Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2XBjvhd9HsNGsz3sVX-YrUxN2J0.roa
File: 2XBjvhd9HsNGsz3sVX-YrUxN2J0.roa (raw, json)
Hash identifier: r3RprEbFY5D/eUUfDNspK5gO1L5U6LqeI24/RBOjPJo=
Subject key identifier: D9:70:63:BE:17:7D:1E:C3:46:B3:3D:EC:55:7F:98:AD:4C:4D:D8:9D
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 1365
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2XBjvhd9HsNGsz3sVX-YrUxN2J0.roa
Signing time: Mon 10 Feb 2025 14:03:41 +0000
ROA not before: Mon 10 Feb 2025 14:03:41 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 16509
IP address blocks: 103.235.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4965 (0x1365)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Feb 10 14:03:41 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D97063BE177D1EC346B33DEC557F98AD4C4DD89D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:48:f6:c7:0a:88:13:a4:7a:0b:c2:54:5a:d8:
d2:53:84:db:39:2c:b3:ae:cd:a4:e9:37:ca:60:a2:
b7:2b:c3:bf:d2:b6:39:20:e0:56:ee:49:ce:7a:07:
6b:05:a4:eb:11:9b:21:31:a8:85:b0:07:e9:0f:cb:
78:77:15:65:ed:08:ef:ef:1a:af:24:0c:60:84:c1:
ca:de:cd:30:e8:99:6c:8d:6f:5d:ca:9c:83:28:a7:
ef:c4:3d:b5:c4:28:6c:4e:2b:47:05:ed:9e:c9:f0:
e5:75:96:e2:3d:be:18:2e:ef:d1:e7:9e:01:f3:dd:
6e:b9:13:09:66:9a:77:1a:5a:41:d8:cd:da:75:36:
f3:20:1a:e6:3d:25:f4:c6:dc:e5:4d:f7:18:43:bb:
8f:e8:1b:bd:e5:5f:3b:13:0e:57:9e:29:d0:ab:c0:
35:bf:2a:25:be:a7:70:18:1c:cc:34:51:14:61:fc:
ce:ff:3e:e0:ab:77:63:73:0c:cf:5a:9b:e3:8b:eb:
b1:25:d0:8f:0f:a9:b2:9e:e6:4d:31:f6:24:b4:3a:
76:bc:f1:63:a0:b7:4a:cd:68:fd:a7:41:71:09:0f:
21:1d:66:79:1a:ba:9f:05:10:f1:b5:93:37:5e:ed:
e4:2a:62:f0:28:e0:ac:cd:7a:84:5d:bc:b5:f8:4f:
e1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:70:63:BE:17:7D:1E:C3:46:B3:3D:EC:55:7F:98:AD:4C:4D:D8:9D
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/2XBjvhd9HsNGsz3sVX-YrUxN2J0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.235.88.0/24
Signature Algorithm: sha256WithRSAEncryption
40:18:77:78:4a:38:bb:15:1a:6a:9a:20:32:85:5f:58:14:26:
47:e6:34:d0:00:ee:7e:c3:a8:ec:c4:08:49:a2:8d:ea:6b:ad:
d3:70:02:39:99:17:bb:93:3a:93:09:79:6f:6c:58:3f:7b:ef:
59:5f:20:b4:b9:df:9e:8c:07:c6:ae:49:cf:46:3c:56:b1:86:
34:a0:80:14:1c:e6:bf:74:bb:e5:69:df:a6:07:05:09:90:10:
31:92:f1:d7:66:bc:dd:9f:0e:83:e4:22:71:f0:b4:a4:cd:84:
d2:20:9c:67:21:13:10:d1:fa:22:6c:13:3a:72:fb:ab:86:8e:
55:71:af:95:6a:93:43:4d:d6:96:74:15:0d:1c:7a:78:32:18:
be:30:12:6c:10:c0:f9:d5:d2:56:cc:29:fb:16:49:89:10:57:
ee:66:32:a9:63:41:ff:ab:f3:75:3b:98:c9:bf:94:5b:34:78:
27:b0:bf:57:73:ca:2a:c1:50:c4:0f:cb:29:42:10:a2:f7:bc:
4e:30:25:a7:25:2c:93:ce:fa:ba:5e:d4:05:81:41:07:e7:e2:
58:88:71:ca:b7:fd:8e:76:fb:0a:0e:38:53:d5:8f:d2:8f:ec:
a8:c5:90:a8:77:fe:13:a5:93:8c:a7:be:7a:57:7e:2a:a6:96:
25:8a:08:64
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICE2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTAyMTAx
NDAzNDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ5NzA2M0JFMTc3RDFF
QzM0NkIzM0RFQzU1N0Y5OEFENEM0REQ4OUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNSPbHCogTpHoLwlRa2NJThNs5LLOuzaTpN8pgorcrw7/Stjkg
4FbuSc56B2sFpOsRmyExqIWwB+kPy3h3FWXtCO/vGq8kDGCEwcrezTDomWyNb13K
nIMop+/EPbXEKGxOK0cF7Z7J8OV1luI9vhgu79HnngHz3W65EwlmmncaWkHYzdp1
NvMgGuY9JfTG3OVN9xhDu4/oG73lXzsTDleeKdCrwDW/KiW+p3AYHMw0URRh/M7/
PuCrd2NzDM9am+OL67El0I8PqbKe5k0x9iS0Ona88WOgt0rNaP2nQXEJDyEdZnka
up8FEPG1kzde7eQqYvAo4KzNeoRdvLX4T+EfAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2XBjvhd9HsNGsz3sVX+YrUxN2J0wHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy8yWEJqdmhkOUhzTkdzejNzVlgt
WXJVeE4ySjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+tY
MA0GCSqGSIb3DQEBCwUAA4IBAQBAGHd4Sji7FRpqmiAyhV9YFCZH5jTQAO5+w6js
xAhJoo3qa63TcAI5mRe7kzqTCXlvbFg/e+9ZXyC0ud+ejAfGrknPRjxWsYY0oIAU
HOa/dLvlad+mBwUJkBAxkvHXZrzdnw6D5CJx8LSkzYTSIJxnIRMQ0foibBM6cvur
ho5Vca+VapNDTdaWdBUNHHp4Mhi+MBJsEMD51dJWzCn7FkmJEFfuZjKpY0H/q/N1
O5jJv5RbNHgnsL9Xc8oqwVDED8spQhCi97xOMCWnJSyTzvq6XtQFgUEH5+JYiHHK
t/2OdvsKDjhT1Y/Sj+yoxZCod/4TpZOMp756V34qppYlighk
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:29:48 2025 by rpki-client