Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/yRSx7igzyvU1Xt8n5IsAkkt7aFw.roa
File: yRSx7igzyvU1Xt8n5IsAkkt7aFw.roa (raw, json)
Hash identifier: bo8YbhEQ+jONdPxASh8b5szJWVef+c7Y4zIzGjXvqfo=
Subject key identifier: C9:14:B1:EE:28:33:CA:F5:35:5E:DF:27:E4:8B:00:92:4B:7B:68:5C
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0D5D
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/yRSx7igzyvU1Xt8n5IsAkkt7aFw.roa
Signing time: Mon 10 Feb 2025 14:12:17 +0000
ROA not before: Mon 10 Feb 2025 14:12:17 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 4780
IP address blocks: 203.121.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3421 (0xd5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Feb 10 14:12:17 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C914B1EE2833CAF5355EDF27E48B00924B7B685C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b2:0a:4d:ef:a7:9b:52:cb:87:b5:00:cc:3a:
55:9c:f5:a5:a2:2d:29:b8:07:64:c5:de:d7:c5:6c:
2f:6e:41:29:01:b1:c5:1f:17:0f:ac:8b:e7:c9:93:
58:8e:68:71:e0:6d:fa:41:9a:86:4c:14:e1:2c:64:
c2:5a:39:00:6f:24:55:ce:b3:ec:cc:ea:5e:15:2d:
3c:90:a5:a4:10:0b:8b:76:3c:3c:73:23:04:59:e7:
33:04:89:ab:41:29:78:0e:29:44:1d:40:ad:1f:c7:
bd:1c:10:40:bc:04:99:f5:df:f7:7e:8a:f3:3b:fd:
d2:e9:b4:a9:8e:97:fe:88:7d:39:b6:cc:8d:ed:34:
af:8e:86:1d:f8:82:06:c8:62:c6:13:95:8d:c0:ad:
a1:b5:55:c0:ad:4a:fa:60:d1:ec:9b:c7:52:b3:79:
77:7a:94:4d:56:1e:86:14:47:0d:d1:9b:59:36:de:
e0:2a:60:6b:0a:f1:26:bc:e9:89:42:d5:31:8e:a2:
c1:25:23:6b:ff:c0:9b:b8:52:77:5f:d7:4c:59:7f:
ae:34:bc:9d:ba:e6:c1:0a:ab:15:93:83:26:61:90:
55:e8:66:26:a4:c9:13:95:a3:82:89:f8:64:ac:b2:
06:8f:60:78:29:51:15:71:17:b1:d5:1f:89:0d:07:
3b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:14:B1:EE:28:33:CA:F5:35:5E:DF:27:E4:8B:00:92:4B:7B:68:5C
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/yRSx7igzyvU1Xt8n5IsAkkt7aFw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.240.0/20
Signature Algorithm: sha256WithRSAEncryption
0b:81:c9:5b:d6:79:c8:34:ba:fb:8c:28:99:5d:9a:1d:52:22:
13:b0:d3:39:fe:73:e2:2d:38:0a:07:65:16:16:42:ba:f4:c4:
6e:20:42:50:76:73:a1:d8:6c:c5:1f:37:0c:0b:36:03:26:50:
55:60:9a:61:6d:45:f2:7b:2c:e0:64:61:13:c1:7e:70:ee:ed:
62:68:f7:d7:e7:f1:f9:e1:ce:a3:11:1d:51:68:65:7f:36:63:
96:97:e3:95:81:f6:e5:17:54:52:ac:ec:4e:ca:da:38:d1:ad:
9b:11:aa:ad:c2:6b:f3:33:cd:ee:f0:13:ed:c8:d6:6f:2e:61:
5b:a6:b4:13:86:34:f5:5b:83:35:6e:ab:49:fe:f3:5c:66:21:
da:56:d0:a2:75:62:29:73:ed:85:ec:49:12:2b:0c:1d:cc:ee:
96:f2:c5:55:4c:a9:a0:48:17:77:5b:36:fa:90:96:b3:42:b8:
f4:f4:d0:5f:eb:ad:e8:d9:da:c2:83:5d:77:f6:1c:aa:07:e6:
ed:21:c2:96:5f:c1:9d:c7:bb:5f:15:f3:a3:1c:6b:6a:32:05:
cf:e7:1a:1c:00:d6:d3:0e:36:cd:77:9b:f0:1e:3e:91:08:6a:
a1:b9:9c:8a:07:8a:27:5f:1a:55:5a:7e:36:8c:40:42:44:c0:
e5:8a:77:22
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDV0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTAyMTAx
NDEyMTdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEM5MTRCMUVFMjgzM0NB
RjUzNTVFREYyN0U0OEIwMDkyNEI3QjY4NUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMsgpN76ebUsuHtQDMOlWc9aWiLSm4B2TF3tfFbC9uQSkBscUf
Fw+si+fJk1iOaHHgbfpBmoZMFOEsZMJaOQBvJFXOs+zM6l4VLTyQpaQQC4t2PDxz
IwRZ5zMEiatBKXgOKUQdQK0fx70cEEC8BJn13/d+ivM7/dLptKmOl/6IfTm2zI3t
NK+Ohh34ggbIYsYTlY3AraG1VcCtSvpg0eybx1KzeXd6lE1WHoYURw3Rm1k23uAq
YGsK8Sa86YlC1TGOosElI2v/wJu4Undf10xZf640vJ265sEKqxWTgyZhkFXoZiak
yROVo4KJ+GSssgaPYHgpURVxF7HVH4kNBzvnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUyRSx7igzyvU1Xt8n5IsAkkt7aFwwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS95UlN4N2lnenl2VTFYdDhuNUlz
QWtrdDdhRncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3nw
MA0GCSqGSIb3DQEBCwUAA4IBAQALgclb1nnINLr7jCiZXZodUiITsNM5/nPiLTgK
B2UWFkK69MRuIEJQdnOh2GzFHzcMCzYDJlBVYJphbUXyeyzgZGETwX5w7u1iaPfX
5/H54c6jER1RaGV/NmOWl+OVgfblF1RSrOxOyto40a2bEaqtwmvzM83u8BPtyNZv
LmFbprQThjT1W4M1bqtJ/vNcZiHaVtCidWIpc+2F7EkSKwwdzO6W8sVVTKmgSBd3
Wzb6kJazQrj09NBf663o2drCg1139hyqB+btIcKWX8Gdx7tfFfOjHGtqMgXP5xoc
ANbTDjbNd5vwHj6RCGqhuZyKB4onXxpVWn42jEBCRMDlinci
-----END CERTIFICATE-----
Generated at Mon Apr 7 08:06:38 2025 by rpki-client