Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/iO2zIHzkiTs7Hht_cdhDtBdb2_Y.roa
File: iO2zIHzkiTs7Hht_cdhDtBdb2_Y.roa (raw, json)
Hash identifier: G9XH8GZRQyzT772hQgSlX6P1rYVh9hg0zYOUkeq9Izg=
Subject key identifier: 88:ED:B3:20:7C:E4:89:3B:3B:1E:1B:7F:71:D8:43:B4:17:5B:DB:F6
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 13CC
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/iO2zIHzkiTs7Hht_cdhDtBdb2_Y.roa
Signing time: Fri 22 Aug 2025 08:59:44 +0000
ROA not before: Fri 22 Aug 2025 08:59:44 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 9311
IP address blocks: 210.200.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5068 (0x13cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 22 08:59:44 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=88EDB3207CE4893B3B1E1B7F71D843B4175BDBF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1e:9b:65:10:57:fc:dd:e1:3f:96:71:7b:4d:
82:18:b7:8c:e4:49:1a:2d:79:86:f2:5e:4c:9a:6e:
e7:2e:46:81:68:07:c7:4f:34:f8:7b:1f:39:c5:26:
46:a5:f5:2f:0c:2e:68:5f:1b:e7:ad:0b:e0:df:dc:
67:4a:09:8b:f5:55:34:0f:8a:6f:86:2a:28:31:3f:
5c:58:27:2f:70:3b:47:0d:e3:81:f6:c6:57:15:62:
27:39:6a:37:40:70:20:2a:38:26:17:be:9e:6b:20:
ab:f4:d8:3b:cf:d7:02:41:2e:1d:4f:df:14:8e:cf:
53:4c:56:93:35:8c:85:3c:ce:64:09:99:74:52:c2:
a5:92:1f:87:ec:82:cc:a3:ac:1f:be:f8:d1:64:6f:
c7:41:de:fc:f6:c7:e5:80:5c:ea:38:c2:c6:dc:9c:
21:1a:d5:8b:bc:dd:06:17:54:60:ba:62:ec:47:77:
b5:85:c5:17:87:9e:56:46:70:04:ab:39:41:08:58:
13:e7:de:52:db:9d:6f:03:08:42:69:91:39:ee:8c:
00:58:63:e9:73:5c:66:a5:35:f2:bc:03:5d:5c:ab:
cb:e8:a9:65:64:88:4a:35:ae:3c:c9:39:58:66:8a:
18:ee:ee:f7:a1:4b:85:ff:cb:e2:a6:30:32:7b:31:
ee:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:ED:B3:20:7C:E4:89:3B:3B:1E:1B:7F:71:D8:43:B4:17:5B:DB:F6
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/iO2zIHzkiTs7Hht_cdhDtBdb2_Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.17.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:55:a2:ed:dc:4a:c6:b3:70:05:be:e9:8e:95:07:e6:e3:10:
30:cc:89:42:e8:eb:4b:0a:20:6a:e7:83:e8:a3:30:c4:87:cf:
b8:9f:5c:de:f7:df:0b:a4:25:43:7c:e3:55:6e:4e:13:50:66:
a2:98:42:0b:01:07:b2:ff:b2:bc:03:36:3f:e6:97:df:64:da:
2d:2b:f2:1a:7f:4f:8f:80:df:9e:aa:a5:c6:5e:b4:a0:c0:54:
f3:7c:35:48:fb:5b:23:a1:91:7d:8b:52:1e:72:20:de:01:b4:
d8:1f:63:f6:ec:e1:94:a0:11:1c:82:3a:55:10:ae:7a:5f:d9:
85:84:90:6c:33:3d:3f:96:4d:50:18:bb:0c:c8:4b:3d:10:be:
d2:c3:3a:95:b4:f1:74:71:e7:6a:24:e8:bf:fb:75:39:46:f5:
6e:7b:a8:45:1b:08:12:5b:a3:41:13:1a:2b:aa:14:62:22:79:
1e:7e:3c:62:75:9d:34:b1:4c:51:7c:71:98:e1:73:17:23:f8:
35:a8:dc:00:27:fb:dc:ee:36:59:da:58:fa:4c:b4:3c:04:9c:
eb:5a:78:85:09:3b:1c:ae:82:b1:6d:13:c5:3e:7d:60:dc:d2:
a4:d6:39:e7:ae:c5:d8:1c:26:06:d2:1b:a0:ef:00:be:a6:1b:
06:1a:40:79
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICE8wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw
ODU5NDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDg4RURCMzIwN0NFNDg5
M0IzQjFFMUI3RjcxRDg0M0I0MTc1QkRCRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAHptlEFf83eE/lnF7TYIYt4zkSRoteYbyXkyabucuRoFoB8dP
NPh7HznFJkal9S8MLmhfG+etC+Df3GdKCYv1VTQPim+GKigxP1xYJy9wO0cN44H2
xlcVYic5ajdAcCAqOCYXvp5rIKv02DvP1wJBLh1P3xSOz1NMVpM1jIU8zmQJmXRS
wqWSH4fsgsyjrB+++NFkb8dB3vz2x+WAXOo4wsbcnCEa1Yu83QYXVGC6YuxHd7WF
xReHnlZGcASrOUEIWBPn3lLbnW8DCEJpkTnujABYY+lzXGalNfK8A11cq8voqWVk
iEo1rjzJOVhmihju7vehS4X/y+KmMDJ7Me5PAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUiO2zIHzkiTs7Hht/cdhDtBdb2/YwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2lPMnpJSHpraVRzN0hodF9jZGhEdEJk
YjJfWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSyBEwDQYJ
KoZIhvcNAQELBQADggEBALZVou3cSsazcAW+6Y6VB+bjEDDMiULo60sKIGrng+ij
MMSHz7ifXN733wukJUN841VuThNQZqKYQgsBB7L/srwDNj/ml99k2i0r8hp/T4+A
356qpcZetKDAVPN8NUj7WyOhkX2LUh5yIN4BtNgfY/bs4ZSgERyCOlUQrnpf2YWE
kGwzPT+WTVAYuwzISz0QvtLDOpW08XRx52ok6L/7dTlG9W57qEUbCBJbo0ETGiuq
FGIieR5+PGJ1nTSxTFF8cZjhcxcj+DWo3AAn+9zuNlnaWPpMtDwEnOtaeIUJOxyu
grFtE8U+fWDc0qTWOeeuxdgcJgbSG6DvAL6mGwYaQHk=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:42 2025 by rpki-client