Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/M1Nqv1hBKDReP9iCa2nJKywsgCI.roa
File: M1Nqv1hBKDReP9iCa2nJKywsgCI.roa (raw, json)
Hash identifier: qmMra/ei0qVbFrOkUHNT8hJBqzgW0BQLtk/z5NpEP6E=
Subject key identifier: 33:53:6A:BF:58:41:28:34:5E:3F:D8:82:6B:69:C9:2B:2C:2C:80:22
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0CA4
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/M1Nqv1hBKDReP9iCa2nJKywsgCI.roa
Signing time: Mon 10 Feb 2025 14:06:26 +0000
ROA not before: Mon 10 Feb 2025 14:06:26 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 103.252.128.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3236 (0xca4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Feb 10 14:06:26 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=33536ABF584128345E3FD8826B69C92B2C2C8022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:89:22:49:ed:13:ee:2d:a9:90:e2:75:42:ee:
42:4c:45:07:19:97:f9:ff:89:f1:bb:cd:79:a4:87:
78:12:8b:11:b6:23:51:80:0e:6d:27:5a:2d:56:9d:
a7:e2:f0:a8:54:c6:c4:7f:e5:05:d5:a5:19:5e:72:
b7:9a:e6:4b:82:4e:79:e7:76:05:44:94:86:73:e4:
22:5b:ad:f2:ba:68:c8:e7:1f:c9:3c:2d:1b:54:34:
2c:d4:f0:96:11:fc:8e:33:4f:46:9d:8d:82:f6:1d:
3a:c1:08:11:6e:2e:8b:b2:58:ad:57:05:b5:81:80:
b6:d5:ef:56:d9:5e:85:53:27:37:7c:d6:3f:16:50:
14:ce:9b:76:a3:3a:80:c8:73:ed:6e:af:19:10:d6:
8f:d7:fc:31:62:5d:f9:06:b0:ba:a1:a1:59:17:46:
f6:c0:63:d2:d2:c9:f9:cb:bb:b5:ca:a8:61:bd:5b:
cf:c9:9e:49:72:12:ef:a9:9d:47:57:2a:8b:5a:d5:
9c:a3:35:6a:11:fd:0a:88:e6:2e:91:b7:2c:ea:41:
fe:91:5d:08:1f:5c:b0:5f:f3:52:ef:d2:16:1b:9a:
2d:37:f5:29:19:0c:f4:02:23:cb:c9:2c:0d:06:88:
fa:a6:82:f2:4d:88:71:0c:2c:52:a5:26:7b:d3:11:
7c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:53:6A:BF:58:41:28:34:5E:3F:D8:82:6B:69:C9:2B:2C:2C:80:22
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/M1Nqv1hBKDReP9iCa2nJKywsgCI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.128.0/22
Signature Algorithm: sha256WithRSAEncryption
55:2f:cf:84:05:50:9f:76:91:2e:2c:8a:c2:5e:b7:ef:82:cf:
ca:c3:92:8a:f6:0d:bc:c4:4a:cb:93:83:a0:c0:e6:91:c6:a1:
32:39:aa:d8:8b:dd:07:22:3d:6e:e4:40:cf:52:bf:48:6b:17:
bd:30:fe:8e:a7:64:05:75:39:47:29:ea:55:10:15:25:c2:91:
fb:81:05:5d:c3:e6:14:21:e1:49:3a:68:f7:de:57:6a:b4:ce:
86:f4:5f:ee:55:23:70:ef:74:14:08:8d:2c:07:17:7b:f4:9d:
f0:00:95:16:d2:b7:1f:02:9e:09:80:92:4c:c3:2f:75:13:f2:
9f:65:87:ad:d6:3b:19:69:10:1a:b8:0d:09:0e:bd:3c:28:ad:
ce:e3:24:20:cc:d0:50:c5:4d:97:ea:d3:75:15:32:a9:8d:2c:
bd:4e:7b:9b:e2:65:35:fd:30:82:ac:79:da:75:f3:e3:2e:b3:
c8:3e:7d:e8:94:e6:df:01:01:35:2d:46:54:44:06:4d:aa:b5:
ff:ca:43:9d:0d:ed:61:62:b2:f5:cd:a4:ff:9f:81:17:d4:51:
b5:9c:ef:11:74:8c:da:32:d2:e1:bb:50:fd:1a:09:b8:0f:ea:
53:35:f0:94:98:f7:ed:45:bb:d8:6b:35:e0:4f:ad:44:85:10:
d3:5c:36:e4
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDKQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTAyMTAx
NDA2MjZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMzNTM2QUJGNTg0MTI4
MzQ1RTNGRDg4MjZCNjlDOTJCMkMyQzgwMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5iSJJ7RPuLamQ4nVC7kJMRQcZl/n/ifG7zXmkh3gSixG2I1GA
Dm0nWi1Wnafi8KhUxsR/5QXVpRlecrea5kuCTnnndgVElIZz5CJbrfK6aMjnH8k8
LRtUNCzU8JYR/I4zT0adjYL2HTrBCBFuLouyWK1XBbWBgLbV71bZXoVTJzd81j8W
UBTOm3ajOoDIc+1urxkQ1o/X/DFiXfkGsLqhoVkXRvbAY9LSyfnLu7XKqGG9W8/J
nklyEu+pnUdXKota1ZyjNWoR/QqI5i6RtyzqQf6RXQgfXLBf81Lv0hYbmi039SkZ
DPQCI8vJLA0GiPqmgvJNiHEMLFKlJnvTEXyhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUM1Nqv1hBKDReP9iCa2nJKywsgCIwHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL00xTnF2MWhCS0RSZVA5aUNhMm5KS3l3
c2dDSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/IAwDQYJ
KoZIhvcNAQELBQADggEBAFUvz4QFUJ92kS4sisJet++Cz8rDkor2DbzESsuTg6DA
5pHGoTI5qtiL3QciPW7kQM9Sv0hrF70w/o6nZAV1OUcp6lUQFSXCkfuBBV3D5hQh
4Uk6aPfeV2q0zob0X+5VI3DvdBQIjSwHF3v0nfAAlRbStx8CngmAkkzDL3UT8p9l
h63WOxlpEBq4DQkOvTworc7jJCDM0FDFTZfq03UVMqmNLL1Oe5viZTX9MIKsedp1
8+Mus8g+feiU5t8BATUtRlREBk2qtf/KQ50N7WFisvXNpP+fgRfUUbWc7xF0jNoy
0uG7UP0aCbgP6lM18JSY9+1Fu9hrNeBPrUSFENNcNuQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:48:32 2025 by rpki-client