Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/PIj451bLae3Da8ozVIEKNUFCR2c.roa
File: PIj451bLae3Da8ozVIEKNUFCR2c.roa (raw, json)
Hash identifier: ckfOTzXulAjZ9Y63Vhzv6J0b2zgEtdiGteufUP3DD0A=
Subject key identifier: 3C:88:F8:E7:56:CB:69:ED:C3:6B:CA:33:54:81:0A:35:41:42:47:67
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 11EB
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PIj451bLae3Da8ozVIEKNUFCR2c.roa
Signing time: Tue 03 Jun 2025 06:11:59 +0000
ROA not before: Tue 03 Jun 2025 06:11:59 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17809
IP address blocks: 210.209.208.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4587 (0x11eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Jun 3 06:11:59 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=3C88F8E756CB69EDC36BCA3354810A3541424767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4e:1a:fe:00:b9:26:56:02:83:38:e8:d5:b7:
bd:e1:1f:41:9d:dc:23:d4:45:a9:4e:32:cd:b8:90:
14:17:a4:b9:8a:85:18:c7:2f:cf:bb:99:f5:f0:d0:
f5:a6:f8:9c:ba:cb:99:b0:79:60:37:b8:bb:f7:e2:
84:49:f7:28:eb:71:b7:a4:f7:40:85:f1:33:70:26:
cf:1a:4c:35:33:15:5c:2e:81:58:7e:a1:ea:e6:58:
77:93:f5:67:f6:67:f8:f2:c1:77:6f:61:b6:31:db:
6c:db:c3:04:ba:e7:e6:89:b1:66:33:52:c2:1e:88:
08:60:f9:ee:b9:c6:f5:42:07:7a:30:26:6d:58:33:
9b:8b:eb:94:91:48:d0:f5:45:51:45:b1:ff:03:d6:
87:71:c0:66:03:b9:0b:c5:aa:a6:63:9b:56:ee:27:
5f:1f:2e:75:48:76:d9:7a:04:82:93:9c:52:81:39:
7f:69:7b:56:3e:28:6b:c6:52:be:1a:23:99:0a:3e:
6c:2a:0c:be:a8:ec:cd:aa:51:03:d8:2b:f8:b0:db:
74:51:b9:70:83:e3:6b:67:9b:75:9c:78:5f:7c:3f:
42:b0:d9:08:54:ea:a5:ed:d4:ed:16:d2:84:77:16:
d0:4d:68:cb:58:33:e0:5b:5b:08:8b:16:f6:5a:5c:
cc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:88:F8:E7:56:CB:69:ED:C3:6B:CA:33:54:81:0A:35:41:42:47:67
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/PIj451bLae3Da8ozVIEKNUFCR2c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.209.208.0/20
Signature Algorithm: sha256WithRSAEncryption
48:fa:89:33:5d:65:7a:07:b3:08:b5:78:69:38:12:89:58:07:
b2:a3:d4:5b:6c:42:18:fc:44:f9:4f:44:54:10:3f:51:fd:f2:
df:15:76:da:a3:bc:ed:db:f3:e2:72:eb:fc:b8:48:c5:f9:73:
77:29:f9:10:40:dc:fa:89:fb:93:d9:6a:c3:dd:1d:7a:23:1b:
63:ba:67:32:ff:96:ac:74:e6:40:da:3f:42:c5:4e:c4:a0:05:
dc:7a:ec:c4:8c:c5:11:03:c5:d1:b5:21:55:f1:c5:58:93:d6:
da:ec:b7:1a:e1:98:59:6a:3d:f8:ce:9c:dd:8e:92:3c:b4:aa:
54:cf:2a:6a:e6:76:64:c5:a3:ea:02:c2:76:2f:e3:d3:84:7e:
e7:24:fc:73:1e:aa:19:28:6d:93:65:92:74:5e:0f:a9:6f:bb:
d0:03:40:97:f5:93:3b:4c:80:ca:3a:4a:5b:d4:19:c2:a0:26:
5f:21:11:5f:39:7c:aa:4a:ce:de:81:71:a7:89:9b:fa:1e:53:
9a:65:0f:33:6c:c6:e8:f9:a6:39:3d:69:b2:8a:45:80:08:c8:
3f:fc:94:eb:cc:58:d0:a3:72:4d:3b:d2:a2:ee:c8:81:9d:fb:
d1:e4:aa:4a:22:49:66:0a:a4:db:c7:da:bf:35:dc:cd:23:62:
a9:4e:2a:2a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEeswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTA2MDMw
NjExNTlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDNDODhGOEU3NTZDQjY5
RURDMzZCQ0EzMzU0ODEwQTM1NDE0MjQ3NjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzThr+ALkmVgKDOOjVt73hH0Gd3CPURalOMs24kBQXpLmKhRjH
L8+7mfXw0PWm+Jy6y5mweWA3uLv34oRJ9yjrcbek90CF8TNwJs8aTDUzFVwugVh+
oermWHeT9Wf2Z/jywXdvYbYx22zbwwS65+aJsWYzUsIeiAhg+e65xvVCB3owJm1Y
M5uL65SRSND1RVFFsf8D1odxwGYDuQvFqqZjm1buJ18fLnVIdtl6BIKTnFKBOX9p
e1Y+KGvGUr4aI5kKPmwqDL6o7M2qUQPYK/iw23RRuXCD42tnm3WceF98P0Kw2QhU
6qXt1O0W0oR3FtBNaMtYM+BbWwiLFvZaXMwbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPIj451bLae3Da8ozVIEKNUFCR2cwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvUElqNDUxYkxhZTNEYThvelZJRUtO
VUZDUjJjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLR0DAN
BgkqhkiG9w0BAQsFAAOCAQEASPqJM11legezCLV4aTgSiVgHsqPUW2xCGPxE+U9E
VBA/Uf3y3xV22qO87dvz4nLr/LhIxflzdyn5EEDc+on7k9lqw90deiMbY7pnMv+W
rHTmQNo/QsVOxKAF3HrsxIzFEQPF0bUhVfHFWJPW2uy3GuGYWWo9+M6c3Y6SPLSq
VM8qauZ2ZMWj6gLCdi/j04R+5yT8cx6qGShtk2WSdF4PqW+70ANAl/WTO0yAyjpK
W9QZwqAmXyERXzl8qkrO3oFxp4mb+h5TmmUPM2zG6PmmOT1psopFgAjIP/yU68xY
0KNyTTvSou7IgZ370eSqSiJJZgqk28favzXczSNiqU4qKg==
-----END CERTIFICATE-----
Generated at Mon Aug 11 15:05:28 2025 by rpki-client