Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IDT/PxqUQ2dppS0zgkWsScRLPNsT-qY.roa
File: PxqUQ2dppS0zgkWsScRLPNsT-qY.roa (raw, json)
Hash identifier: Ddq0bv0aoe+gV0Kl3NEPrdhzh9+0BE9vLXiJTYHB8So=
Subject key identifier: 3F:1A:94:43:67:69:A5:2D:33:82:45:AC:49:C4:4B:3C:DB:13:FA:A6
Certificate issuer: /CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493
Certificate serial: 0502
Authority key identifier: 4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/PxqUQ2dppS0zgkWsScRLPNsT-qY.roa
Signing time: Mon 10 Feb 2025 14:10:06 +0000
ROA not before: Mon 10 Feb 2025 14:10:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 138997
IP address blocks: 103.152.220.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1282 (0x502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493
Validity
Not Before: Feb 10 14:10:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3F1A94436769A52D338245AC49C44B3CDB13FAA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9c:2c:b3:49:4a:07:01:46:56:1b:73:f1:b2:
ad:48:36:d2:c7:bc:fd:f0:7a:78:9c:67:92:cc:26:
60:0b:58:55:cd:60:f4:bd:2d:7e:27:a5:5f:3b:db:
58:06:ec:cf:8f:d9:0c:42:7b:e7:f6:6f:a7:29:ea:
0d:e3:05:c0:d5:6f:55:d5:87:fa:31:9f:c8:2c:fc:
5e:b2:88:56:ea:c3:2a:21:8f:e3:4c:33:41:16:fc:
3c:64:ae:b8:0f:b4:02:4b:d1:8a:11:93:7c:c1:c9:
df:1c:02:a1:fa:a6:16:b6:b9:ce:62:4e:69:a1:98:
86:5c:27:ee:b1:74:cf:cb:ec:af:ce:eb:b9:fe:ca:
70:93:d0:b6:d2:01:5c:f6:42:ee:75:a5:85:82:b9:
6d:9a:96:25:bc:c4:dd:ae:8c:38:43:59:66:df:06:
8e:5b:9c:03:2d:66:77:04:cb:a5:93:15:c0:c5:22:
46:e6:50:ed:e3:9e:de:1b:14:b2:d0:bf:6b:3b:ba:
15:32:27:4e:c4:66:50:0b:4d:f5:9c:8e:92:ea:16:
df:64:e7:07:ec:30:b9:77:88:b9:2b:f5:12:b7:a8:
40:1e:25:d5:9d:43:9f:ca:7b:ca:bc:45:ab:16:48:
73:9a:ae:85:59:62:92:d2:3f:0a:22:90:21:c0:a4:
31:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1A:94:43:67:69:A5:2D:33:82:45:AC:49:C4:4B:3C:DB:13:FA:A6
X509v3 Authority Key Identifier:
keyid:4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/PxqUQ2dppS0zgkWsScRLPNsT-qY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.152.220.0/23
Signature Algorithm: sha256WithRSAEncryption
d8:89:81:10:cd:d9:90:a2:75:dd:d0:5c:3d:c3:e5:cf:70:eb:
19:fc:97:25:59:6f:76:b6:e5:71:d4:45:92:5d:36:fd:57:42:
88:fc:73:09:a4:a4:05:86:11:4e:55:07:a1:5e:5a:e7:ca:39:
2f:3d:38:3d:4e:9a:50:62:19:c3:07:74:87:69:7b:6d:bd:12:
96:74:81:29:49:59:66:ce:4f:f0:ff:3b:9a:41:0b:e1:54:84:
f0:be:d3:f4:6b:de:1a:ba:d0:92:26:99:ca:86:a8:31:2b:46:
84:88:6f:45:31:9d:71:be:b6:d2:be:72:cc:bc:0d:a9:5c:4d:
a2:57:e9:61:60:f7:6c:53:9f:2c:cd:6d:51:8e:b9:05:c5:de:
3c:3b:d3:8d:be:1d:29:cd:6f:35:c8:13:df:58:c4:d9:ab:3d:
85:1a:fc:5c:6f:14:b3:c2:5e:65:ed:31:84:e6:08:d5:41:e4:
9a:99:d5:8c:27:66:c0:34:50:48:0f:1c:62:40:0e:d3:54:f2:
19:79:77:db:ba:05:ff:14:45:2d:e6:2d:f1:fc:7c:70:bd:be:
78:f8:33:4e:41:9a:4c:c6:4d:24:ab:18:df:a7:29:07:98:70:
b6:e0:e4:c7:d3:5c:64:1a:37:d4:63:bb:fc:ec:3e:e2:72:cb:
f5:66:b2:a6
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBQIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZB
NkE2QTY1NUEwQzQyQjk5QzdFMjA4N0VCRUY0NDRBQ0I1NjQ5MzAeFw0yNTAyMTAx
NDEwMDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNGMUE5NDQzNjc2OUE1
MkQzMzgyNDVBQzQ5QzQ0QjNDREIxM0ZBQTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDenCyzSUoHAUZWG3Pxsq1INtLHvP3wenicZ5LMJmALWFXNYPS9
LX4npV8721gG7M+P2QxCe+f2b6cp6g3jBcDVb1XVh/oxn8gs/F6yiFbqwyohj+NM
M0EW/DxkrrgPtAJL0YoRk3zByd8cAqH6pha2uc5iTmmhmIZcJ+6xdM/L7K/O67n+
ynCT0LbSAVz2Qu51pYWCuW2aliW8xN2ujDhDWWbfBo5bnAMtZncEy6WTFcDFIkbm
UO3jnt4bFLLQv2s7uhUyJ07EZlALTfWcjpLqFt9k5wfsMLl3iLkr9RK3qEAeJdWd
Q5/Ke8q8RasWSHOaroVZYpLSPwoikCHApDGXAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUPxqUQ2dppS0zgkWsScRLPNsT+qYwHwYDVR0jBBgwFoAUT6amplWgxCuZx+II
fr70RKy1ZJMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL1Q2
YW1wbFdneEN1WngtSUlmcjcwUkt5MVpKTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
VDZhbXBsV2d4Q3VaeC1JSWZyNzBSS3kxWkpNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL1B4cVVRMmRwcFMwemdrV3NTY1JMUE5z
VC1xWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnmNwwDQYJ
KoZIhvcNAQELBQADggEBANiJgRDN2ZCidd3QXD3D5c9w6xn8lyVZb3a25XHURZJd
Nv1XQoj8cwmkpAWGEU5VB6FeWufKOS89OD1OmlBiGcMHdIdpe229EpZ0gSlJWWbO
T/D/O5pBC+FUhPC+0/Rr3hq60JImmcqGqDErRoSIb0UxnXG+ttK+csy8DalcTaJX
6WFg92xTnyzNbVGOuQXF3jw7042+HSnNbzXIE99YxNmrPYUa/FxvFLPCXmXtMYTm
CNVB5JqZ1YwnZsA0UEgPHGJADtNU8hl5d9u6Bf8URS3mLfH8fHC9vnj4M05BmkzG
TSSrGN+nKQeYcLbg5MfTXGQaN9Rju/zsPuJyy/VmsqY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:22 2025 by rpki-client