Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/S6fWw6N0XIb9yL49nVws-klJSAQ.roa
File: S6fWw6N0XIb9yL49nVws-klJSAQ.roa (raw, json)
Hash identifier: E9kFVSwsh6k0MvfESoRUIfbnxGGXXsmzPItxDcqo5Sg=
Subject key identifier: 4B:A7:D6:C3:A3:74:5C:86:FD:C8:BE:3D:9D:5C:2C:FA:49:49:48:04
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 144B
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/S6fWw6N0XIb9yL49nVws-klJSAQ.roa
Signing time: Fri 22 Aug 2025 09:00:16 +0000
ROA not before: Fri 22 Aug 2025 09:00:16 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 18419
IP address blocks: 124.218.96.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5195 (0x144b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 22 09:00:16 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=4BA7D6C3A3745C86FDC8BE3D9D5C2CFA49494804
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e2:a2:85:02:e2:c5:1d:96:66:a3:44:2c:90:
97:7c:37:89:1d:15:d1:42:b5:6b:7a:75:c1:d7:f0:
4a:a7:65:55:a9:d6:23:ae:38:46:01:50:94:76:ff:
ea:cb:b2:f1:10:c6:e2:a9:94:cd:a8:3d:03:24:4a:
7b:d8:96:19:d6:67:2a:22:ef:73:84:96:71:6e:0f:
51:28:b2:f4:bb:e7:11:73:e2:44:c9:3f:38:b5:8c:
bb:42:50:19:38:28:f9:c0:1b:db:4a:98:c0:79:6e:
13:73:47:f8:ed:bd:67:fd:7d:84:3d:14:66:cd:e6:
60:69:08:34:81:9d:40:28:7b:ff:17:53:7b:01:c0:
f5:ab:df:b6:5c:0f:ea:7a:f2:c6:02:1b:5b:8a:d8:
62:b5:e5:72:64:f3:d9:4f:39:37:24:c3:74:ed:2e:
84:97:db:f5:dd:c6:f2:6a:f8:3a:c5:00:95:04:92:
77:e2:d6:67:af:73:7c:8a:dd:3f:de:85:8e:4f:6c:
5d:2c:e2:67:db:db:aa:3a:d0:62:fc:f9:41:ec:7a:
0e:e8:56:f7:52:cb:82:88:77:c1:0a:8a:8e:98:35:
b3:cc:88:69:75:42:8e:c2:e1:b5:d5:94:eb:92:c6:
1b:9b:37:d3:83:b1:ed:94:f7:c2:79:4a:92:2c:25:
d7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:A7:D6:C3:A3:74:5C:86:FD:C8:BE:3D:9D:5C:2C:FA:49:49:48:04
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/S6fWw6N0XIb9yL49nVws-klJSAQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.96.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:dc:c5:d8:00:75:cf:ae:68:67:8d:28:b0:e5:a6:1e:5f:15:
5b:68:21:40:13:0d:ca:ee:41:20:90:89:55:26:51:11:04:41:
b2:a4:ec:fd:0f:cb:75:0c:cf:1f:23:20:8d:1d:b5:fc:c0:f9:
5e:6b:97:79:d7:fa:60:b4:32:b1:4a:05:6b:4c:97:c9:ed:2c:
b1:d0:fb:de:6c:c8:44:26:af:56:a9:fe:a1:6f:44:3a:c9:7b:
fd:f4:14:2c:83:ec:72:e8:80:e4:d3:8e:ee:9c:ba:5a:6d:de:
59:4d:8e:c9:44:a8:cf:22:33:cc:1f:0e:c3:1e:44:d3:84:b2:
0c:85:5a:b9:4c:54:a6:bd:fc:ad:c2:30:fc:ba:8c:ef:f2:84:
9e:af:68:99:54:73:46:ce:1c:d2:b3:b0:c4:de:eb:08:83:2c:
f4:a2:6f:56:94:a9:eb:87:57:ce:4b:34:76:c8:c1:27:2b:bb:
75:4b:c7:ee:e0:18:cb:37:78:e8:83:ae:97:39:40:a2:b1:44:
91:b7:65:c1:b0:10:22:24:bb:2e:60:87:cb:c6:dc:47:94:d2:
17:32:cd:77:80:dd:93:d7:33:d4:5b:ef:52:d2:d4:43:45:36:
f4:56:00:22:ca:00:65:d2:74:90:13:66:5a:5b:48:a8:01:0b:
f9:31:12:48
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICFEswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw
OTAwMTZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDRCQTdENkMzQTM3NDVD
ODZGREM4QkUzRDlENUMyQ0ZBNDk0OTQ4MDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+4qKFAuLFHZZmo0QskJd8N4kdFdFCtWt6dcHX8EqnZVWp1iOu
OEYBUJR2/+rLsvEQxuKplM2oPQMkSnvYlhnWZyoi73OElnFuD1EosvS75xFz4kTJ
Pzi1jLtCUBk4KPnAG9tKmMB5bhNzR/jtvWf9fYQ9FGbN5mBpCDSBnUAoe/8XU3sB
wPWr37ZcD+p68sYCG1uK2GK15XJk89lPOTckw3TtLoSX2/XdxvJq+DrFAJUEknfi
1mevc3yK3T/ehY5PbF0s4mfb26o60GL8+UHseg7oVvdSy4KId8EKio6YNbPMiGl1
Qo7C4bXVlOuSxhubN9ODse2U98J5SpIsJdfDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUS6fWw6N0XIb9yL49nVws+klJSAQwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1M2Zld3Nk4wWEliOXlMNDluVndzLWts
SlNBUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJ82mAwDQYJ
KoZIhvcNAQELBQADggEBACzcxdgAdc+uaGeNKLDlph5fFVtoIUATDcruQSCQiVUm
UREEQbKk7P0Py3UMzx8jII0dtfzA+V5rl3nX+mC0MrFKBWtMl8ntLLHQ+95syEQm
r1ap/qFvRDrJe/30FCyD7HLogOTTju6culpt3llNjslEqM8iM8wfDsMeRNOEsgyF
WrlMVKa9/K3CMPy6jO/yhJ6vaJlUc0bOHNKzsMTe6wiDLPSib1aUqeuHV85LNHbI
wScru3VLx+7gGMs3eOiDrpc5QKKxRJG3ZcGwECIkuy5gh8vG3EeU0hcyzXeA3ZPX
M9Rb71LS1ENFNvRWACLKAGXSdJATZlpbSKgBC/kxEkg=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:54:04 2025 by rpki-client