Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZO1h5PFm0JlgJpsBwPnXZRz0aXI.roa
File: ZO1h5PFm0JlgJpsBwPnXZRz0aXI.roa (raw, json)
Hash identifier: nGNdPlehNsyC/vhrZQBSSfQvvs0dDNLxHzVa0VyecJA=
Subject key identifier: 64:ED:61:E4:F1:66:D0:99:60:26:9B:01:C0:F9:D7:65:1C:F4:69:72
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 1290
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZO1h5PFm0JlgJpsBwPnXZRz0aXI.roa
Signing time: Fri 22 Aug 2025 08:49:28 +0000
ROA not before: Fri 22 Aug 2025 08:49:28 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 17809
IP address blocks: 210.209.128.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4752 (0x1290)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Aug 22 08:49:28 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=64ED61E4F166D09960269B01C0F9D7651CF46972
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:66:fd:44:17:f8:5d:09:60:35:74:5e:48:4b:
0d:2c:bb:16:c9:4c:16:bd:a9:42:62:d4:0d:60:99:
9b:15:07:54:a7:a8:20:72:ba:44:7d:28:93:70:75:
6e:1a:be:1d:e0:38:01:98:dd:f4:fb:72:7e:3d:9d:
11:36:60:fa:52:a6:26:e1:0b:e6:f7:09:c8:80:b2:
60:09:5b:3c:ed:9c:33:5f:bb:b9:82:01:a3:fb:f8:
f9:f5:20:65:66:61:83:eb:0b:4f:fd:b9:d2:1e:5f:
03:95:48:cd:ff:e2:70:20:2f:45:a4:ca:5a:a6:69:
32:a7:38:61:cd:9d:3d:55:ff:d7:3e:e6:c8:6b:06:
d8:06:96:80:72:43:a3:02:3a:9e:a5:6b:ef:1d:92:
a5:70:a2:6f:ef:39:bf:a0:a0:f6:ab:f5:59:c0:b1:
13:b0:09:df:48:ac:6f:61:7f:46:9e:85:ab:fc:ef:
65:64:e0:d1:3e:f1:0e:3a:9a:26:eb:53:e0:1a:1c:
12:50:10:4a:21:9a:76:37:09:12:31:96:de:ee:60:
e5:1a:f9:a0:c4:f0:8b:c2:0f:02:41:c6:4c:56:8b:
b7:9a:c3:09:fa:e5:d0:07:ac:e4:7e:a9:4a:56:98:
f3:17:ef:c1:2a:42:22:08:ad:ec:a6:2e:17:ae:07:
a1:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:ED:61:E4:F1:66:D0:99:60:26:9B:01:C0:F9:D7:65:1C:F4:69:72
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/ZO1h5PFm0JlgJpsBwPnXZRz0aXI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.209.128.0/20
Signature Algorithm: sha256WithRSAEncryption
36:ea:1c:ce:1e:f0:19:74:2f:36:a6:6b:31:5e:60:06:12:5b:
ba:1c:b6:e2:d4:f7:56:72:9e:12:e3:4f:89:f6:58:fb:31:ba:
96:8f:7f:98:1e:90:6b:30:2d:17:c6:1d:99:28:18:42:4c:de:
c6:d9:bc:74:0c:72:28:e4:5d:06:3a:0e:c9:63:18:0c:e6:d0:
43:18:9f:f3:06:22:61:57:69:a0:e1:b3:e5:29:db:af:34:ef:
1c:ef:55:70:b1:cf:2a:7d:fa:e1:6d:e5:87:58:58:d7:6d:31:
af:dd:28:e5:97:b7:b4:b9:59:64:7e:be:95:30:bd:13:ef:13:
de:16:12:4a:97:49:32:a8:c4:0d:76:04:cf:49:84:a9:81:50:
fa:61:b6:fa:00:b3:fe:69:be:21:1e:f4:f1:bd:3d:95:1f:ea:
ec:d6:2d:b0:a3:20:47:62:ee:db:07:76:67:82:72:b6:61:21:
63:d9:e5:1b:ed:8e:ba:26:46:49:67:6a:e8:64:db:7e:76:4e:
bf:27:30:7c:ad:50:25:8c:08:ab:ef:0f:ef:6e:9f:80:eb:ff:
26:5b:9e:24:09:91:d2:e4:89:22:b3:9d:40:9c:5c:14:cc:2a:
8e:8a:16:75:65:94:69:8e:7e:d8:04:fd:f0:53:cb:29:b5:e5:
6f:80:1f:9d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEpAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yNTA4MjIw
ODQ5MjhaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY0RUQ2MUU0RjE2NkQw
OTk2MDI2OUIwMUMwRjlENzY1MUNGNDY5NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9Zv1EF/hdCWA1dF5ISw0suxbJTBa9qUJi1A1gmZsVB1SnqCBy
ukR9KJNwdW4avh3gOAGY3fT7cn49nRE2YPpSpibhC+b3CciAsmAJWzztnDNfu7mC
AaP7+Pn1IGVmYYPrC0/9udIeXwOVSM3/4nAgL0WkylqmaTKnOGHNnT1V/9c+5shr
BtgGloByQ6MCOp6la+8dkqVwom/vOb+goPar9VnAsROwCd9IrG9hf0aehav872Vk
4NE+8Q46mibrU+AaHBJQEEohmnY3CRIxlt7uYOUa+aDE8IvCDwJBxkxWi7eawwn6
5dAHrOR+qUpWmPMX78EqQiIIreymLheuB6HBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZO1h5PFm0JlgJpsBwPnXZRz0aXIwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWk8xaDVQRm0wSmxnSnBzQndQblha
UnowYVhJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLRgDAN
BgkqhkiG9w0BAQsFAAOCAQEANuoczh7wGXQvNqZrMV5gBhJbuhy24tT3VnKeEuNP
ifZY+zG6lo9/mB6QazAtF8YdmSgYQkzextm8dAxyKORdBjoOyWMYDObQQxif8wYi
YVdpoOGz5SnbrzTvHO9VcLHPKn364W3lh1hY120xr90o5Ze3tLlZZH6+lTC9E+8T
3hYSSpdJMqjEDXYEz0mEqYFQ+mG2+gCz/mm+IR708b09lR/q7NYtsKMgR2Lu2wd2
Z4JytmEhY9nlG+2OuiZGSWdq6GTbfnZOvycwfK1QJYwIq+8P726fgOv/JlueJAmR
0uSJIrOdQJxcFMwqjooWdWWUaY5+2AT98FPLKbXlb4AfnQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:43:40 2025 by rpki-client