Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/QOoM8vRKT07-eGu6-6RNeL0xuD4.roa
File: QOoM8vRKT07-eGu6-6RNeL0xuD4.roa (raw, json)
Hash identifier: 8FUwlA7mvW7qc4qOJVF+yUB1p6UUkGfFrJzE8Wb0Bco=
Subject key identifier: 40:EA:0C:F2:F4:4A:4F:4E:FE:78:6B:BA:FB:A4:4D:78:BD:31:B8:3E
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 123A
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/QOoM8vRKT07-eGu6-6RNeL0xuD4.roa
Signing time: Fri 22 Aug 2025 08:49:08 +0000
ROA not before: Fri 22 Aug 2025 08:49:08 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 17809
IP address blocks: 27.96.232.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4666 (0x123a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Aug 22 08:49:08 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=40EA0CF2F44A4F4EFE786BBAFBA44D78BD31B83E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:7c:8f:cc:aa:21:06:9e:0c:0b:b7:da:a9:b9:
72:09:8a:fd:44:17:8b:7a:19:11:db:3e:27:94:48:
fd:9a:03:be:28:09:c0:b8:78:63:ed:b9:89:a6:1d:
6f:54:48:a8:46:cf:eb:83:f6:bd:59:37:9b:31:b8:
ba:a5:cc:db:ba:67:55:91:4d:b8:06:09:8b:7d:fc:
4d:74:99:e0:23:70:2f:bb:4e:9f:5f:21:78:80:3b:
75:96:6f:2f:d3:db:3b:db:05:29:70:b7:ca:1b:0f:
2e:89:95:07:03:c5:b3:03:9d:a9:3f:e3:49:dc:32:
02:f9:36:16:65:57:2d:68:d0:f9:f7:c6:4c:c2:96:
05:75:bf:10:d9:59:dd:09:84:a0:38:59:8c:9e:00:
ba:00:4c:ae:2c:23:84:c5:f5:9b:e5:38:d1:a2:b3:
f5:cf:a4:49:6e:30:2c:ad:c2:0c:1b:8e:34:7f:b6:
eb:b9:16:ec:e2:17:1e:ce:b8:6a:c7:f9:4e:79:d8:
82:51:c6:06:dc:d1:50:67:68:aa:b8:28:68:aa:73:
f9:89:6e:96:ad:b7:5a:bf:ce:e5:01:b9:91:f6:85:
f9:a7:fb:ee:e2:78:b3:1c:7b:92:f1:a5:ec:c6:32:
c2:31:40:7f:62:93:8b:18:4f:e0:de:05:25:29:1d:
bf:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EA:0C:F2:F4:4A:4F:4E:FE:78:6B:BA:FB:A4:4D:78:BD:31:B8:3E
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/QOoM8vRKT07-eGu6-6RNeL0xuD4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.232.0/22
Signature Algorithm: sha256WithRSAEncryption
75:99:da:fa:7d:4b:fe:1f:e0:71:a3:3f:f1:e4:03:f9:7a:82:
f5:49:06:f5:bf:04:4a:28:38:6b:fb:4b:73:6f:88:16:6b:94:
d0:17:46:4f:84:1f:5c:68:c7:ef:79:a1:84:a8:97:9f:f6:04:
c1:fa:fe:c7:c6:2f:4f:0d:47:9e:39:b7:12:d3:06:07:af:c2:
1c:db:fb:3e:07:03:06:50:8c:6c:e1:c2:b7:95:5c:aa:29:2b:
17:7a:ea:9d:5f:ff:7a:e1:6d:71:ab:74:3b:b0:a8:c6:cd:84:
6b:0c:b0:a7:d2:dc:2c:3b:69:9b:a1:57:47:85:08:25:f6:44:
de:8c:44:11:1a:ec:aa:75:c7:60:f7:33:4a:60:83:ac:90:4d:
c4:a7:5f:48:29:63:1c:9a:55:f7:a5:e3:63:6f:cb:e0:85:67:
17:73:55:ca:59:ba:fd:4b:27:97:03:23:db:be:97:a1:52:0c:
27:ee:fa:49:c5:b7:d6:9c:5f:ac:c9:c2:9a:47:d7:7d:5e:14:
5b:ad:58:f4:6c:0e:32:bc:68:4d:0b:24:00:ab:0f:0d:5b:ea:
8b:61:75:c5:fe:3d:cb:a7:e6:81:0e:34:1a:26:75:bf:66:fb:
4e:97:67:03:39:26:26:58:20:8c:b1:58:d0:13:44:69:ff:05:
39:c4:27:a3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEjowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTA4MjIw
ODQ5MDhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDQwRUEwQ0YyRjQ0QTRG
NEVGRTc4NkJCQUZCQTQ0RDc4QkQzMUI4M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRfI/MqiEGngwLt9qpuXIJiv1EF4t6GRHbPieUSP2aA74oCcC4
eGPtuYmmHW9USKhGz+uD9r1ZN5sxuLqlzNu6Z1WRTbgGCYt9/E10meAjcC+7Tp9f
IXiAO3WWby/T2zvbBSlwt8obDy6JlQcDxbMDnak/40ncMgL5NhZlVy1o0Pn3xkzC
lgV1vxDZWd0JhKA4WYyeALoATK4sI4TF9ZvlONGis/XPpEluMCytwgwbjjR/tuu5
FuziFx7OuGrH+U552IJRxgbc0VBnaKq4KGiqc/mJbpatt1q/zuUBuZH2hfmn++7i
eLMce5LxpezGMsIxQH9ik4sYT+DeBSUpHb/3AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQOoM8vRKT07+eGu6+6RNeL0xuD4wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvUU9vTTh2UktUMDctZUd1Ni02Uk5l
TDB4dUQ0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg6DAN
BgkqhkiG9w0BAQsFAAOCAQEAdZna+n1L/h/gcaM/8eQD+XqC9UkG9b8ESig4a/tL
c2+IFmuU0BdGT4QfXGjH73mhhKiXn/YEwfr+x8YvTw1Hnjm3EtMGB6/CHNv7PgcD
BlCMbOHCt5VcqikrF3rqnV//euFtcat0O7Coxs2Eawywp9LcLDtpm6FXR4UIJfZE
3oxEERrsqnXHYPczSmCDrJBNxKdfSCljHJpV96XjY2/L4IVnF3NVylm6/UsnlwMj
276XoVIMJ+76ScW31pxfrMnCmkfXfV4UW61Y9GwOMrxoTQskAKsPDVvqi2F1xf49
y6fmgQ40GiZ1v2b7TpdnAzkmJlggjLFY0BNEaf8FOcQnow==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:44:25 2025 by rpki-client