Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MCK/vEqhNdlOquSa0-GgPRAHeWilPqw.roa
File: vEqhNdlOquSa0-GgPRAHeWilPqw.roa (raw, json)
Hash identifier: 6UnVBy6pHxRVFZkADEZg9282cLAAhsYRGbH/1LoMKNI=
Subject key identifier: BC:4A:A1:35:D9:4E:AA:E4:9A:D3:E1:A0:3D:10:07:79:68:A5:3E:AC
Certificate issuer: /CN=83CF8C19843BACDE6445D4BD4A1E66441B23F3E3
Certificate serial: 0893
Authority key identifier: 83:CF:8C:19:84:3B:AC:DE:64:45:D4:BD:4A:1E:66:44:1B:23:F3:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/vEqhNdlOquSa0-GgPRAHeWilPqw.roa
Signing time: Mon 10 Feb 2025 14:00:53 +0000
ROA not before: Mon 10 Feb 2025 14:00:53 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131618
IP address blocks: 103.148.68.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2195 (0x893)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83CF8C19843BACDE6445D4BD4A1E66441B23F3E3
Validity
Not Before: Feb 10 14:00:53 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=BC4AA135D94EAAE49AD3E1A03D10077968A53EAC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:58:8d:dc:2b:5e:dd:d0:9f:43:79:d8:df:0c:
a4:e2:5f:41:60:93:d4:42:36:e8:8a:72:6b:9a:fd:
2c:c7:de:ee:20:70:93:cb:5b:cc:7e:8c:84:5c:d3:
f4:c0:1e:06:a5:60:17:31:a4:d4:12:a8:77:ed:f8:
79:c6:d8:60:b1:3c:74:05:cf:60:4e:3b:8f:7a:fa:
bf:85:ff:16:c3:f8:64:22:c4:5f:ad:61:ea:98:a1:
91:42:69:cd:45:d5:c0:ef:cf:26:93:a1:a0:ee:89:
fb:dd:36:b6:72:48:d7:06:72:57:99:91:ff:00:a2:
d5:41:3d:ee:ca:ec:0d:89:f8:d8:96:59:aa:55:69:
f3:12:87:3f:19:de:7f:b2:35:67:fe:fe:1f:47:94:
69:87:c8:1a:d6:bd:2e:75:69:45:07:57:b9:26:31:
fe:70:5c:bc:9b:c4:8b:c6:85:e5:9b:5f:cd:89:bb:
52:aa:7f:58:05:e3:2a:7e:bb:b1:8a:a3:d8:4f:00:
6a:82:52:4b:bc:56:81:44:88:e5:31:76:8f:7e:0f:
38:80:2d:a3:fa:fd:35:be:ea:96:45:35:a7:6d:ae:
53:20:06:59:f7:66:9f:66:83:28:b7:38:73:b0:13:
5d:39:91:69:03:c8:e8:18:62:9f:86:d0:5b:76:4d:
4b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:4A:A1:35:D9:4E:AA:E4:9A:D3:E1:A0:3D:10:07:79:68:A5:3E:AC
X509v3 Authority Key Identifier:
keyid:83:CF:8C:19:84:3B:AC:DE:64:45:D4:BD:4A:1E:66:44:1B:23:F3:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/vEqhNdlOquSa0-GgPRAHeWilPqw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.68.0/23
Signature Algorithm: sha256WithRSAEncryption
61:f3:ef:0f:8f:4d:26:5c:a8:f3:50:c1:24:30:7f:b2:2b:d9:
cb:9b:74:99:38:2c:8a:6b:2a:d0:4f:33:29:84:87:c7:77:e1:
a6:d8:b9:f0:79:5b:a6:62:89:00:66:68:0b:ae:12:61:10:e0:
28:d1:ea:2a:b4:c4:ec:b2:7a:78:80:b4:35:7e:19:7d:19:32:
99:93:dd:5f:45:66:7d:03:7c:e6:3d:cd:4e:89:fc:57:da:20:
f5:d7:db:45:ea:b5:2f:0f:a5:12:84:ed:b9:d0:02:06:5e:ad:
af:61:d1:b0:c9:80:bd:15:8b:b0:84:19:5f:7d:f1:c7:63:d8:
35:a0:36:c1:cf:6c:7f:8a:9c:c9:5d:e1:7e:04:48:92:26:49:
1b:1b:3e:61:e6:fe:20:3f:fc:73:56:bf:b4:7f:68:49:16:32:
cc:82:7f:67:66:be:78:35:e6:64:e2:6d:90:46:f9:69:2e:d5:
b6:b2:44:08:b8:0a:8d:7f:9a:25:ac:58:2a:11:cf:b7:f7:09:
e8:2a:fb:92:7e:0a:e0:80:68:f9:0a:41:d1:fc:af:8a:15:98:
53:11:a4:24:9d:8c:c3:08:73:d2:d2:ce:aa:2e:0f:e4:dd:20:
95:43:55:d6:3f:db:5e:80:84:45:cc:76:4f:54:a2:40:1d:d3:
84:9c:bc:3e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCJMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODND
RjhDMTk4NDNCQUNERTY0NDVENEJENEExRTY2NDQxQjIzRjNFMzAeFw0yNTAyMTAx
NDAwNTNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJDNEFBMTM1RDk0RUFB
RTQ5QUQzRTFBMDNEMTAwNzc5NjhBNTNFQUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvWI3cK17d0J9DedjfDKTiX0Fgk9RCNuiKcmua/SzH3u4gcJPL
W8x+jIRc0/TAHgalYBcxpNQSqHft+HnG2GCxPHQFz2BOO496+r+F/xbD+GQixF+t
YeqYoZFCac1F1cDvzyaToaDuifvdNrZySNcGcleZkf8AotVBPe7K7A2J+NiWWapV
afMShz8Z3n+yNWf+/h9HlGmHyBrWvS51aUUHV7kmMf5wXLybxIvGheWbX82Ju1Kq
f1gF4yp+u7GKo9hPAGqCUku8VoFEiOUxdo9+DziALaP6/TW+6pZFNadtrlMgBln3
Zp9mgyi3OHOwE105kWkDyOgYYp+G0Ft2TUsDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUvEqhNdlOquSa0+GgPRAHeWilPqwwHwYDVR0jBBgwFoAUg8+MGYQ7rN5kRdS9
Sh5mRBsj8+MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUNLL2c4
LU1HWVE3ck41a1JkUzlTaDVtUkJzajgtTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZzgtTUdZUTdyTjVrUmRTOVNoNW1SQnNqOC1NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTUNLL3ZFcWhOZGxPcXVTYTAtR2dQUkFIZVdp
bFBxdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEQwDQYJ
KoZIhvcNAQELBQADggEBAGHz7w+PTSZcqPNQwSQwf7Ir2cubdJk4LIprKtBPMymE
h8d34abYufB5W6ZiiQBmaAuuEmEQ4CjR6iq0xOyyeniAtDV+GX0ZMpmT3V9FZn0D
fOY9zU6J/FfaIPXX20XqtS8PpRKE7bnQAgZera9h0bDJgL0Vi7CEGV998cdj2DWg
NsHPbH+KnMld4X4ESJImSRsbPmHm/iA//HNWv7R/aEkWMsyCf2dmvng15mTibZBG
+Wku1bayRAi4Co1/miWsWCoRz7f3Cegq+5J+CuCAaPkKQdH8r4oVmFMRpCSdjMMI
c9LSzqouD+TdIJVDVdY/216AhEXMdk9UokAd04ScvD4=
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:50:01 2025 by rpki-client