Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q0UnpJIyhdFzvDVWx4aCpwjKAVA.roa
File: Q0UnpJIyhdFzvDVWx4aCpwjKAVA.roa (raw, json)
Hash identifier: 89eROstpVCIZyqn2rUtF5omqaQPVlrpaNxYMgDD8lHI=
Subject key identifier: 43:45:27:A4:92:32:85:D1:73:BC:35:56:C7:86:82:A7:08:CA:01:50
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0E64
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q0UnpJIyhdFzvDVWx4aCpwjKAVA.roa
Signing time: Mon 10 Feb 2025 14:03:29 +0000
ROA not before: Mon 10 Feb 2025 14:03:29 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18429
IP address blocks: 27.147.40.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3684 (0xe64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Feb 10 14:03:29 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=434527A4923285D173BC3556C78682A708CA0150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b6:4e:6b:1f:e9:05:34:d5:1b:ba:00:f5:05:
ac:ee:cb:68:07:f4:80:ca:f2:e3:d9:f0:dd:ce:b4:
dc:af:2d:31:dc:12:1f:4d:e1:1f:77:d8:53:6b:08:
21:8c:7e:7a:eb:54:83:dc:a6:b9:ee:1b:43:b2:d6:
4b:64:49:bd:78:2b:f2:07:51:86:12:af:fc:37:d6:
2e:2e:6e:82:63:57:f0:a3:ec:00:ff:34:4c:0d:e8:
06:36:af:dc:7f:ab:56:9a:cd:ad:2a:d5:be:7a:91:
c4:d9:04:f3:60:22:42:d1:c5:e2:9c:3a:af:6d:41:
ed:eb:39:bd:aa:88:c9:38:a8:e4:42:21:38:a1:94:
1b:e5:5b:dc:e5:63:60:9a:12:07:f8:a3:eb:03:3d:
37:2e:e0:d1:66:50:30:1f:fb:8b:93:31:d6:53:a3:
29:d4:c4:a3:13:96:8d:e9:cd:6b:ce:f1:7e:80:e3:
eb:06:56:5c:ba:ee:8d:12:d9:01:ee:c4:75:cd:23:
9a:39:05:42:cf:b9:5a:77:4f:6c:46:2c:f2:99:bf:
9d:b9:c6:0b:42:01:95:7c:7d:dd:e6:af:a5:8a:26:
59:03:23:8e:a0:b2:b2:cf:8f:30:fb:5c:dc:37:aa:
00:1a:6c:4d:64:f5:77:14:ba:01:44:72:2d:7d:f0:
0f:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:45:27:A4:92:32:85:D1:73:BC:35:56:C7:86:82:A7:08:CA:01:50
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/Q0UnpJIyhdFzvDVWx4aCpwjKAVA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.40.0/21
Signature Algorithm: sha256WithRSAEncryption
09:08:2a:60:8b:61:33:26:7f:42:89:da:b3:57:c5:d2:aa:2f:
77:6f:71:f0:97:2a:4c:5b:c1:78:31:30:33:03:0b:b9:7d:b2:
96:d7:cd:68:9a:d7:fa:a0:f4:2c:ad:5e:bf:8c:00:62:e6:f1:
c5:36:af:63:d1:7e:2d:a1:c8:4a:b7:71:03:d5:a4:a0:2f:8a:
69:db:0f:3b:ce:e7:75:d9:dc:f9:22:b6:cc:71:ac:54:16:ee:
bc:72:93:3c:0a:17:89:7d:01:5f:30:f1:36:19:58:82:f0:e9:
33:ea:b9:01:6c:58:46:2f:e4:c0:43:e7:84:58:2d:8b:c7:de:
26:db:7e:92:55:0d:42:f0:7d:6b:5e:78:fa:ab:99:b8:9a:fb:
a7:96:dd:ce:72:c4:54:bc:da:fe:be:99:c1:fc:b3:7a:05:8c:
ea:11:8b:01:60:cf:e3:c3:82:f2:45:5f:d3:dc:e0:c7:c7:b0:
25:29:37:ae:10:5b:4c:92:5e:06:c3:c4:bb:bc:41:04:c3:b3:
d1:5d:ce:b2:2f:2d:52:ce:1d:3c:e8:c1:a1:94:ec:08:e8:e1:
8e:a3:a3:40:2c:ef:49:1a:55:0d:d8:2c:ac:22:da:8a:92:22:
eb:ad:69:21:9d:16:5d:24:fd:fd:24:a1:49:02:38:ed:29:2e:
a3:5c:bc:d3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDmQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yNTAyMTAx
NDAzMjlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDQzNDUyN0E0OTIzMjg1
RDE3M0JDMzU1NkM3ODY4MkE3MDhDQTAxNTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1tk5rH+kFNNUbugD1Bazuy2gH9IDK8uPZ8N3OtNyvLTHcEh9N
4R932FNrCCGMfnrrVIPcprnuG0Oy1ktkSb14K/IHUYYSr/w31i4uboJjV/Cj7AD/
NEwN6AY2r9x/q1aaza0q1b56kcTZBPNgIkLRxeKcOq9tQe3rOb2qiMk4qORCITih
lBvlW9zlY2CaEgf4o+sDPTcu4NFmUDAf+4uTMdZToynUxKMTlo3pzWvO8X6A4+sG
Vly67o0S2QHuxHXNI5o5BULPuVp3T2xGLPKZv525xgtCAZV8fd3mr6WKJlkDI46g
srLPjzD7XNw3qgAabE1k9XcUugFEci198A/RAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUQ0UnpJIyhdFzvDVWx4aCpwjKAVAwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9RMFVucEpJeWhkRnp2RFZXeDRh
Q3B3aktBVkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mo
MA0GCSqGSIb3DQEBCwUAA4IBAQAJCCpgi2EzJn9CidqzV8XSqi93b3HwlypMW8F4
MTAzAwu5fbKW181omtf6oPQsrV6/jABi5vHFNq9j0X4tochKt3ED1aSgL4pp2w87
zud12dz5IrbMcaxUFu68cpM8CheJfQFfMPE2GViC8Okz6rkBbFhGL+TAQ+eEWC2L
x94m236SVQ1C8H1rXnj6q5m4mvunlt3OcsRUvNr+vpnB/LN6BYzqEYsBYM/jw4Ly
RV/T3ODHx7AlKTeuEFtMkl4Gw8S7vEEEw7PRXc6yLy1Szh086MGhlOwI6OGOo6NA
LO9JGlUN2CysItqKkiLrrWkhnRZdJP39JKFJAjjtKS6jXLzT
-----END CERTIFICATE-----
Generated at Mon Aug 11 15:00:21 2025 by rpki-client