:1a:f7:fc:c6:20:
22:db:b4:e7:68:31:00:17:d9:04:2f:ee:91:5a:63:ca:53:e2:
fc:a4:b6:03:75:8b:14:18:9a:bc:36:53:d3:34:0a:42:eb:c3:
41:86:ce:67:ae:46:5a:dc:af:3a:94:db:49:97:1e:d6:c8:06:
6c:60:bd:30:10:2d:83:30:09:9a:6a:4a:53:fd:20:cd:3f:f6:
f7:53:60:ab
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTA2MDMw
NjEyNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEE3NjA4QTg3MDUwRkMx
MjA0NTRCRDUxNUI3REFEOTEyQzg2MTczOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPUSdAMcmXq9N0YmCAzti7kdRUDvjo+DyXaR4k/cX1bG919v2C
yoVgCT0RbJRP+blM/E3sd1JnXuBDbN1Mrbj3suj4AFkGRQd0VNeewoIKh7lxEjyq
dHq1kbmTRhJXXi+k46AC7RRCc18FbctipXUjBmTbtNpquzDRmBVXbojo6kPF4zkm
q2ezHFIvNJj5UrJu1XWe4sovHyu4IggJwJhTTNx/ZHz+wq/ZBMKSIvItPqdmJ0+P
y3F4qy7PTl/bIVLrVir9jobTqb7O65m8aDgvnakh07dLYrjrZ7qCrVy9ynxUFhC9
n4t4HFGHPKjoz/vCld78lmpqB05Nf/6iiyqTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUp2CKhwUPwSBFS9UVt9rZEshhc5AwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvcDJDS2h3VVB3U0JGUzlVVnQ5clpF
c2hoYzVBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLR8DAN
BgkqhkiG9w0BAQsFAAOCAQEAlxb1sWCjleSGoKxi/0MdNrhwW92K79syoSDCGjmh
tEUrjVoPAClV8A4dKVrzdFR4ADIvNomrL3SqTu97AdoLr30G2h5rerVLL6NOZb5m
EHr/xVxfjoT5Pq0RVwdHfcvdSCgoSLIF3itpbr5qn6ise6NEsrpQND5CklApK3BR
gQp7rU/E9nLnD3IuGqXaGTy5cFqJc6pn/4vIDou+eAp6Abu6MFZYfe+riQK/zIMB
qBr3/MYgItu052gxABfZBC/ukVpjylPi/KS2A3WLFBiavDZT0zQKQuvDQYbOZ65G
WtyvOpTbSZce1sgGbGC9MBAtgzAJmmpKU/0gzT/291Ngqw==
-----END CERTIFICATE-----
Generated at Thu Jun 5 03:12:39 2025 by rpki-client