Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PNI/0DzbKt-9Ck1vWCOrpBw1fr_j-SU.roa
File: 0DzbKt-9Ck1vWCOrpBw1fr_j-SU.roa (raw, json)
Hash identifier: fuu34OoC1Zm9tRhafcYbsuJd7DZrRvQBPELhCPklNuI=
Subject key identifier: D0:3C:DB:2A:DF:BD:0A:4D:6F:58:23:AB:A4:1C:35:7E:BF:E3:F9:25
Certificate issuer: /CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Certificate serial: 08E6
Authority key identifier: 31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/0DzbKt-9Ck1vWCOrpBw1fr_j-SU.roa
Signing time: Mon 10 Feb 2025 14:10:47 +0000
ROA not before: Mon 10 Feb 2025 14:10:47 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131642
IP address blocks: 103.137.246.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2278 (0x8e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3118C334DA58D7C0021DCAACA881DFB9DC8365FF
Validity
Not Before: Feb 10 14:10:47 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D03CDB2ADFBD0A4D6F5823ABA41C357EBFE3F925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2f:32:00:b4:9f:6b:95:77:ae:1f:70:55:60:
0a:3d:1d:46:77:ed:43:0e:73:e4:bc:63:8b:32:b2:
4b:ab:7f:f0:4c:18:4e:9b:b7:ed:6b:b2:cb:6c:d0:
21:c0:47:f4:4c:a3:4f:5e:d1:4c:41:7a:26:39:38:
a6:2f:c2:d0:69:23:be:f6:51:04:85:64:73:88:27:
1a:12:df:9e:6b:0a:ad:ef:26:c6:26:8a:9a:fc:3d:
80:db:99:b6:9e:ac:6b:d7:17:65:a4:76:ca:ef:3d:
98:45:08:e8:f9:ec:b2:c5:83:12:89:6f:14:96:3e:
13:2b:06:d9:66:f2:cf:f8:54:d6:00:f9:bb:4b:0f:
1e:43:8d:77:96:b2:77:1b:e8:44:83:04:e9:bd:a1:
2c:eb:15:0e:c0:75:8f:66:e1:64:c5:ed:a3:a1:56:
1c:92:69:e0:e8:76:21:f7:3c:d8:82:2c:38:33:d7:
81:33:32:2d:6a:9b:d0:c2:07:35:e5:29:66:df:05:
af:a6:50:8c:b0:e1:ab:f7:37:7f:dc:7b:de:67:73:
74:ca:56:12:c5:e9:30:fc:45:da:f6:1f:ab:b9:96:
db:5c:74:29:7c:95:15:97:62:cf:d0:1d:63:a6:00:
1b:cd:9a:ed:8c:9f:82:ee:f4:12:e1:f0:de:e2:63:
86:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3C:DB:2A:DF:BD:0A:4D:6F:58:23:AB:A4:1C:35:7E:BF:E3:F9:25
X509v3 Authority Key Identifier:
keyid:31:18:C3:34:DA:58:D7:C0:02:1D:CA:AC:A8:81:DF:B9:DC:83:65:FF
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/MRjDNNpY18ACHcqsqIHfudyDZf8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MRjDNNpY18ACHcqsqIHfudyDZf8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PNI/0DzbKt-9Ck1vWCOrpBw1fr_j-SU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.137.246.0/23
Signature Algorithm: sha256WithRSAEncryption
36:06:47:58:f4:7c:75:70:c9:13:48:5f:10:c2:8e:8e:f5:27:
8c:2c:f3:e6:4d:71:54:6b:a3:b8:ae:0d:18:28:8b:a9:fd:37:
a5:cc:86:be:20:7b:e8:a6:59:99:38:2f:16:77:d3:77:a3:b5:
5d:ce:da:33:da:48:8e:87:91:75:e0:16:53:db:7a:1b:fe:b9:
19:a1:8e:90:5d:ac:86:80:53:ee:4d:97:35:1f:ae:8e:4c:ca:
db:4f:4e:17:15:0c:68:58:db:40:38:6f:ba:5a:3a:c9:36:d9:
1e:5f:90:ba:7b:63:7b:3c:7a:1f:94:b4:28:9e:4d:8a:35:99:
5c:58:d8:5f:ed:d1:10:76:96:98:7c:df:35:8a:bf:a8:8d:20:
3f:e0:80:9e:22:99:8a:c1:fe:20:2e:2e:9f:0a:3f:03:ea:ed:
d2:30:57:ef:a7:46:58:d7:95:0e:51:48:c8:3b:7c:20:43:67:
6a:f3:48:c5:e9:60:a7:11:38:f4:83:58:0f:a5:eb:85:ca:c6:
94:e9:77:cf:2c:28:1e:d8:78:9f:27:a5:98:51:21:25:d6:f7:
c1:13:c2:b6:7f:2f:5c:f4:df:e2:af:15:0e:fe:67:24:0f:05:
e8:bb:19:a3:09:76:95:66:de:5f:60:a2:4e:93:7f:9a:5c:52:
17:cb:b5:a3
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCOYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzEx
OEMzMzREQTU4RDdDMDAyMURDQUFDQTg4MURGQjlEQzgzNjVGRjAeFw0yNTAyMTAx
NDEwNDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQwM0NEQjJBREZCRDBB
NEQ2RjU4MjNBQkE0MUMzNTdFQkZFM0Y5MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZLzIAtJ9rlXeuH3BVYAo9HUZ37UMOc+S8Y4syskurf/BMGE6b
t+1rssts0CHAR/RMo09e0UxBeiY5OKYvwtBpI772UQSFZHOIJxoS355rCq3vJsYm
ipr8PYDbmbaerGvXF2WkdsrvPZhFCOj57LLFgxKJbxSWPhMrBtlm8s/4VNYA+btL
Dx5DjXeWsncb6ESDBOm9oSzrFQ7AdY9m4WTF7aOhVhySaeDodiH3PNiCLDgz14Ez
Mi1qm9DCBzXlKWbfBa+mUIyw4av3N3/ce95nc3TKVhLF6TD8Rdr2H6u5lttcdCl8
lRWXYs/QHWOmABvNmu2Mn4Lu9BLh8N7iY4ZjAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU0DzbKt+9Ck1vWCOrpBw1fr/j+SUwHwYDVR0jBBgwFoAUMRjDNNpY18ACHcqs
qIHfudyDZf8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JL01S
akROTnBZMThBQ0hjcXNxSUhmdWR5RFpmOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TVJqRE5OcFkxOEFDSGNxc3FJSGZ1ZHlEWmY4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvUE5JLzBEemJLdC05Q2sxdldDT3JwQncxZnJf
ai1TVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnifYwDQYJ
KoZIhvcNAQELBQADggEBADYGR1j0fHVwyRNIXxDCjo71J4ws8+ZNcVRro7iuDRgo
i6n9N6XMhr4ge+imWZk4LxZ303ejtV3O2jPaSI6HkXXgFlPbehv+uRmhjpBdrIaA
U+5NlzUfro5MyttPThcVDGhY20A4b7paOsk22R5fkLp7Y3s8eh+UtCieTYo1mVxY
2F/t0RB2lph83zWKv6iNID/ggJ4imYrB/iAuLp8KPwPq7dIwV++nRljXlQ5RSMg7
fCBDZ2rzSMXpYKcROPSDWA+l64XKxpTpd88sKB7YeJ8npZhRISXW98ETwrZ/L1z0
3+KvFQ7+ZyQPBei7GaMJdpVm3l9gok6Tf5pcUhfLtaM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:10:23 2025 by rpki-client