Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/8l_rVvK9SoqOKUPUul8XDfBkYYE.roa
File: 8l_rVvK9SoqOKUPUul8XDfBkYYE.roa (raw, json)
Hash identifier: Dp3k0D9C/ZdVBHT+I/6Sfw7eVzjnLzuMfFIX2F24nJQ=
Subject key identifier: F2:5F:EB:56:F2:BD:4A:8A:8E:29:43:D4:BA:5F:17:0D:F0:64:61:81
Certificate issuer: /CN=3122A9292CC930152ADE5A25848C1BDC4044C902
Certificate serial: 0412
Authority key identifier: 31:22:A9:29:2C:C9:30:15:2A:DE:5A:25:84:8C:1B:DC:40:44:C9:02
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MSKpKSzJMBUq3lolhIwb3EBEyQI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/8l_rVvK9SoqOKUPUul8XDfBkYYE.roa
Signing time: Mon 10 Feb 2025 14:05:10 +0000
ROA not before: Mon 10 Feb 2025 14:05:10 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 132369
IP address blocks: 103.159.88.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1042 (0x412)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3122A9292CC930152ADE5A25848C1BDC4044C902
Validity
Not Before: Feb 10 14:05:10 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F25FEB56F2BD4A8A8E2943D4BA5F170DF0646181
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9a:90:79:99:14:c2:c1:cf:05:13:69:a0:d9:
a8:67:01:e2:9b:4b:71:80:4f:11:f2:11:e0:51:52:
03:69:86:2f:72:55:6d:93:88:bd:51:9d:1d:54:fd:
3e:2f:22:c6:66:85:ec:b1:cf:2f:07:75:0c:58:22:
9f:34:9f:33:9f:22:85:c4:47:9c:64:3b:c3:e3:fc:
35:ef:8a:df:96:78:17:55:2c:9a:47:30:88:cd:59:
38:68:95:ba:67:d3:fd:53:18:47:27:78:a3:ee:cd:
dd:3f:70:31:08:37:fa:66:83:0a:b1:93:d4:33:90:
99:4d:5e:ac:72:33:2c:01:cf:81:3a:07:d0:85:ab:
ec:a1:af:72:b8:c4:39:81:a6:bf:f2:16:98:69:c6:
12:c0:e5:c4:53:99:75:dd:2d:aa:70:ed:ee:4e:c0:
28:f0:91:41:29:a6:d2:54:0f:1a:0c:4a:7d:69:7d:
3b:56:b5:28:a2:42:2e:ac:56:81:93:2a:83:28:44:
14:db:9e:cd:25:ef:ff:a4:67:37:f8:0d:8e:77:58:
d4:14:ad:3b:fc:03:36:4a:9b:bd:73:b2:cf:08:dd:
9b:24:9c:88:34:15:60:ca:50:c6:a7:25:f7:f1:5a:
10:da:6b:f6:64:3f:cb:69:19:7b:51:61:d1:68:cd:
81:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5F:EB:56:F2:BD:4A:8A:8E:29:43:D4:BA:5F:17:0D:F0:64:61:81
X509v3 Authority Key Identifier:
keyid:31:22:A9:29:2C:C9:30:15:2A:DE:5A:25:84:8C:1B:DC:40:44:C9:02
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/MSKpKSzJMBUq3lolhIwb3EBEyQI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MSKpKSzJMBUq3lolhIwb3EBEyQI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NIMBUSCOM/8l_rVvK9SoqOKUPUul8XDfBkYYE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.88.0/23
Signature Algorithm: sha256WithRSAEncryption
66:27:7b:2b:02:cb:81:a0:d1:ae:42:82:97:2b:7a:a1:54:20:
f4:ea:95:3a:35:38:a8:86:66:b3:16:dc:38:ef:c4:bf:56:4c:
7e:1b:7e:87:94:69:18:b5:7e:d5:d6:8a:8a:07:6d:c5:a9:29:
4a:66:17:7d:34:52:8b:4a:e8:a8:d7:58:cd:94:bf:9e:b0:cf:
bb:3f:6a:a5:f2:40:c1:ea:36:57:25:c5:3d:1d:46:2f:17:2e:
5e:42:a1:ca:39:83:5b:13:13:34:f8:02:b0:8e:83:13:07:f5:
eb:4d:8c:9b:15:ad:69:8d:e8:2e:8b:2d:37:07:4c:52:7d:94:
49:38:06:0f:76:74:80:21:48:54:3e:5b:93:68:65:85:a3:73:
75:a5:51:d6:23:6f:fd:80:ce:4a:e9:e6:42:22:47:d4:86:65:
39:a0:92:e9:67:05:c8:18:6f:80:fd:0f:41:2a:62:18:b0:44:
22:11:3e:b7:10:2e:55:7c:46:27:56:82:10:07:e0:6e:e2:e4:
50:ac:52:4c:50:6c:c4:c3:62:68:5f:0c:57:0d:7b:b8:02:16:
0d:3e:9d:33:57:02:de:40:8f:e9:45:61:df:f2:cc:ae:f2:6e:
87:70:0d:c5:7b:86:53:fd:8b:02:e1:ab:8f:55:2f:a2:c8:9e:
24:e8:23:15
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICBBIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEy
MkE5MjkyQ0M5MzAxNTJBREU1QTI1ODQ4QzFCREM0MDQ0QzkwMjAeFw0yNTAyMTAx
NDA1MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEYyNUZFQjU2RjJCRDRB
OEE4RTI5NDNENEJBNUYxNzBERjA2NDYxODEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBmpB5mRTCwc8FE2mg2ahnAeKbS3GATxHyEeBRUgNphi9yVW2T
iL1RnR1U/T4vIsZmheyxzy8HdQxYIp80nzOfIoXER5xkO8Pj/DXvit+WeBdVLJpH
MIjNWTholbpn0/1TGEcneKPuzd0/cDEIN/pmgwqxk9QzkJlNXqxyMywBz4E6B9CF
q+yhr3K4xDmBpr/yFphpxhLA5cRTmXXdLapw7e5OwCjwkUEpptJUDxoMSn1pfTtW
tSiiQi6sVoGTKoMoRBTbns0l7/+kZzf4DY53WNQUrTv8AzZKm71zss8I3ZsknIg0
FWDKUManJffxWhDaa/ZkP8tpGXtRYdFozYHBAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU8l/rVvK9SoqOKUPUul8XDfBkYYEwHwYDVR0jBBgwFoAUMSKpKSzJMBUq3lol
hIwb3EBEyQIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVT
Q09NL01TS3BLU3pKTUJVcTNsb2xoSXdiM0VCRXlRSS5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvTVNLcEtTekpNQlVxM2xvbGhJd2IzRUJFeVFJLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTklNQlVTQ09NLzhsX3JWdks5U29x
T0tVUFV1bDhYRGZCa1lZRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFnn1gwDQYJKoZIhvcNAQELBQADggEBAGYneysCy4Gg0a5CgpcreqFUIPTq
lTo1OKiGZrMW3DjvxL9WTH4bfoeUaRi1ftXWiooHbcWpKUpmF300UotK6KjXWM2U
v56wz7s/aqXyQMHqNlclxT0dRi8XLl5Coco5g1sTEzT4ArCOgxMH9etNjJsVrWmN
6C6LLTcHTFJ9lEk4Bg92dIAhSFQ+W5NoZYWjc3WlUdYjb/2Azkrp5kIiR9SGZTmg
kulnBcgYb4D9D0EqYhiwRCIRPrcQLlV8RidWghAH4G7i5FCsUkxQbMTDYmhfDFcN
e7gCFg0+nTNXAt5Aj+lFYd/yzK7ybodwDcV7hlP9iwLhq49VL6LIniToIxU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:31:18 2025 by rpki-client