Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/mi2REmBI3U09_uPLWGoroMgFxXQ.roa
File: mi2REmBI3U09_uPLWGoroMgFxXQ.roa (raw, json)
Hash identifier: 4mNwKtIea3ttN0Bjvvr72aq1mAndjQXqRWrH07oEI6k=
Subject key identifier: 9A:2D:91:12:60:48:DD:4D:3D:FE:E3:CB:58:6A:2B:A0:C8:05:C5:74
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 149B
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/mi2REmBI3U09_uPLWGoroMgFxXQ.roa
Signing time: Fri 22 Aug 2025 09:00:36 +0000
ROA not before: Fri 22 Aug 2025 09:00:36 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 18419
IP address blocks: 124.218.120.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5275 (0x149b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 22 09:00:36 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=9A2D91126048DD4D3DFEE3CB586A2BA0C805C574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:c9:77:81:67:d2:a3:0f:b8:0e:64:2e:29:23:
16:14:a3:55:78:05:39:7c:60:25:70:a8:50:2a:c6:
e4:08:18:6a:50:20:29:08:a5:38:31:e7:48:4c:a6:
1d:8b:50:79:c7:b7:a8:6e:bc:39:b6:bb:c4:1d:cb:
f8:3a:05:e2:c1:bb:74:6c:15:02:f2:3a:64:8d:ff:
f3:68:0c:bc:60:38:d9:f2:f8:e1:e5:c8:ba:37:01:
1b:60:6d:ab:c8:ac:97:b4:52:7e:2a:f0:74:b8:7b:
d0:cb:ee:78:e0:b7:35:30:00:c1:f0:98:60:66:41:
ca:43:53:a5:98:31:e3:80:a7:ed:00:b0:33:a8:1c:
47:2b:f9:5c:17:c3:65:f7:d8:87:c3:b3:6a:db:b0:
1d:78:ce:f2:27:d4:7a:4f:97:73:eb:5e:a4:8e:44:
82:27:f1:ef:88:bf:7e:fd:9f:e9:a8:53:64:82:9e:
74:4d:db:ef:ce:bd:4e:8f:e0:cf:32:b6:e3:c6:e1:
91:0a:ed:d3:5d:a1:96:9e:64:d9:3f:66:78:c9:48:
49:77:35:63:54:97:42:3c:9d:bf:8d:ce:6b:eb:40:
46:6a:01:c5:35:8c:11:9f:af:39:e8:ed:6c:18:26:
89:c9:62:39:45:53:0a:da:76:a5:94:d4:c2:d8:aa:
0f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2D:91:12:60:48:DD:4D:3D:FE:E3:CB:58:6A:2B:A0:C8:05:C5:74
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/mi2REmBI3U09_uPLWGoroMgFxXQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.120.0/21
Signature Algorithm: sha256WithRSAEncryption
51:b3:10:4a:0c:08:a0:6d:86:df:2e:b2:6e:14:49:04:9f:22:
cc:a1:63:e5:cf:a7:0a:1b:18:cc:06:1d:42:9e:5a:1a:32:a2:
41:64:7e:4c:65:33:2c:24:7c:d3:b8:87:7c:76:d7:e7:79:70:
30:e8:ed:d7:e4:66:98:ba:61:6c:6f:59:02:7c:1c:b6:09:39:
90:74:f6:78:f0:b8:91:8b:8a:2b:44:1b:2e:eb:dc:f0:55:ae:
7c:0a:c8:d7:89:f1:08:d9:c9:42:08:37:ae:e9:de:3a:96:2c:
64:4e:46:af:43:0d:10:06:ed:f0:91:fb:f1:62:f4:2a:0e:7c:
0b:e4:77:d6:c8:d0:2d:6e:03:bf:33:d1:8d:23:ab:42:91:6f:
2e:48:8d:a0:f3:82:cb:f2:21:45:19:06:7c:8f:18:2f:1f:5a:
9a:fe:67:74:8a:6c:f9:4b:7e:19:75:a6:53:78:91:6e:d9:71:
30:89:97:0d:b1:23:ed:ba:4b:cd:b3:d0:af:ba:71:18:31:f8:
8a:2f:4b:57:0a:1a:8d:35:b9:36:94:d8:49:d3:9b:ee:8b:64:
d4:47:94:b6:f0:8f:ff:b3:c7:5d:ff:67:38:28:7f:ed:aa:9d:
0c:9a:79:1a:17:1c:9b:00:78:92:c2:a8:73:97:c4:78:53:b3:
1e:a7:52:71
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICFJswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw
OTAwMzZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDlBMkQ5MTEyNjA0OERE
NEQzREZFRTNDQjU4NkEyQkEwQzgwNUM1NzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNyXeBZ9KjD7gOZC4pIxYUo1V4BTl8YCVwqFAqxuQIGGpQICkI
pTgx50hMph2LUHnHt6huvDm2u8Qdy/g6BeLBu3RsFQLyOmSN//NoDLxgONny+OHl
yLo3ARtgbavIrJe0Un4q8HS4e9DL7njgtzUwAMHwmGBmQcpDU6WYMeOAp+0AsDOo
HEcr+VwXw2X32IfDs2rbsB14zvIn1HpPl3PrXqSORIIn8e+Iv379n+moU2SCnnRN
2+/OvU6P4M8ytuPG4ZEK7dNdoZaeZNk/ZnjJSEl3NWNUl0I8nb+NzmvrQEZqAcU1
jBGfrzno7WwYJonJYjlFUwradqWU1MLYqg97AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUmi2REmBI3U09/uPLWGoroMgFxXQwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL21pMlJFbUJJM1UwOV91UExXR29yb01n
RnhYUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAN82ngwDQYJ
KoZIhvcNAQELBQADggEBAFGzEEoMCKBtht8usm4USQSfIsyhY+XPpwobGMwGHUKe
WhoyokFkfkxlMywkfNO4h3x21+d5cDDo7dfkZpi6YWxvWQJ8HLYJOZB09njwuJGL
iitEGy7r3PBVrnwKyNeJ8QjZyUIIN67p3jqWLGRORq9DDRAG7fCR+/Fi9CoOfAvk
d9bI0C1uA78z0Y0jq0KRby5IjaDzgsvyIUUZBnyPGC8fWpr+Z3SKbPlLfhl1plN4
kW7ZcTCJlw2xI+26S82z0K+6cRgx+IovS1cKGo01uTaU2EnTm+6LZNRHlLbwj/+z
x13/Zzgof+2qnQyaeRoXHJsAeJLCqHOXxHhTsx6nUnE=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:50:01 2025 by rpki-client