Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0OdSpSYJeiaEOW_rz8gN0UrVQFc.roa
File: 0OdSpSYJeiaEOW_rz8gN0UrVQFc.roa (raw, json)
Hash identifier: HaTMLBq2iToqBAT8fxEB7rmwA7Qe/jbVlmJH4yhTaJ8=
Subject key identifier: D0:E7:52:A5:26:09:7A:26:84:39:6F:EB:CF:C8:0D:D1:4A:D5:40:57
Certificate issuer: /CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Certificate serial: 0387
Authority key identifier: D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0OdSpSYJeiaEOW_rz8gN0UrVQFc.roa
Signing time: Mon 10 Feb 2025 14:05:05 +0000
ROA not before: Mon 10 Feb 2025 14:05:05 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18428
IP address blocks: 103.172.126.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 903 (0x387)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D2A09CE42809F4DA9D7B1C4473DDF2F436A599C4
Validity
Not Before: Feb 10 14:05:05 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D0E752A526097A2684396FEBCFC80DD14AD54057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:03:86:54:6b:9e:bd:93:90:55:ed:a5:0f:97:
d0:cc:67:11:40:60:79:83:06:d3:a3:60:7b:b6:be:
5d:28:d0:10:11:94:2e:2c:92:5c:b8:2b:42:9b:d3:
ac:79:b5:ce:b3:21:64:ed:5d:c1:79:00:50:a2:4a:
68:85:50:f8:42:44:9f:bb:54:18:df:17:91:02:d3:
5d:ad:f0:0c:f9:c9:a7:30:16:5b:33:54:93:47:c7:
74:7c:90:01:ab:46:13:92:16:7a:e1:97:91:31:e7:
b1:6d:ed:de:88:8c:b0:eb:72:e7:fe:20:ad:a4:fc:
3b:b5:97:2a:5c:ae:85:96:18:b2:0b:f5:62:22:6a:
94:f6:bc:b4:3f:cf:42:1f:70:a8:23:d2:be:7b:8c:
22:c4:75:d4:e1:13:ed:d1:78:50:40:c4:c3:a7:db:
13:e3:3d:08:4e:a9:70:9b:df:d9:ac:1c:d4:5c:63:
7e:5d:35:74:ef:a2:2c:9d:4f:09:48:95:ab:fb:ca:
8f:02:ba:04:74:7d:40:fd:b1:af:aa:63:8d:5c:a0:
ed:84:73:b8:66:dd:4a:fa:56:98:54:7b:77:26:ef:
99:14:02:0c:ad:3f:23:5b:3a:8d:91:a6:f6:9b:88:
7d:51:c6:2c:2b:de:59:28:02:7a:72:87:c8:05:5c:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:E7:52:A5:26:09:7A:26:84:39:6F:EB:CF:C8:0D:D1:4A:D5:40:57
X509v3 Authority Key Identifier:
keyid:D2:A0:9C:E4:28:09:F4:DA:9D:7B:1C:44:73:DD:F2:F4:36:A5:99:C4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0qCc5CgJ9NqdexxEc93y9DalmcQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/0qCc5CgJ9NqdexxEc93y9DalmcQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MERCYCAT/0OdSpSYJeiaEOW_rz8gN0UrVQFc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.172.126.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:41:2e:7b:82:df:d0:1e:ca:c9:b3:54:cc:ee:01:59:37:c9:
f3:66:d2:57:39:86:19:85:ee:54:89:22:75:11:45:3b:cf:76:
24:57:35:00:0b:9b:3c:b0:d5:d2:03:a7:a2:cf:7f:a4:97:65:
e5:00:c3:e1:f7:ac:d9:3e:a1:e7:26:86:50:d9:30:a2:2b:b8:
25:47:17:64:5e:1a:af:07:fd:ea:48:fc:89:d1:4f:d7:ab:0f:
52:50:3d:0d:69:b1:08:1f:ea:2e:87:e7:f4:d0:a7:34:88:03:
31:81:40:87:4d:ca:ef:41:c8:af:77:54:91:43:c5:71:95:97:
76:c5:13:85:4a:93:80:59:65:e6:58:e3:32:ed:ac:ca:4f:2e:
c2:5d:93:6b:59:7d:a4:e1:35:14:24:c7:b8:1f:4f:3d:b0:3f:
67:80:1f:33:f3:ba:18:d3:b3:29:07:47:bc:b6:de:c6:08:13:
26:57:43:fb:e1:50:e2:60:e9:45:6c:cf:e6:f3:53:c2:72:8d:
54:ef:62:99:75:ab:62:1d:eb:9e:5f:1a:92:ec:40:ed:74:a3:
bd:61:a4:9b:93:af:9b:74:65:88:c9:ca:9f:a2:8b:09:3d:b0:
87:8f:d3:02:50:0c:2c:68:a2:4e:62:d1:09:f6:75:ee:a7:20:
a6:5a:4d:da
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICA4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDJB
MDlDRTQyODA5RjREQTlEN0IxQzQ0NzNEREYyRjQzNkE1OTlDNDAeFw0yNTAyMTAx
NDA1MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQwRTc1MkE1MjYwOTdB
MjY4NDM5NkZFQkNGQzgwREQxNEFENTQwNTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5A4ZUa569k5BV7aUPl9DMZxFAYHmDBtOjYHu2vl0o0BARlC4s
kly4K0Kb06x5tc6zIWTtXcF5AFCiSmiFUPhCRJ+7VBjfF5EC012t8Az5yacwFlsz
VJNHx3R8kAGrRhOSFnrhl5Ex57Ft7d6IjLDrcuf+IK2k/Du1lypcroWWGLIL9WIi
apT2vLQ/z0IfcKgj0r57jCLEddThE+3ReFBAxMOn2xPjPQhOqXCb39msHNRcY35d
NXTvoiydTwlIlav7yo8CugR0fUD9sa+qY41coO2Ec7hm3Ur6VphUe3cm75kUAgyt
PyNbOo2RpvabiH1Rxiwr3lkoAnpyh8gFXAGBAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU0OdSpSYJeiaEOW/rz8gN0UrVQFcwHwYDVR0jBBgwFoAU0qCc5CgJ9NqdexxE
c93y9DalmcQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUVSQ1lD
QVQvMHFDYzVDZ0o5TnFkZXh4RWM5M3k5RGFsbWNRLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8wcUNjNUNnSjlOcWRleHhFYzkzeTlEYWxtY1EuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9NRVJDWUNBVC8wT2RTcFNZSmVpYUVP
V19yejhnTjBVclZRRmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ6x+MA0GCSqGSIb3DQEBCwUAA4IBAQBtQS57gt/QHsrJs1TM7gFZN8nzZtJX
OYYZhe5UiSJ1EUU7z3YkVzUAC5s8sNXSA6eiz3+kl2XlAMPh96zZPqHnJoZQ2TCi
K7glRxdkXhqvB/3qSPyJ0U/Xqw9SUD0NabEIH+ouh+f00Kc0iAMxgUCHTcrvQciv
d1SRQ8VxlZd2xROFSpOAWWXmWOMy7azKTy7CXZNrWX2k4TUUJMe4H089sD9ngB8z
87oY07MpB0e8tt7GCBMmV0P74VDiYOlFbM/m81PCco1U72KZdatiHeueXxqS7EDt
dKO9YaSbk6+bdGWIycqfoosJPbCHj9MCUAwsaKJOYtEJ9nXupyCmWk3a
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:52:29 2025 by rpki-client