Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/4Z0Ra-BFbrDwjXz96alVMKnnv94.roa
File: 4Z0Ra-BFbrDwjXz96alVMKnnv94.roa (raw, json)
Hash identifier: IgAChiYrervGcI6lR5Y3CxbY76Ew3edw84Mt4YPB+3g=
Subject key identifier: E1:9D:11:6B:E0:45:6E:B0:F0:8D:7C:FD:E9:A9:55:30:A9:E7:BF:DE
Certificate issuer: /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial: 13E9
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/4Z0Ra-BFbrDwjXz96alVMKnnv94.roa
Signing time: Fri 10 Jan 2025 07:33:01 +0000
ROA not before: Fri 10 Jan 2025 07:33:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 202525
IP address blocks: 103.123.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5097 (0x13e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Validity
Not Before: Jan 10 07:33:01 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=E19D116BE0456EB0F08D7CFDE9A95530A9E7BFDE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:40:d4:35:fb:31:19:88:10:49:b1:c5:d3:c6:
1a:75:52:7f:96:00:83:cf:89:47:82:c5:23:71:e6:
aa:64:35:81:2c:2b:80:e1:c7:e1:dd:7e:93:e1:26:
6a:22:e3:51:2c:83:70:43:3c:a9:be:b0:09:f4:38:
cb:17:ea:2f:9f:98:c8:17:de:85:73:f6:45:69:ef:
66:11:8f:50:17:7a:88:40:7e:72:de:29:10:8c:34:
68:df:be:dd:78:98:2b:3e:66:af:12:c5:14:1d:24:
ec:32:d0:be:a3:9f:aa:04:94:d1:dc:4c:28:84:c6:
76:b6:04:50:4a:1a:81:45:14:95:2b:08:1e:4a:5c:
b0:f9:7b:5f:70:7d:ff:f5:48:63:6d:de:39:b4:f0:
fe:88:bc:aa:83:ca:39:8f:25:44:f3:a4:ee:5e:cb:
c1:b9:e0:41:7f:73:c5:18:1c:ed:1b:de:9c:35:1b:
c5:a3:c8:f6:33:b3:33:9b:85:10:b3:76:74:2f:61:
7b:fa:92:a6:7a:cf:ff:5e:7a:2d:1e:6b:86:37:39:
7d:91:a5:6e:45:59:1b:4d:ec:67:18:7a:66:41:a3:
49:7b:4c:54:53:eb:ff:eb:ff:de:93:fe:43:7b:3a:
e8:15:58:cb:53:2b:2b:f1:e6:4d:04:3d:e4:e0:2d:
56:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9D:11:6B:E0:45:6E:B0:F0:8D:7C:FD:E9:A9:55:30:A9:E7:BF:DE
X509v3 Authority Key Identifier:
keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/4Z0Ra-BFbrDwjXz96alVMKnnv94.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.216.0/24
Signature Algorithm: sha256WithRSAEncryption
27:cb:25:9f:38:10:a3:4a:99:05:92:ba:34:a0:76:18:7a:3c:
ee:ef:12:d4:5a:a7:98:92:ac:1b:f0:a5:e5:21:f2:a8:47:a6:
29:ce:29:50:85:da:b0:b8:79:84:a4:57:a0:99:0d:aa:a8:9d:
43:23:d7:7a:8f:b6:df:cb:fb:aa:22:51:70:85:a9:48:47:af:
dd:d3:b9:4b:67:7e:4b:b5:bb:25:9b:fc:6a:6f:d5:2e:01:1d:
b2:1d:12:4c:32:db:52:37:a5:5f:c2:01:0a:dd:63:02:9f:c9:
57:26:6c:e8:f1:62:f2:22:23:a9:ff:e4:03:2b:6d:6c:bb:bc:
40:14:ed:f9:61:5c:a7:c1:61:91:70:8e:22:87:37:71:2a:bd:
7b:38:90:b0:f9:f1:f8:ae:f0:0b:00:42:48:2d:0a:1e:65:d6:
c5:29:cd:71:60:ed:b6:5e:5a:fe:6a:9f:b2:97:49:e8:00:0e:
c7:af:92:72:9b:4b:6e:c2:89:3f:91:a9:60:67:22:b3:67:06:
c9:30:2f:ba:93:57:ca:6e:a3:89:50:26:42:68:3e:8e:f7:43:
5d:c4:57:bb:6d:df:e4:d5:0a:2f:b8:40:4c:53:dc:43:1c:30:
e6:54:9d:fc:31:7d:84:52:38:e4:3f:a9:86:1e:7b:ac:b6:48:
53:6f:2c:bf
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICE+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yNTAxMTAw
NzMzMDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEUxOUQxMTZCRTA0NTZF
QjBGMDhEN0NGREU5QTk1NTMwQTlFN0JGREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyQNQ1+zEZiBBJscXTxhp1Un+WAIPPiUeCxSNx5qpkNYEsK4Dh
x+HdfpPhJmoi41Esg3BDPKm+sAn0OMsX6i+fmMgX3oVz9kVp72YRj1AXeohAfnLe
KRCMNGjfvt14mCs+Zq8SxRQdJOwy0L6jn6oElNHcTCiExna2BFBKGoFFFJUrCB5K
XLD5e19wff/1SGNt3jm08P6IvKqDyjmPJUTzpO5ey8G54EF/c8UYHO0b3pw1G8Wj
yPYzszObhRCzdnQvYXv6kqZ6z/9eei0ea4Y3OX2RpW5FWRtN7GcYemZBo0l7TFRT
6//r/96T/kN7OugVWMtTKyvx5k0EPeTgLVa9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU4Z0Ra+BFbrDwjXz96alVMKnnv94wHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC80WjBSYS1CRmJyRHdqWHo5NmFs
Vk1Lbm52OTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3vY
MA0GCSqGSIb3DQEBCwUAA4IBAQAnyyWfOBCjSpkFkro0oHYYejzu7xLUWqeYkqwb
8KXlIfKoR6YpzilQhdqwuHmEpFegmQ2qqJ1DI9d6j7bfy/uqIlFwhalIR6/d07lL
Z35Ltbslm/xqb9UuAR2yHRJMMttSN6VfwgEK3WMCn8lXJmzo8WLyIiOp/+QDK21s
u7xAFO35YVynwWGRcI4ihzdxKr17OJCw+fH4rvALAEJILQoeZdbFKc1xYO22Xlr+
ap+yl0noAA7Hr5Jym0tuwok/kalgZyKzZwbJMC+6k1fKbqOJUCZCaD6O90NdxFe7
bd/k1QovuEBMU9xDHDDmVJ38MX2EUjjkP6mGHnustkhTbyy/
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:21:06 2025 by rpki-client