Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/U9ba85Fj9dRh9xQqyK1bfX3_aQQ.roa
File: U9ba85Fj9dRh9xQqyK1bfX3_aQQ.roa (raw, json)
Hash identifier: b1fttz7chVbP10A7EyU0lJXwcIEfe1UviSng3YX1ZCY=
Subject key identifier: 53:D6:DA:F3:91:63:F5:D4:61:F7:14:2A:C8:AD:5B:7D:7D:FF:69:04
Certificate issuer: /CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB
Certificate serial: 08A5
Authority key identifier: 2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/U9ba85Fj9dRh9xQqyK1bfX3_aQQ.roa
Signing time: Mon 10 Feb 2025 14:03:49 +0000
ROA not before: Mon 10 Feb 2025 14:03:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131677
IP address blocks: 103.149.64.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2213 (0x8a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DEF2B3C3A9A1B53C16C1C70E5511AD5903284FB
Validity
Not Before: Feb 10 14:03:49 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=53D6DAF39163F5D461F7142AC8AD5B7D7DFF6904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:bb:e7:a7:87:8d:f3:d7:0a:85:58:73:37:
95:fc:0c:11:d2:6e:15:3c:01:eb:34:70:bc:6b:73:
0f:9d:2e:d5:d0:87:68:72:62:2a:d8:9c:b8:bb:9c:
ad:c1:4e:65:70:ee:8e:a2:30:62:a3:6f:10:9b:40:
80:ce:d0:21:2e:ca:32:44:ba:ea:b4:e0:87:a1:23:
07:3c:aa:35:6c:af:ed:e5:fb:20:d2:1a:5e:3a:2f:
48:00:82:e7:51:d8:de:7b:85:d5:80:77:42:65:a6:
95:fb:46:80:0d:3e:79:26:d7:dd:a0:6d:41:dd:39:
d5:6b:8e:68:b4:18:89:6f:d3:d9:6f:99:7b:61:fe:
8e:f8:9f:e3:57:30:b2:d1:ec:d3:e7:78:52:89:f1:
e8:e6:0d:5e:c3:18:d0:75:91:d1:b6:9a:d5:2c:d7:
b3:65:e6:20:66:5b:d0:5d:a9:51:f5:aa:1e:70:0d:
7c:eb:c5:9b:89:9b:c2:7e:6b:69:6c:05:a5:f3:18:
a6:65:1b:8c:5c:c7:c8:74:8a:5e:24:db:dc:5d:32:
88:02:81:2f:6c:48:5f:cf:45:54:d9:df:a8:b5:05:
25:39:e3:1b:5b:07:a4:ea:0a:20:9e:bd:0f:73:10:
b9:40:9b:3d:b5:2f:f2:8e:f7:0f:a8:fe:d1:08:57:
30:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D6:DA:F3:91:63:F5:D4:61:F7:14:2A:C8:AD:5B:7D:7D:FF:69:04
X509v3 Authority Key Identifier:
keyid:2D:EF:2B:3C:3A:9A:1B:53:C1:6C:1C:70:E5:51:1A:D5:90:32:84:FB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Le8rPDqaG1PBbBxw5VEa1ZAyhPs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OPENFOR/U9ba85Fj9dRh9xQqyK1bfX3_aQQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.64.0/23
Signature Algorithm: sha256WithRSAEncryption
91:28:2f:17:57:23:e7:1d:4b:5f:fe:54:6c:ff:7c:b1:45:3f:
20:cb:51:a5:fd:a8:4a:2a:85:1e:9c:f6:52:f0:e1:f0:6b:63:
d5:62:52:22:15:cb:4f:46:b1:27:32:4b:de:d0:a6:1b:98:43:
50:84:85:5a:66:7c:cd:b5:48:c5:01:17:0a:3e:28:f6:7f:59:
cd:75:65:50:23:c3:0b:15:92:8c:eb:13:31:c4:80:3a:1d:fb:
da:f5:12:d4:ac:89:53:b7:29:ee:fb:be:d1:55:a7:d1:a6:81:
8d:92:32:8e:4c:36:fd:5f:a6:a9:83:15:2f:64:ff:61:5e:e6:
92:74:e5:de:e7:5f:96:16:25:3d:24:e0:23:f0:b7:36:0d:f6:
db:39:d5:f2:e6:27:76:69:f2:62:6e:97:e3:e6:9e:1f:15:2c:
4c:79:0e:a1:cc:a0:d1:ab:99:e5:68:95:79:a8:33:8c:86:9a:
54:6e:77:16:d4:53:35:74:03:9e:58:0b:3f:cd:51:76:a2:c0:
3c:4f:ad:7b:70:2d:44:3b:c3:46:63:cb:5f:c4:19:8b:d6:df:
da:79:7b:1f:2f:e8:d2:ad:72:e3:33:28:bb:69:8d:54:27:36:
ce:04:c1:5b:b4:90:e8:6a:a3:5d:d5:78:a2:94:2e:75:22:45:
e4:5d:e5:8f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCKUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRF
RjJCM0MzQTlBMUI1M0MxNkMxQzcwRTU1MTFBRDU5MDMyODRGQjAeFw0yNTAyMTAx
NDAzNDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDUzRDZEQUYzOTE2M0Y1
RDQ2MUY3MTQyQUM4QUQ1QjdEN0RGRjY5MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0t7vnp4eN89cKhVhzN5X8DBHSbhU8Aes0cLxrcw+dLtXQh2hy
YirYnLi7nK3BTmVw7o6iMGKjbxCbQIDO0CEuyjJEuuq04IehIwc8qjVsr+3l+yDS
Gl46L0gAgudR2N57hdWAd0JlppX7RoANPnkm192gbUHdOdVrjmi0GIlv09lvmXth
/o74n+NXMLLR7NPneFKJ8ejmDV7DGNB1kdG2mtUs17Nl5iBmW9BdqVH1qh5wDXzr
xZuJm8J+a2lsBaXzGKZlG4xcx8h0il4k29xdMogCgS9sSF/PRVTZ36i1BSU54xtb
B6TqCiCevQ9zELlAmz21L/KO9w+o/tEIVzBJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUU9ba85Fj9dRh9xQqyK1bfX3/aQQwHwYDVR0jBBgwFoAULe8rPDqaG1PBbBxw
5VEa1ZAyhPswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvT1BFTkZP
Ui9MZThyUERxYUcxUEJiQnh3NVZFYTFaQXloUHMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0xlOHJQRHFhRzFQQmJCeHc1VkVhMVpBeWhQcy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL09QRU5GT1IvVTliYTg1Rmo5ZFJoOXhR
cXlLMWJmWDNfYVFRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AWeVQDANBgkqhkiG9w0BAQsFAAOCAQEAkSgvF1cj5x1LX/5UbP98sUU/IMtRpf2o
SiqFHpz2UvDh8Gtj1WJSIhXLT0axJzJL3tCmG5hDUISFWmZ8zbVIxQEXCj4o9n9Z
zXVlUCPDCxWSjOsTMcSAOh372vUS1KyJU7cp7vu+0VWn0aaBjZIyjkw2/V+mqYMV
L2T/YV7mknTl3udflhYlPSTgI/C3Ng322znV8uYndmnyYm6X4+aeHxUsTHkOocyg
0auZ5WiVeagzjIaaVG53FtRTNXQDnlgLP81RdqLAPE+te3AtRDvDRmPLX8QZi9bf
2nl7Hy/o0q1y4zMou2mNVCc2zgTBW7SQ6GqjXdV4opQudSJF5F3ljw==
-----END CERTIFICATE-----
Generated at Wed Jun 25 02:44:41 2025 by rpki-client