Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WANTEASY/TC5O4BU5yifgspTLoBB-6tROqas.roa
File: TC5O4BU5yifgspTLoBB-6tROqas.roa (raw, json)
Hash identifier: 5Z2V+asSnh0jJDO/1WCHnbOIIe8nc85aTk1atgqeHk4=
Subject key identifier: 4C:2E:4E:E0:15:39:CA:27:E0:B2:94:CB:A0:10:7E:EA:D4:4E:A9:AB
Certificate issuer: /CN=CA1B71EFAC6F6AA43027609C18A734982764554B
Certificate serial: 0E76
Authority key identifier: CA:1B:71:EF:AC:6F:6A:A4:30:27:60:9C:18:A7:34:98:27:64:55:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/yhtx76xvaqQwJ2CcGKc0mCdkVUs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WANTEASY/TC5O4BU5yifgspTLoBB-6tROqas.roa
Signing time: Mon 10 Feb 2025 14:13:45 +0000
ROA not before: Mon 10 Feb 2025 14:13:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17408
IP address blocks: 103.138.107.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3702 (0xe76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CA1B71EFAC6F6AA43027609C18A734982764554B
Validity
Not Before: Feb 10 14:13:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=4C2E4EE01539CA27E0B294CBA0107EEAD44EA9AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:52:21:d3:78:be:44:c8:af:c7:bf:19:99:d5:
ef:eb:a6:b4:ec:f7:99:ce:3d:c9:0b:eb:13:67:57:
70:ab:65:3d:63:bd:03:01:62:a7:56:2f:a8:f5:87:
8f:31:bc:34:e4:9b:af:ad:64:8b:de:58:ab:e2:b2:
bc:0c:df:77:bf:71:82:70:53:ab:e9:e2:a6:d7:01:
e4:25:0c:9f:7c:db:d0:19:9f:c7:b4:38:0e:48:00:
0b:d1:d5:e7:5c:68:16:fe:45:69:6c:17:24:77:a2:
6f:0a:51:e4:db:7a:ec:63:d9:70:a6:24:9c:3c:e1:
2c:4a:08:4f:c4:18:46:ad:a8:65:5f:db:34:88:46:
06:69:bf:e0:dd:41:27:21:77:ed:ee:64:e1:ba:42:
12:1d:43:82:a9:12:c7:4c:85:0e:d4:65:91:f5:75:
a4:2c:19:a2:4d:a9:5e:ae:bf:2a:67:bd:5c:18:bb:
95:37:09:42:12:67:58:73:8d:68:67:23:f4:d4:2d:
39:ad:48:4a:44:f2:d2:5f:35:14:ec:f8:69:65:e8:
79:18:57:71:c2:e0:07:a2:e4:85:be:e7:7e:0e:ff:
5f:03:9d:b7:ba:c3:f3:e8:b4:b3:a2:28:15:bb:11:
bc:71:61:cf:d7:ff:15:ec:f4:83:cc:77:f6:eb:6a:
65:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2E:4E:E0:15:39:CA:27:E0:B2:94:CB:A0:10:7E:EA:D4:4E:A9:AB
X509v3 Authority Key Identifier:
keyid:CA:1B:71:EF:AC:6F:6A:A4:30:27:60:9C:18:A7:34:98:27:64:55:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WANTEASY/yhtx76xvaqQwJ2CcGKc0mCdkVUs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/yhtx76xvaqQwJ2CcGKc0mCdkVUs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WANTEASY/TC5O4BU5yifgspTLoBB-6tROqas.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.138.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:79:06:30:39:e7:5b:3e:88:cf:33:6f:19:9b:3b:45:77:fa:
5c:2f:d0:c4:ac:23:34:5a:2a:a4:9d:e1:34:52:d4:3a:a6:77:
90:7c:62:5c:fc:23:a3:d7:f6:35:43:59:8e:43:29:7d:69:db:
0d:77:82:9c:15:f8:61:8e:8c:75:9f:f0:9a:85:d1:c9:14:8b:
fc:0e:1c:28:bd:90:01:5e:1d:93:ae:97:68:eb:d6:07:07:c7:
db:28:d9:b8:8c:e1:d5:65:46:21:4e:11:87:16:71:fb:1c:bd:
5d:ac:12:43:43:29:f2:f3:b7:14:55:de:dc:60:51:7a:44:db:
3d:0f:57:35:8b:51:b9:93:81:f2:09:a9:72:23:cc:3e:5a:3e:
fd:ca:72:23:f7:80:49:f3:37:31:9f:2e:06:d6:32:c3:fa:74:
8b:5a:37:dc:d1:48:b6:cd:0a:30:a4:ca:a0:03:21:b2:7e:4d:
78:1b:8c:9e:68:b2:5a:be:b5:e0:82:e3:e7:9f:5b:25:87:0c:
d5:a7:d9:e3:be:d7:c9:4c:ef:4c:c4:21:dc:07:f0:b5:f1:4c:
c9:df:ad:3d:78:a9:40:24:2a:84:1d:79:a7:2f:6f:bf:ab:ca:
84:c5:bc:ba:ff:d1:a3:a3:7a:f2:81:fd:62:68:9f:a6:7b:ae:
4d:1b:e0:28
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDnYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0Ex
QjcxRUZBQzZGNkFBNDMwMjc2MDlDMThBNzM0OTgyNzY0NTU0QjAeFw0yNTAyMTAx
NDEzNDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDRDMkU0RUUwMTUzOUNB
MjdFMEIyOTRDQkEwMTA3RUVBRDQ0RUE5QUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9UiHTeL5EyK/HvxmZ1e/rprTs95nOPckL6xNnV3CrZT1jvQMB
YqdWL6j1h48xvDTkm6+tZIveWKvisrwM33e/cYJwU6vp4qbXAeQlDJ9829AZn8e0
OA5IAAvR1edcaBb+RWlsFyR3om8KUeTbeuxj2XCmJJw84SxKCE/EGEatqGVf2zSI
RgZpv+DdQSchd+3uZOG6QhIdQ4KpEsdMhQ7UZZH1daQsGaJNqV6uvypnvVwYu5U3
CUISZ1hzjWhnI/TULTmtSEpE8tJfNRTs+Gll6HkYV3HC4Aei5IW+534O/18Dnbe6
w/PotLOiKBW7EbxxYc/X/xXs9IPMd/bramVFAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUTC5O4BU5yifgspTLoBB+6tROqaswHwYDVR0jBBgwFoAUyhtx76xvaqQwJ2Cc
GKc0mCdkVUswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV0FOVEVB
U1kveWh0eDc2eHZhcVF3SjJDY0dLYzBtQ2RrVlVzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS95aHR4NzZ4dmFxUXdKMkNjR0tjMG1DZGtWVXMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9XQU5URUFTWS9UQzVPNEJVNXlpZmdz
cFRMb0JCLTZ0Uk9xYXMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAZ4prMA0GCSqGSIb3DQEBCwUAA4IBAQA/eQYwOedbPojPM28ZmztFd/pcL9DE
rCM0WiqkneE0UtQ6pneQfGJc/COj1/Y1Q1mOQyl9adsNd4KcFfhhjox1n/CahdHJ
FIv8DhwovZABXh2Trpdo69YHB8fbKNm4jOHVZUYhThGHFnH7HL1drBJDQyny87cU
Vd7cYFF6RNs9D1c1i1G5k4HyCalyI8w+Wj79ynIj94BJ8zcxny4G1jLD+nSLWjfc
0Ui2zQowpMqgAyGyfk14G4yeaLJavrXgguPnn1slhwzVp9njvtfJTO9MxCHcB/C1
8UzJ3609eKlAJCqEHXmnL2+/q8qExby6/9Gjo3rygf1iaJ+me65NG+Ao
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:19:21 2025 by rpki-client