Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/kz40YzNsJoyVGZYkGHaiSqvt2Ko.roa
File: kz40YzNsJoyVGZYkGHaiSqvt2Ko.roa (raw, json)
Hash identifier: 1N0BIdwUIj2MTmhKzSmz5vRebtO3KhFBj7xc+WgB5Ts=
Subject key identifier: 93:3E:34:63:33:6C:26:8C:95:19:96:24:18:76:A2:4A:AB:ED:D8:AA
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 139E
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kz40YzNsJoyVGZYkGHaiSqvt2Ko.roa
Signing time: Fri 22 Aug 2025 08:59:30 +0000
ROA not before: Fri 22 Aug 2025 08:59:30 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 18419
IP address blocks: 218.34.104.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5022 (0x139e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 22 08:59:30 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=933E3463336C268C951996241876A24AABEDD8AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f1:55:fe:dd:2c:ba:b7:fa:42:5b:52:df:0d:
89:b9:f7:9c:96:aa:ef:06:fb:10:f6:61:23:1b:7c:
cb:11:92:48:1d:f6:c8:19:f0:c5:25:1d:ff:9d:fc:
d8:a9:5e:f9:89:e9:d1:08:b0:42:19:1b:b0:bd:20:
69:b3:c1:c1:cf:c5:b2:13:04:00:c7:6e:22:87:64:
34:ee:13:1e:65:3e:17:d2:5a:e7:84:e4:d3:65:15:
87:e2:01:b2:31:ac:4a:d2:09:c3:df:6a:70:c0:da:
f7:62:1e:7c:a0:9b:25:4a:06:83:4b:67:64:49:00:
96:6e:fb:be:4e:3f:ed:e9:97:2e:a8:7a:f9:29:78:
91:ae:dd:1f:1e:11:80:3e:85:3a:5a:de:52:1b:44:
ed:c3:94:fb:99:dc:2e:f2:e9:7c:c2:58:0c:5b:79:
97:28:50:c2:d5:31:24:63:52:69:91:c2:f6:37:4c:
a6:84:f6:86:de:8e:28:8d:85:a1:2d:8f:23:31:dc:
f2:1c:29:cd:88:d0:cf:13:20:8d:2b:63:06:4a:ba:
7a:a6:31:08:9f:5f:d6:b1:74:d7:25:65:37:13:61:
f5:74:46:99:17:df:ef:e1:0e:15:e7:b7:1d:95:62:
46:5f:70:34:56:d7:70:2c:03:0e:48:16:61:53:e8:
f0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:3E:34:63:33:6C:26:8C:95:19:96:24:18:76:A2:4A:AB:ED:D8:AA
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/kz40YzNsJoyVGZYkGHaiSqvt2Ko.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.34.104.0/23
Signature Algorithm: sha256WithRSAEncryption
a5:6b:89:bc:5f:da:e0:0f:e4:54:e8:e2:b3:01:56:8b:d0:dc:
ca:9a:60:95:e5:b1:29:fb:16:6a:7a:5f:f2:a8:f9:ae:05:b0:
36:db:93:65:e7:71:a2:2d:24:d2:3b:ae:4a:19:e2:e5:0e:b1:
30:5a:26:e8:1e:cb:24:8e:6a:55:48:ba:99:6a:d3:12:ad:56:
e5:78:db:a6:01:79:e9:cf:53:e0:a4:79:4e:df:c5:44:b7:ba:
7a:d4:ba:77:de:46:91:32:7c:56:e2:9f:8b:79:3e:0c:1a:0a:
09:b6:10:e3:be:fd:0d:31:d7:ae:6d:6d:b3:05:85:c6:44:73:
c4:ce:8c:07:13:3e:de:d4:c2:c3:10:2e:c1:85:5e:ed:2c:17:
12:f5:1c:b7:53:1b:77:6f:7d:3c:f5:7d:7a:a9:7f:74:c2:82:
ec:2a:46:85:41:a0:ed:75:e5:76:1d:40:3e:ba:c8:3e:22:1f:
ba:fc:4a:2d:ae:1e:ff:3d:9f:0f:09:e8:a1:5d:ad:da:51:05:
86:e8:aa:8a:de:d0:cf:02:24:e6:b5:77:8a:17:5c:57:75:9d:
fa:7d:06:e2:d5:9e:5d:c2:44:08:ae:a5:0a:df:60:e7:95:c6:
85:f6:dd:d5:c8:8c:a0:30:b7:40:02:34:1c:12:3a:86:15:87:
39:7a:ca:91
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICE54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw
ODU5MzBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDkzM0UzNDYzMzM2QzI2
OEM5NTE5OTYyNDE4NzZBMjRBQUJFREQ4QUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa8VX+3Sy6t/pCW1LfDYm595yWqu8G+xD2YSMbfMsRkkgd9sgZ
8MUlHf+d/NipXvmJ6dEIsEIZG7C9IGmzwcHPxbITBADHbiKHZDTuEx5lPhfSWueE
5NNlFYfiAbIxrErSCcPfanDA2vdiHnygmyVKBoNLZ2RJAJZu+75OP+3ply6oevkp
eJGu3R8eEYA+hTpa3lIbRO3DlPuZ3C7y6XzCWAxbeZcoUMLVMSRjUmmRwvY3TKaE
9obejiiNhaEtjyMx3PIcKc2I0M8TII0rYwZKunqmMQifX9axdNclZTcTYfV0RpkX
3+/hDhXntx2VYkZfcDRW13AsAw5IFmFT6PDBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUkz40YzNsJoyVGZYkGHaiSqvt2KowHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2t6NDBZek5zSm95VkdaWWtHSGFpU3F2
dDJLby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHaImgwDQYJ
KoZIhvcNAQELBQADggEBAKVribxf2uAP5FTo4rMBVovQ3MqaYJXlsSn7Fmp6X/Ko
+a4FsDbbk2XncaItJNI7rkoZ4uUOsTBaJugeyySOalVIuplq0xKtVuV426YBeenP
U+CkeU7fxUS3unrUunfeRpEyfFbin4t5PgwaCgm2EOO+/Q0x165tbbMFhcZEc8TO
jAcTPt7UwsMQLsGFXu0sFxL1HLdTG3dvfTz1fXqpf3TCguwqRoVBoO115XYdQD66
yD4iH7r8Si2uHv89nw8J6KFdrdpRBYboqore0M8CJOa1d4oXXFd1nfp9BuLVnl3C
RAiupQrfYOeVxoX23dXIjKAwt0ACNBwSOoYVhzl6ypE=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:55 2025 by rpki-client