Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ETIME/3KUuoOHdeP-NQ1e3QtjppePmQNY.roa
File: 3KUuoOHdeP-NQ1e3QtjppePmQNY.roa (raw, json)
Hash identifier: ACyjSGrLIyNk3JCWkQBNPcFZpBzCifmm+6WUnAalr4A=
Subject key identifier: DC:A5:2E:A0:E1:DD:78:FF:8D:43:57:B7:42:D8:E9:A5:E3:E6:40:D6
Certificate issuer: /CN=E0EA885A7E6971C99342777E7DDDBA65D0EB131F
Certificate serial: 0422
Authority key identifier: E0:EA:88:5A:7E:69:71:C9:93:42:77:7E:7D:DD:BA:65:D0:EB:13:1F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4OqIWn5pccmTQnd-fd26ZdDrEx8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ETIME/3KUuoOHdeP-NQ1e3QtjppePmQNY.roa
Signing time: Mon 10 Feb 2025 14:22:57 +0000
ROA not before: Mon 10 Feb 2025 14:22:57 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 38042
IP address blocks: 103.158.228.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1058 (0x422)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E0EA885A7E6971C99342777E7DDDBA65D0EB131F
Validity
Not Before: Feb 10 14:22:57 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DCA52EA0E1DD78FF8D4357B742D8E9A5E3E640D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:e8:5b:a1:fc:58:ed:b0:42:5f:34:d6:18:7e:
ab:b4:dd:6b:f2:5e:2c:1a:42:18:8d:54:01:b4:24:
67:5e:e4:6f:4d:d4:33:e8:ac:b1:48:cf:15:dd:38:
22:fb:2d:cb:b6:7b:a9:1e:f1:57:6d:a3:f0:5e:bd:
aa:59:74:0f:76:bb:a7:55:31:1d:4b:22:fb:e6:af:
69:2b:64:61:88:85:67:ed:3e:10:7c:40:73:25:10:
78:75:24:18:48:07:f0:09:f5:b3:c0:61:d2:e6:a1:
45:9a:10:41:56:2b:0d:e8:cf:ca:6c:75:7f:7e:75:
2c:3b:9c:6d:b5:90:6f:b5:82:10:90:76:01:38:93:
01:37:c3:d1:41:9f:25:12:88:66:d8:04:0c:e9:34:
d4:f8:04:56:b4:2c:b5:65:ce:ba:72:a1:64:b4:82:
2e:b5:da:fc:b4:c2:f8:30:1c:3b:17:e4:fb:67:86:
d0:91:ba:be:04:e7:f4:84:55:13:4b:d0:26:60:db:
49:51:26:d8:18:37:00:ae:73:5b:10:75:c7:3f:6c:
e9:30:0b:6b:bc:70:98:c0:48:d8:bb:34:1e:01:83:
7a:6f:b3:c8:b1:b0:2c:2b:54:9c:25:2b:b0:52:da:
d3:73:bb:49:bc:3d:47:25:8a:83:5e:25:d6:3e:20:
f1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A5:2E:A0:E1:DD:78:FF:8D:43:57:B7:42:D8:E9:A5:E3:E6:40:D6
X509v3 Authority Key Identifier:
keyid:E0:EA:88:5A:7E:69:71:C9:93:42:77:7E:7D:DD:BA:65:D0:EB:13:1F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ETIME/4OqIWn5pccmTQnd-fd26ZdDrEx8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4OqIWn5pccmTQnd-fd26ZdDrEx8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ETIME/3KUuoOHdeP-NQ1e3QtjppePmQNY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.228.0/23
Signature Algorithm: sha256WithRSAEncryption
27:13:d4:e3:2b:33:40:e3:78:da:7e:d8:b6:6c:d1:e0:f2:f7:
bd:28:e9:27:47:e2:96:1b:3d:e2:7e:ff:61:ff:fa:9e:b1:32:
3f:0d:44:1c:8d:30:d4:98:62:84:29:9c:f7:e1:56:d2:48:42:
0c:df:e2:e0:96:23:a5:54:d1:36:d1:9f:e0:fd:f2:d1:86:c2:
ea:0e:0a:ab:39:32:8a:7a:1d:5a:70:63:65:a2:73:74:8d:4c:
34:43:59:92:10:60:36:0b:b2:5f:10:bb:81:93:6b:8a:f7:c2:
58:8a:39:dd:a9:de:a5:f1:be:75:a3:7a:fb:66:3c:d1:92:80:
f0:7c:4b:e9:6e:88:25:c3:0f:79:86:b3:0a:bb:73:44:ed:be:
07:a0:23:50:01:fa:83:6d:cd:c2:bd:6b:5e:cc:5a:1c:0e:d5:
18:c4:9b:f9:bc:d5:bd:cd:bc:a2:bc:b4:2d:ce:57:72:ac:f3:
b6:46:1a:9b:69:c2:1e:06:9a:bf:f1:4b:dc:51:cd:99:df:0e:
b2:6c:aa:d5:e1:0d:46:5c:93:90:1b:1d:c3:f2:75:3a:1b:1e:
78:39:4e:d5:1f:1d:9a:95:1f:bb:e6:9c:21:2e:7d:11:2d:36:
13:3c:82:c7:ce:54:7e:0a:68:21:7d:e4:f0:39:a8:3f:eb:2d:
f0:30:4b:6c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICBCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTBF
QTg4NUE3RTY5NzFDOTkzNDI3NzdFN0REREJBNjVEMEVCMTMxRjAeFw0yNTAyMTAx
NDIyNTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERDQTUyRUEwRTFERDc4
RkY4RDQzNTdCNzQyRDhFOUE1RTNFNjQwRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC76Fuh/FjtsEJfNNYYfqu03WvyXiwaQhiNVAG0JGde5G9N1DPo
rLFIzxXdOCL7Lcu2e6ke8Vdto/BevapZdA92u6dVMR1LIvvmr2krZGGIhWftPhB8
QHMlEHh1JBhIB/AJ9bPAYdLmoUWaEEFWKw3oz8psdX9+dSw7nG21kG+1ghCQdgE4
kwE3w9FBnyUSiGbYBAzpNNT4BFa0LLVlzrpyoWS0gi612vy0wvgwHDsX5PtnhtCR
ur4E5/SEVRNL0CZg20lRJtgYNwCuc1sQdcc/bOkwC2u8cJjASNi7NB4Bg3pvs8ix
sCwrVJwlK7BS2tNzu0m8PUclioNeJdY+IPFlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3KUuoOHdeP+NQ1e3QtjppePmQNYwHwYDVR0jBBgwFoAU4OqIWn5pccmTQnd+
fd26ZdDrEx8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRVRJTUUv
NE9xSVduNXBjY21UUW5kLWZkMjZaZERyRXg4LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80T3FJV241cGNjbVRRbmQtZmQyNlpkRHJFeDguY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FVElNRS8zS1V1b09IZGVQLU5RMWUzUXRq
cHBlUG1RTlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ57k
MA0GCSqGSIb3DQEBCwUAA4IBAQAnE9TjKzNA43jafti2bNHg8ve9KOknR+KWGz3i
fv9h//qesTI/DUQcjTDUmGKEKZz34VbSSEIM3+LgliOlVNE20Z/g/fLRhsLqDgqr
OTKKeh1acGNlonN0jUw0Q1mSEGA2C7JfELuBk2uK98JYijndqd6l8b51o3r7ZjzR
koDwfEvpboglww95hrMKu3NE7b4HoCNQAfqDbc3CvWtezFocDtUYxJv5vNW9zbyi
vLQtzldyrPO2RhqbacIeBpq/8UvcUc2Z3w6ybKrV4Q1GXJOQGx3D8nU6Gx54OU7V
Hx2alR+75pwhLn0RLTYTPILHzlR+CmghfeTwOag/6y3wMEts
-----END CERTIFICATE-----
Generated at Sun Apr 6 18:47:04 2025 by rpki-client