Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/puWChkO72RkJbKhmUzDCGfDt3UQ.roa
File: puWChkO72RkJbKhmUzDCGfDt3UQ.roa (raw, json)
Hash identifier: R0Az3zb27as3ciRkr9GGevXb4drLZNUy+4w2VPCPbdE=
Subject key identifier: A6:E5:82:86:43:BB:D9:19:09:6C:A8:66:53:30:C2:19:F0:ED:DD:44
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1498
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/puWChkO72RkJbKhmUzDCGfDt3UQ.roa
Signing time: Fri 22 Aug 2025 09:00:36 +0000
ROA not before: Fri 22 Aug 2025 09:00:36 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 18419
IP address blocks: 218.35.24.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5272 (0x1498)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Aug 22 09:00:36 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=A6E5828643BBD919096CA8665330C219F0EDDD44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:21:2a:41:f4:dc:82:f2:81:b5:f1:65:c3:ef:
b6:a8:aa:47:a5:67:b0:62:32:d2:79:76:90:97:a3:
81:22:9f:40:ea:b1:09:fb:96:ab:d2:7a:3a:c3:54:
6d:e5:c1:78:5a:95:bc:b3:6c:ef:88:3b:8f:4b:3c:
ec:3b:63:b9:6f:41:89:04:cd:c0:c6:bb:ea:9f:4f:
d1:86:2a:a2:10:95:88:90:d3:e1:c7:7d:87:35:c8:
9d:2f:38:94:54:cf:9a:b1:6e:60:3d:39:d1:88:af:
93:26:d6:24:bb:3f:22:94:de:ad:e5:39:cd:8b:12:
d4:49:bc:0a:e8:3e:dd:7e:95:56:95:00:4f:f0:1e:
ab:82:42:2d:19:5b:9f:5e:f8:54:56:c9:9b:05:76:
58:41:54:92:a1:16:06:7d:a3:74:31:d7:d5:f1:63:
b6:de:b9:98:08:5b:26:ab:ac:56:07:1d:51:93:cd:
bd:36:bc:53:24:e8:7a:3e:1b:35:43:71:88:89:70:
8a:47:75:5e:8d:95:93:83:5a:a8:fb:78:37:e9:e9:
3c:0b:8d:e3:ca:ea:f1:be:ff:5a:a4:11:26:3d:b6:
c2:1e:91:d8:1d:e8:94:96:64:d6:13:46:29:2e:14:
78:13:3c:d1:61:de:90:7b:0d:83:41:a6:95:21:f4:
18:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:E5:82:86:43:BB:D9:19:09:6C:A8:66:53:30:C2:19:F0:ED:DD:44
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/puWChkO72RkJbKhmUzDCGfDt3UQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.24.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:13:6b:87:e2:d5:a1:b8:27:eb:cc:d3:c5:6e:25:e5:b3:98:
02:be:13:d9:29:08:65:27:db:d7:02:11:d3:b9:4b:ba:fa:c9:
20:35:85:ab:e5:8b:d8:6e:02:3a:af:98:ed:52:50:79:dc:bc:
59:46:9d:c0:24:d0:c4:c8:ac:fc:22:e6:d6:c6:1b:14:a4:a9:
e7:2b:9f:02:80:2e:24:07:f3:f3:1a:69:fa:19:6a:bf:46:7e:
d0:6e:b8:ea:fd:fe:71:6c:f5:95:91:0e:17:57:3d:4e:44:bb:
26:aa:f9:36:80:ca:0a:89:c4:b1:67:31:50:8a:91:f7:12:39:
3d:08:3a:fa:d5:0a:14:47:86:e1:17:ea:7b:57:5a:4d:43:28:
a7:4d:13:67:a9:e6:8f:2e:2f:26:40:9b:06:45:24:d4:4b:a3:
dc:40:7e:4f:bb:2d:9e:02:0e:dd:ff:1a:7b:80:07:fa:e3:4b:
1b:97:89:21:53:ff:82:97:83:9b:a4:2c:44:be:25:6d:3b:a2:
02:5b:4c:73:7b:10:59:6b:1e:1b:3e:ca:d2:8c:8f:20:ac:1f:
45:98:2b:66:1c:df:c2:f4:11:79:97:7e:15:c7:f5:d1:0a:5b:
9c:5b:d0:41:0e:ba:9a:76:02:c9:e9:3b:20:96:f5:09:93:c3:
63:09:b9:86
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICFJgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTA4MjIw
OTAwMzZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEE2RTU4Mjg2NDNCQkQ5
MTkwOTZDQTg2NjUzMzBDMjE5RjBFRERENDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPISpB9NyC8oG18WXD77aoqkelZ7BiMtJ5dpCXo4Ein0DqsQn7
lqvSejrDVG3lwXhalbyzbO+IO49LPOw7Y7lvQYkEzcDGu+qfT9GGKqIQlYiQ0+HH
fYc1yJ0vOJRUz5qxbmA9OdGIr5Mm1iS7PyKU3q3lOc2LEtRJvAroPt1+lVaVAE/w
HquCQi0ZW59e+FRWyZsFdlhBVJKhFgZ9o3Qx19XxY7beuZgIWyarrFYHHVGTzb02
vFMk6Ho+GzVDcYiJcIpHdV6NlZODWqj7eDfp6TwLjePK6vG+/1qkESY9tsIekdgd
6JSWZNYTRikuFHgTPNFh3pB7DYNBppUh9BhBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUpuWChkO72RkJbKhmUzDCGfDt3UQwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3B1V0Noa083MlJrSmJLaG1VekRDR2ZE
dDNVUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHaIxgwDQYJ
KoZIhvcNAQELBQADggEBAGoTa4fi1aG4J+vM08VuJeWzmAK+E9kpCGUn29cCEdO5
S7r6ySA1havli9huAjqvmO1SUHncvFlGncAk0MTIrPwi5tbGGxSkqecrnwKALiQH
8/MaafoZar9GftBuuOr9/nFs9ZWRDhdXPU5Euyaq+TaAygqJxLFnMVCKkfcSOT0I
OvrVChRHhuEX6ntXWk1DKKdNE2ep5o8uLyZAmwZFJNRLo9xAfk+7LZ4CDt3/GnuA
B/rjSxuXiSFT/4KXg5ukLES+JW07ogJbTHN7EFlrHhs+ytKMjyCsH0WYK2Yc38L0
EXmXfhXH9dEKW5xb0EEOupp2AsnpOyCW9QmTw2MJuYY=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:46 2025 by rpki-client