Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/XsPzS4bwTbm8KLGDh695dIo4LY0.roa
File: XsPzS4bwTbm8KLGDh695dIo4LY0.roa (raw, json)
Hash identifier: w4FqMKA0PyhP8vcoQszG7ruXTi0kOQQ84lY0AoE3ABI=
Subject key identifier: 5E:C3:F3:4B:86:F0:4D:B9:BC:28:B1:83:87:AF:79:74:8A:38:2D:8D
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 13E9
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/XsPzS4bwTbm8KLGDh695dIo4LY0.roa
Signing time: Fri 22 Aug 2025 08:59:52 +0000
ROA not before: Fri 22 Aug 2025 08:59:52 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 9311
IP address blocks: 210.200.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5097 (0x13e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 22 08:59:52 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=5EC3F34B86F04DB9BC28B18387AF79748A382D8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:66:08:49:44:2d:12:c6:28:67:cd:d2:aa:5e:
17:f9:1d:66:11:5b:56:d3:2a:bd:26:29:7b:76:fb:
a3:ca:84:0c:55:f7:fc:27:93:be:ff:ed:d7:b6:c9:
d4:69:5b:50:eb:10:8b:6f:de:59:1f:c6:de:ca:58:
5d:25:72:77:71:a2:b0:cb:68:8f:23:57:49:df:d1:
0b:22:4b:9b:e0:fc:d2:0b:f2:ec:af:54:f0:c9:c1:
d0:4f:f0:e7:55:3c:9e:05:4e:46:60:e7:b3:09:6c:
4b:a4:10:57:27:5e:ce:58:29:80:94:c1:79:a6:d7:
75:c9:80:7e:94:35:ce:69:84:54:5c:21:40:4b:88:
11:3c:1c:2c:89:cf:44:e8:d7:01:06:56:92:ce:0b:
73:cc:39:4b:41:27:ee:aa:ba:95:b0:71:88:ba:be:
dd:52:a4:ce:ce:8b:8c:5e:b2:34:6a:b3:57:0d:42:
0c:8d:d4:44:42:05:44:8e:26:95:c4:f3:a9:d7:75:
8f:6a:ec:d6:90:c7:0f:94:b4:c4:f9:f0:9d:88:50:
5e:da:36:7e:07:77:c4:50:b7:6a:06:6e:09:2d:47:
9f:67:25:f3:d8:86:a5:47:ff:44:1c:e8:07:a4:02:
e0:db:6a:cc:e7:be:5a:94:f5:b9:57:5d:b0:b9:0a:
23:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:C3:F3:4B:86:F0:4D:B9:BC:28:B1:83:87:AF:79:74:8A:38:2D:8D
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/XsPzS4bwTbm8KLGDh695dIo4LY0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.106.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:96:d4:fa:26:8b:79:ad:4c:b6:ca:26:d3:12:f4:d8:af:7a:
5f:82:1c:b7:c9:ca:8f:02:57:2f:c8:2d:08:92:72:69:50:f8:
4d:98:80:83:ce:0d:05:3b:7c:da:6b:f2:7e:03:3d:49:5f:e5:
1f:86:3c:62:93:44:11:6d:ee:18:ab:89:24:eb:f6:c7:45:e9:
c7:86:22:01:9b:bf:64:eb:9d:34:ea:2a:ab:90:99:9f:d5:ae:
0b:b3:74:d8:cd:79:4a:37:e0:91:e8:4d:18:70:9e:72:bf:a6:
7a:30:00:94:d9:e2:77:98:8c:16:e7:f3:28:42:2e:ae:66:2e:
41:a6:09:7c:7b:8b:3b:2f:76:a6:bd:c3:d6:e4:d7:48:89:43:
3b:ba:6b:b8:ec:2c:5c:15:b9:f3:89:eb:48:54:20:55:33:67:
ce:77:f1:66:2c:54:ac:49:28:19:af:8c:f6:58:5f:5f:20:1a:
a9:20:4d:b9:31:91:7b:3f:b5:ca:7c:10:6c:b9:38:cd:18:08:
f1:a0:f8:0d:7e:c3:a3:10:56:89:27:e9:c6:1e:7f:00:78:6c:
ad:1c:21:ae:9e:f7:f2:25:a6:eb:f3:9b:9a:a5:60:58:ac:00:
87:fb:c8:73:b5:63:ae:14:36:80:17:80:88:89:99:d0:0e:ed:
bd:92:48:68
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICE+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw
ODU5NTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDVFQzNGMzRCODZGMDRE
QjlCQzI4QjE4Mzg3QUY3OTc0OEEzODJEOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCZghJRC0SxihnzdKqXhf5HWYRW1bTKr0mKXt2+6PKhAxV9/wn
k77/7de2ydRpW1DrEItv3lkfxt7KWF0lcndxorDLaI8jV0nf0QsiS5vg/NIL8uyv
VPDJwdBP8OdVPJ4FTkZg57MJbEukEFcnXs5YKYCUwXmm13XJgH6UNc5phFRcIUBL
iBE8HCyJz0To1wEGVpLOC3PMOUtBJ+6qupWwcYi6vt1SpM7Oi4xesjRqs1cNQgyN
1ERCBUSOJpXE86nXdY9q7NaQxw+UtMT58J2IUF7aNn4Hd8RQt2oGbgktR59nJfPY
hqVH/0Qc6AekAuDbasznvlqU9blXXbC5CiM/AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUXsPzS4bwTbm8KLGDh695dIo4LY0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1hzUHpTNGJ3VGJtOEtMR0RoNjk1ZElv
NExZMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSyGowDQYJ
KoZIhvcNAQELBQADggEBAKKW1Pomi3mtTLbKJtMS9Nivel+CHLfJyo8CVy/ILQiS
cmlQ+E2YgIPODQU7fNpr8n4DPUlf5R+GPGKTRBFt7hiriSTr9sdF6ceGIgGbv2Tr
nTTqKquQmZ/VrguzdNjNeUo34JHoTRhwnnK/pnowAJTZ4neYjBbn8yhCLq5mLkGm
CXx7izsvdqa9w9bk10iJQzu6a7jsLFwVufOJ60hUIFUzZ8538WYsVKxJKBmvjPZY
X18gGqkgTbkxkXs/tcp8EGy5OM0YCPGg+A1+w6MQVokn6cYefwB4bK0cIa6e9/Il
puvzm5qlYFisAIf7yHO1Y64UNoAXgIiJmdAO7b2SSGg=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:06 2025 by rpki-client