Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/1ZcvVn95Uv4WJTrC4OPXmEmhHE0.roa
File: 1ZcvVn95Uv4WJTrC4OPXmEmhHE0.roa (raw, json)
Hash identifier: Q/F525NLgItfw5z0vpk4FsnjSSpBqOrT6QRCUqAX/Pw=
Subject key identifier: D5:97:2F:56:7F:79:52:FE:16:25:3A:C2:E0:E3:D7:98:49:A1:1C:4D
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0CA5
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/1ZcvVn95Uv4WJTrC4OPXmEmhHE0.roa
Signing time: Mon 10 Feb 2025 14:06:26 +0000
ROA not before: Mon 10 Feb 2025 14:06:26 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 10085
IP address blocks: 103.252.128.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3237 (0xca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Feb 10 14:06:26 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D5972F567F7952FE16253AC2E0E3D79849A11C4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:d4:89:93:2a:41:66:60:e6:da:94:c7:90:72:
df:64:53:c1:f0:07:95:18:92:d8:36:d2:d4:0c:b4:
ca:9e:a1:df:2b:0e:da:00:11:b6:0d:e1:da:93:ac:
7f:09:b3:f8:55:12:e6:b1:ec:99:0a:19:6e:36:33:
48:ec:ad:0f:25:14:64:52:b9:88:7f:7c:96:16:60:
40:5d:92:ce:9a:d5:7d:a5:aa:1d:42:69:fe:c0:d7:
47:4c:f2:1d:54:7a:db:f1:e9:35:5d:59:fa:cd:5c:
76:59:9a:7a:65:f1:24:ba:f7:33:02:dc:fc:4f:e7:
12:86:a2:34:3d:00:61:8a:3b:03:ea:40:10:5d:da:
14:95:bd:1e:ed:c5:e9:c0:a4:6b:ab:7e:fa:65:25:
b1:59:dd:04:e2:a1:e8:de:b3:94:9f:a2:17:0e:a1:
8a:b3:6f:05:d5:db:a9:ce:fd:a4:35:55:59:c8:71:
ee:88:80:55:1b:a3:2f:d3:5c:5e:92:a4:c9:47:ef:
aa:88:25:45:22:74:c3:69:a7:12:15:a6:9e:fa:3d:
c9:82:fb:e5:66:d9:5d:12:cd:96:97:fc:10:45:ff:
82:67:95:e1:87:5c:a9:36:45:86:5e:62:83:b4:34:
13:2f:e7:5a:f5:f5:cc:a2:6c:07:eb:f0:0d:24:36:
5c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:97:2F:56:7F:79:52:FE:16:25:3A:C2:E0:E3:D7:98:49:A1:1C:4D
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/1ZcvVn95Uv4WJTrC4OPXmEmhHE0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.128.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:cf:46:b3:22:ca:6f:9a:de:f9:c2:c7:8e:ae:47:7c:8c:23:
6e:95:a5:e0:cf:28:da:25:4d:6a:67:e3:57:89:0b:36:2b:57:
e5:19:55:7b:41:34:7e:79:63:68:df:3d:47:d4:db:24:7b:5c:
b8:e6:57:25:8d:d0:a1:a4:56:47:8b:d6:22:c6:04:b0:71:0c:
93:fc:06:18:98:74:f6:9c:ba:8c:67:a6:f0:f7:65:f2:eb:b5:
8f:ef:30:d0:1c:d0:67:bf:16:f6:f2:54:a2:93:d0:ef:a4:32:
e7:b5:bb:58:7d:dc:e2:d1:f3:88:22:2b:71:79:a5:d6:01:70:
d1:dd:51:dc:5b:12:60:c9:61:52:6d:17:49:21:41:aa:0c:df:
b2:d5:cc:ae:5c:e3:50:5b:8a:bd:3e:5b:12:ee:7e:1b:ac:f2:
3f:dc:31:44:bf:e1:23:e1:15:a3:1a:3b:ae:2a:c4:7e:4e:e5:
00:ba:6a:ba:05:ba:de:76:17:3e:d4:20:45:ed:77:4d:6f:ec:
2a:e1:19:94:6d:83:2e:a4:0a:5c:6c:5a:7a:01:ae:9a:64:9f:
f5:33:51:07:ae:9b:4f:98:95:bc:01:83:75:dc:9c:e3:5f:78:
85:72:31:d9:2f:d3:30:bb:35:fb:45:fe:d3:84:d5:b7:cd:aa:
e7:4c:da:66
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTAyMTAx
NDA2MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ1OTcyRjU2N0Y3OTUy
RkUxNjI1M0FDMkUwRTNENzk4NDlBMTFDNEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDz1ImTKkFmYObalMeQct9kU8HwB5UYktg20tQMtMqeod8rDtoA
EbYN4dqTrH8Js/hVEuax7JkKGW42M0jsrQ8lFGRSuYh/fJYWYEBdks6a1X2lqh1C
af7A10dM8h1Uetvx6TVdWfrNXHZZmnpl8SS69zMC3PxP5xKGojQ9AGGKOwPqQBBd
2hSVvR7txenApGurfvplJbFZ3QTioejes5SfohcOoYqzbwXV26nO/aQ1VVnIce6I
gFUboy/TXF6SpMlH76qIJUUidMNppxIVpp76PcmC++Vm2V0SzZaX/BBF/4JnleGH
XKk2RYZeYoO0NBMv51r19cyibAfr8A0kNlx5AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU1ZcvVn95Uv4WJTrC4OPXmEmhHE0wHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBLzFaY3ZWbjk1VXY0V0pUckM0T1BYbUVt
aEhFMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/IAwDQYJ
KoZIhvcNAQELBQADggEBAHrPRrMiym+a3vnCx46uR3yMI26VpeDPKNolTWpn41eJ
CzYrV+UZVXtBNH55Y2jfPUfU2yR7XLjmVyWN0KGkVkeL1iLGBLBxDJP8BhiYdPac
uoxnpvD3ZfLrtY/vMNAc0Ge/FvbyVKKT0O+kMue1u1h93OLR84giK3F5pdYBcNHd
UdxbEmDJYVJtF0khQaoM37LVzK5c41Bbir0+WxLufhus8j/cMUS/4SPhFaMaO64q
xH5O5QC6aroFut52Fz7UIEXtd01v7CrhGZRtgy6kClxsWnoBrppkn/UzUQeum0+Y
lbwBg3XcnONfeIVyMdkv0zC7NftF/tOE1bfNqudM2mY=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:48:32 2025 by rpki-client