Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NSSCYBER/PVaEW0zJ-fv7ukch3ZQlpKgBVf8.roa
File: PVaEW0zJ-fv7ukch3ZQlpKgBVf8.roa (raw, json)
Hash identifier: L6rNXr33AxXyNK3GgtoVxNjNShwbd2YWrbnPQAkxe7E=
Subject key identifier: 3D:56:84:5B:4C:C9:F9:FB:FB:BA:47:21:DD:94:25:A4:A8:01:55:FF
Certificate issuer: /CN=B329DA9268FCFD54D9F38A01ED0CF7092BB6900C
Certificate serial: C1
Authority key identifier: B3:29:DA:92:68:FC:FD:54:D9:F3:8A:01:ED:0C:F7:09:2B:B6:90:0C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/synakmj8_VTZ84oB7Qz3CSu2kAw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NSSCYBER/PVaEW0zJ-fv7ukch3ZQlpKgBVf8.roa
Signing time: Mon 10 Feb 2025 13:58:56 +0000
ROA not before: Mon 10 Feb 2025 13:58:56 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 63898
IP address blocks: 103.158.78.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193 (0xc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B329DA9268FCFD54D9F38A01ED0CF7092BB6900C
Validity
Not Before: Feb 10 13:58:56 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3D56845B4CC9F9FBFBBA4721DD9425A4A80155FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:aa:9a:b5:6b:9f:8a:f1:73:f4:83:97:35:0e:
05:fa:f7:3f:06:86:0f:ae:cb:a1:9d:b9:fe:f8:f9:
99:dc:d6:05:31:74:b3:a2:65:fb:1c:5a:71:39:1a:
23:29:a0:bf:a1:6a:26:5e:f8:80:82:3c:9b:13:fa:
d5:1c:14:e7:cb:be:30:49:11:8b:1b:c7:9d:9c:6c:
f8:57:a3:31:6b:71:03:a2:d4:dd:20:93:e3:10:7c:
e0:a6:ee:eb:78:18:56:88:89:34:60:a9:f7:e1:b1:
98:53:24:23:ba:a8:07:20:dc:7c:bd:e5:f2:0f:97:
ec:a9:1a:3e:81:f2:21:25:45:ec:ee:7f:f9:df:f5:
a1:71:fc:7c:d6:f9:74:ab:1d:05:1d:74:39:ac:1c:
2e:d0:d0:b3:29:71:03:9b:5b:51:38:5a:e9:a6:8c:
b4:e3:6d:71:7a:8b:63:1e:df:25:3c:3b:95:97:59:
5e:6e:d2:24:a8:d9:47:e2:67:98:45:c4:68:6d:4e:
91:76:12:87:6b:4b:3f:8c:a4:62:c1:53:92:8b:e9:
0f:b1:1b:50:e5:75:0a:cc:90:a5:42:82:f3:38:f1:
85:20:74:86:11:39:50:47:02:36:90:0d:3d:78:34:
76:89:67:1f:2c:63:c1:dd:70:ce:28:aa:d5:1d:0a:
8e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:56:84:5B:4C:C9:F9:FB:FB:BA:47:21:DD:94:25:A4:A8:01:55:FF
X509v3 Authority Key Identifier:
keyid:B3:29:DA:92:68:FC:FD:54:D9:F3:8A:01:ED:0C:F7:09:2B:B6:90:0C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NSSCYBER/synakmj8_VTZ84oB7Qz3CSu2kAw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/synakmj8_VTZ84oB7Qz3CSu2kAw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NSSCYBER/PVaEW0zJ-fv7ukch3ZQlpKgBVf8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.158.78.0/23
Signature Algorithm: sha256WithRSAEncryption
41:db:c8:4c:ac:1b:68:e6:58:74:b2:24:a3:e5:c7:22:86:76:
30:11:aa:a8:4e:d8:5b:8d:ec:48:c7:31:1c:7a:8a:14:ab:2b:
f2:81:88:b6:e3:35:00:12:e0:e2:b5:5d:0d:40:ae:fe:ee:bb:
9d:89:df:77:48:4f:ed:d9:da:db:49:d5:cb:1d:33:7e:ef:ee:
b0:4b:d1:b0:a6:e4:80:c9:94:07:42:65:7d:89:15:7e:9a:fd:
9e:15:12:18:f7:86:5d:6c:18:fa:b3:97:2b:cf:19:b5:6e:46:
48:30:57:46:96:70:e4:2b:44:9e:1d:80:93:90:eb:b5:1a:93:
9d:7b:d0:05:c7:04:61:06:44:10:d2:c0:78:15:34:22:55:f7:
42:5b:01:34:ba:e2:f0:1d:b0:be:f2:03:a7:d9:eb:b3:0d:32:
1a:70:14:f6:ea:96:11:ca:22:4c:5c:4b:ff:cc:6c:db:a0:28:
a6:70:18:09:b1:32:45:31:13:f8:f3:d0:77:b5:af:9b:cd:23:
4c:d9:cf:0d:3d:f4:6e:a6:c3:b5:33:be:d9:6f:b1:f7:b5:c3:
49:ff:bf:b3:e2:cd:69:c1:e3:2e:86:f7:31:04:4e:d7:c7:86:
6a:92:07:7b:d2:f6:d1:e1:f1:81:8c:85:92:5b:b3:89:4f:59:
ae:2c:9b:b2
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICAMEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjMy
OURBOTI2OEZDRkQ1NEQ5RjM4QTAxRUQwQ0Y3MDkyQkI2OTAwQzAeFw0yNTAyMTAx
MzU4NTZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNENTY4NDVCNENDOUY5
RkJGQkJBNDcyMUREOTQyNUE0QTgwMTU1RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgqpq1a5+K8XP0g5c1DgX69z8Ghg+uy6Gduf74+Znc1gUxdLOi
ZfscWnE5GiMpoL+haiZe+ICCPJsT+tUcFOfLvjBJEYsbx52cbPhXozFrcQOi1N0g
k+MQfOCm7ut4GFaIiTRgqffhsZhTJCO6qAcg3Hy95fIPl+ypGj6B8iElRezuf/nf
9aFx/HzW+XSrHQUddDmsHC7Q0LMpcQObW1E4WummjLTjbXF6i2Me3yU8O5WXWV5u
0iSo2UfiZ5hFxGhtTpF2EodrSz+MpGLBU5KL6Q+xG1DldQrMkKVCgvM48YUgdIYR
OVBHAjaQDT14NHaJZx8sY8HdcM4oqtUdCo6VAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUPVaEW0zJ+fv7ukch3ZQlpKgBVf8wHwYDVR0jBBgwFoAUsynakmj8/VTZ84oB
7Qz3CSu2kAwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTlNTQ1lC
RVIvc3luYWttajhfVlRaODRvQjdRejNDU3Uya0F3LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9zeW5ha21qOF9WVFo4NG9CN1F6M0NTdTJrQXcuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OU1NDWUJFUi9QVmFFVzB6Si1mdjd1
a2NoM1pRbHBLZ0JWZjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBZ55OMA0GCSqGSIb3DQEBCwUAA4IBAQBB28hMrBto5lh0siSj5ccihnYwEaqo
TthbjexIxzEceooUqyvygYi24zUAEuDitV0NQK7+7rudid93SE/t2drbSdXLHTN+
7+6wS9GwpuSAyZQHQmV9iRV+mv2eFRIY94ZdbBj6s5crzxm1bkZIMFdGlnDkK0Se
HYCTkOu1GpOde9AFxwRhBkQQ0sB4FTQiVfdCWwE0uuLwHbC+8gOn2euzDTIacBT2
6pYRyiJMXEv/zGzboCimcBgJsTJFMRP489B3ta+bzSNM2c8NPfRupsO1M77Zb7H3
tcNJ/7+z4s1pweMuhvcxBE7Xx4Zqkgd70vbR4fGBjIWSW7OJT1muLJuy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:45 2025 by rpki-client