Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/2a5JX0n-Anbs889ckNwUh1wcRg4.roa
File: 2a5JX0n-Anbs889ckNwUh1wcRg4.roa (raw, json)
Hash identifier: tIffQ2527ZxDv1xCE+0OGvX5+sjE/JS9U1Vv2Qw6q6o=
Subject key identifier: D9:AE:49:5F:49:FE:02:76:EC:F3:CF:5C:90:DC:14:87:5C:1C:46:0E
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 0F0D
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/2a5JX0n-Anbs889ckNwUh1wcRg4.roa
Signing time: Mon 10 Feb 2025 14:16:20 +0000
ROA not before: Mon 10 Feb 2025 14:16:20 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131150
IP address blocks: 163.32.200.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3853 (0xf0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Feb 10 14:16:20 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D9AE495F49FE0276ECF3CF5C90DC14875C1C460E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a3:5d:58:1f:8b:52:e7:ae:24:fe:02:81:aa:
05:1d:8b:95:33:99:4f:5d:7c:95:68:a1:be:e3:59:
5a:1f:e7:35:91:c2:72:04:53:36:ed:1a:28:85:be:
0a:29:93:b4:10:a4:29:28:2b:da:00:c0:1a:4b:d9:
9d:95:01:a5:a0:2f:ae:04:fe:52:01:71:9b:e9:3a:
c4:c0:0b:3d:a4:2d:85:a9:4a:ad:c5:32:ca:01:bd:
a4:c3:d8:ca:99:a1:96:14:99:3d:e2:ac:85:a5:db:
bd:78:e3:0c:10:8c:a2:6e:92:fa:fe:ea:91:31:73:
ef:19:d8:97:d2:f8:56:e4:c4:2f:cb:01:1c:0f:22:
36:ed:21:c2:93:f9:6b:5a:f9:23:a9:0a:68:f7:93:
b2:69:5b:64:a4:21:cc:13:48:ab:8c:64:78:53:2e:
56:8b:be:d9:e9:5a:1a:89:bc:d1:5d:f5:bd:9d:f6:
ac:2e:e8:b6:30:80:5c:93:d2:9a:d2:9b:46:17:f3:
77:88:de:45:91:74:a4:15:5b:c6:70:71:dd:46:d6:
fc:7d:be:b5:6b:c5:64:cf:0b:70:44:20:58:60:88:
68:3a:bb:a4:45:e7:40:02:d0:7b:35:4b:f1:18:d1:
86:ff:ea:56:62:b7:44:cd:76:1b:10:e0:f7:c5:c6:
ea:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AE:49:5F:49:FE:02:76:EC:F3:CF:5C:90:DC:14:87:5C:1C:46:0E
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/2a5JX0n-Anbs889ckNwUh1wcRg4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
163.32.200.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:ec:b8:0b:e5:82:e0:5a:af:76:61:fe:f1:5d:4f:e0:2b:f9:
89:99:3b:25:4e:c1:a4:66:e5:9a:79:7a:43:e7:25:15:32:20:
1c:36:aa:30:48:6b:1e:88:78:04:19:1b:55:7a:d6:f2:01:77:
fc:fb:ee:e0:e9:4b:4c:1c:c4:4c:21:f5:33:f9:79:5a:b8:6d:
8e:4b:cb:2f:67:d6:33:6a:3b:30:9c:b9:8c:07:d2:bd:4d:5e:
4c:9c:bd:3b:c4:05:dc:65:ac:92:fc:a3:bc:38:21:88:f5:32:
e2:fa:f6:d9:21:c6:1e:05:58:9d:ad:52:fe:8f:c1:f0:70:e9:
9c:9f:fb:6e:d6:45:d1:7e:3a:3f:95:b4:5d:a9:5f:c0:3a:22:
1e:fe:bb:f9:29:80:04:60:7b:65:ae:da:ef:8f:f1:dc:7f:f9:
1a:ec:e2:04:95:90:1b:14:6a:1e:cd:5d:c0:01:dd:3a:ef:32:
a7:65:c6:9d:8b:30:de:c1:bd:35:e3:d5:7f:39:59:16:dd:71:
c4:f4:76:59:08:fd:e8:d7:d4:4d:0e:f3:65:b1:26:c1:86:5c:
68:a7:aa:19:f6:8e:ac:20:bc:20:f6:6e:5f:96:6f:0e:63:d3:
ff:79:7a:02:bd:79:61:0f:1d:af:8c:38:61:da:c4:e7:6b:ad:
c1:d6:6a:a7
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yNTAyMTAx
NDE2MjBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ5QUU0OTVGNDlGRTAy
NzZFQ0YzQ0Y1QzkwREMxNDg3NUMxQzQ2MEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEo11YH4tS564k/gKBqgUdi5UzmU9dfJVoob7jWVof5zWRwnIE
UzbtGiiFvgopk7QQpCkoK9oAwBpL2Z2VAaWgL64E/lIBcZvpOsTACz2kLYWpSq3F
MsoBvaTD2MqZoZYUmT3irIWl27144wwQjKJukvr+6pExc+8Z2JfS+FbkxC/LARwP
IjbtIcKT+Wta+SOpCmj3k7JpW2SkIcwTSKuMZHhTLlaLvtnpWhqJvNFd9b2d9qwu
6LYwgFyT0prSm0YX83eI3kWRdKQVW8Zwcd1G1vx9vrVrxWTPC3BEIFhgiGg6u6RF
50AC0Hs1S/EY0Yb/6lZit0TNdhsQ4PfFxurHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2a5JX0n+Anbs889ckNwUh1wcRg4wHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC8yYTVKWDBuLUFuYnM4ODlja053
VWgxd2NSZzQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCoyDI
MA0GCSqGSIb3DQEBCwUAA4IBAQCL7LgL5YLgWq92Yf7xXU/gK/mJmTslTsGkZuWa
eXpD5yUVMiAcNqowSGseiHgEGRtVetbyAXf8++7g6UtMHMRMIfUz+XlauG2OS8sv
Z9YzajswnLmMB9K9TV5MnL07xAXcZayS/KO8OCGI9TLi+vbZIcYeBVidrVL+j8Hw
cOmcn/tu1kXRfjo/lbRdqV/AOiIe/rv5KYAEYHtlrtrvj/Hcf/ka7OIElZAbFGoe
zV3AAd067zKnZcadizDewb0149V/OVkW3XHE9HZZCP3o19RNDvNlsSbBhlxop6oZ
9o6sILwg9m5flm8OY9P/eXoCvXlhDx2vjDhh2sTna63B1mqn
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:06:25 2025 by rpki-client