Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PIXNET/mM3Nb_tniJXH9D-9ga5i2VdvEys.roa
File: mM3Nb_tniJXH9D-9ga5i2VdvEys.roa (raw, json)
Hash identifier: vMNmlFIKS5yRo4GlgL6RlDhMLdChu+iWCeZ2PdbtG8E=
Subject key identifier: 98:CD:CD:6F:FB:67:88:95:C7:F4:3F:BD:81:AE:62:D9:57:6F:13:2B
Certificate issuer: /CN=CDF44277BA96FC60729008649C09B0AEA07033E8
Certificate serial: 0C49
Authority key identifier: CD:F4:42:77:BA:96:FC:60:72:90:08:64:9C:09:B0:AE:A0:70:33:E8
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zfRCd7qW_GBykAhknAmwrqBwM-g.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/mM3Nb_tniJXH9D-9ga5i2VdvEys.roa
Signing time: Mon 10 Feb 2025 14:14:36 +0000
ROA not before: Mon 10 Feb 2025 14:14:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9924
IP address blocks: 103.23.108.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3145 (0xc49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CDF44277BA96FC60729008649C09B0AEA07033E8
Validity
Not Before: Feb 10 14:14:36 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=98CDCD6FFB678895C7F43FBD81AE62D9576F132B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d0:da:d5:1c:fd:f4:65:38:47:61:40:a9:57:
3d:76:0a:e2:1a:0d:cf:11:79:35:63:63:d9:f6:1d:
35:4d:42:f3:32:41:95:55:eb:2b:f5:69:6c:e2:3b:
e3:3a:53:c8:92:12:14:65:0e:f8:db:a4:3a:1f:a3:
ff:7d:40:8e:76:c2:97:f9:84:ee:f9:bc:3f:08:d9:
f7:d7:ff:ac:f6:f5:fa:3c:c9:9d:7c:dc:95:f1:a8:
d5:ef:d5:3c:0b:b7:fa:62:f5:4d:f8:38:7d:01:b7:
da:69:f2:d5:3f:48:15:9d:30:2a:f3:5c:1a:1e:9d:
9d:52:4f:11:b9:cb:8c:5b:0f:67:74:64:57:42:cf:
43:83:ab:91:08:1b:bf:0c:f7:0b:d8:55:8e:1c:98:
d6:3d:9b:60:37:3c:c1:59:cb:8f:0f:bb:8a:ba:b3:
fe:17:0a:6f:dc:9f:c9:71:24:aa:1b:b5:e6:48:38:
56:15:2d:fb:08:50:a4:55:ba:c2:23:fe:96:19:bf:
92:89:53:9d:c0:50:4b:8f:77:44:a9:ce:1d:89:e2:
57:41:f2:01:ac:5b:dc:e5:9c:f6:99:9c:32:16:ac:
35:1c:83:aa:51:65:35:a0:4a:ff:ea:7d:17:a9:2f:
6f:80:33:85:6f:c9:fa:c8:7c:c8:c8:19:4e:d2:9e:
5e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:CD:CD:6F:FB:67:88:95:C7:F4:3F:BD:81:AE:62:D9:57:6F:13:2B
X509v3 Authority Key Identifier:
keyid:CD:F4:42:77:BA:96:FC:60:72:90:08:64:9C:09:B0:AE:A0:70:33:E8
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/zfRCd7qW_GBykAhknAmwrqBwM-g.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zfRCd7qW_GBykAhknAmwrqBwM-g.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIXNET/mM3Nb_tniJXH9D-9ga5i2VdvEys.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.23.108.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:a4:d8:4b:90:29:5d:0d:46:f4:86:2e:c6:01:38:85:08:e6:
76:f3:e6:2b:ce:39:88:57:1e:de:91:66:94:4f:8d:d7:0f:8d:
b9:d5:cf:1e:b7:d5:a8:dd:96:42:08:7e:2a:87:41:24:5a:49:
44:d4:d0:11:42:7a:e6:05:19:37:25:4c:89:6c:9c:1c:0a:6d:
83:ae:fb:d2:25:97:9a:d8:c3:8e:f3:6e:b2:90:99:48:bf:16:
43:ec:f8:26:29:a2:7d:70:65:81:31:d0:fb:f5:27:c3:69:80:
a9:86:e1:a2:b6:69:eb:ff:4a:36:22:14:54:62:3b:ce:96:43:
61:3a:1a:0a:39:7e:14:c8:09:10:67:c4:35:49:97:28:6a:24:
9a:f4:a9:26:fe:ef:3d:9f:d4:55:ce:ee:89:7a:42:f5:04:3f:
89:17:15:45:b1:dc:35:02:3f:39:41:98:43:98:f1:85:2e:b0:
90:a5:1c:1b:cf:b7:f1:e1:1e:6e:ab:9b:fb:7c:b1:14:19:dc:
7a:3c:a8:c6:7a:15:2e:0d:45:8e:0a:bf:2d:f2:27:d5:91:31:
85:22:6a:8c:5a:98:5d:b7:fa:ba:d7:08:32:6f:7b:b4:eb:28:
e7:75:90:65:c0:b6:de:50:14:65:2a:f6:ba:51:48:66:2f:5b:
df:b0:fb:c6
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0RG
NDQyNzdCQTk2RkM2MDcyOTAwODY0OUMwOUIwQUVBMDcwMzNFODAeFw0yNTAyMTAx
NDE0MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk4Q0RDRDZGRkI2Nzg4
OTVDN0Y0M0ZCRDgxQUU2MkQ5NTc2RjEzMkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC0NrVHP30ZThHYUCpVz12CuIaDc8ReTVjY9n2HTVNQvMyQZVV
6yv1aWziO+M6U8iSEhRlDvjbpDofo/99QI52wpf5hO75vD8I2ffX/6z29fo8yZ18
3JXxqNXv1TwLt/pi9U34OH0Bt9pp8tU/SBWdMCrzXBoenZ1STxG5y4xbD2d0ZFdC
z0ODq5EIG78M9wvYVY4cmNY9m2A3PMFZy48Pu4q6s/4XCm/cn8lxJKobteZIOFYV
LfsIUKRVusIj/pYZv5KJU53AUEuPd0Spzh2J4ldB8gGsW9zlnPaZnDIWrDUcg6pR
ZTWgSv/qfRepL2+AM4VvyfrIfMjIGU7Snl5fAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUmM3Nb/tniJXH9D+9ga5i2VdvEyswHwYDVR0jBBgwFoAUzfRCd7qW/GBykAhk
nAmwrqBwM+gwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElYTkVU
L3pmUkNkN3FXX0dCeWtBaGtuQW13cnFCd00tZy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvemZSQ2Q3cVdfR0J5a0Foa25BbXdycUJ3TS1nLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElYTkVUL21NM05iX3RuaUpYSDlELTln
YTVpMlZkdkV5cy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn
F2wwDQYJKoZIhvcNAQELBQADggEBALik2EuQKV0NRvSGLsYBOIUI5nbz5ivOOYhX
Ht6RZpRPjdcPjbnVzx631ajdlkIIfiqHQSRaSUTU0BFCeuYFGTclTIlsnBwKbYOu
+9Ill5rYw47zbrKQmUi/FkPs+CYpon1wZYEx0Pv1J8NpgKmG4aK2aev/SjYiFFRi
O86WQ2E6Ggo5fhTICRBnxDVJlyhqJJr0qSb+7z2f1FXO7ol6QvUEP4kXFUWx3DUC
PzlBmEOY8YUusJClHBvPt/HhHm6rm/t8sRQZ3Ho8qMZ6FS4NRY4Kvy3yJ9WRMYUi
aoxamF23+rrXCDJve7TrKOd1kGXAtt5QFGUq9rpRSGYvW9+w+8Y=
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:23:05 2025 by rpki-client