Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/PQZ7xOezw9es6nQ420QMNGKpX4U.roa
File: PQZ7xOezw9es6nQ420QMNGKpX4U.roa (raw, json)
Hash identifier: IyvsccRxuBqwNgfap88+e5yNbcD7cwI91LBDMhkh4W8=
Subject key identifier: 3D:06:7B:C4:E7:B3:C3:D7:AC:EA:74:38:DB:44:0C:34:62:A9:5F:85
Certificate issuer: /CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647
Certificate serial: 0130
Authority key identifier: BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/PQZ7xOezw9es6nQ420QMNGKpX4U.roa
Signing time: Fri 22 Aug 2025 08:58:52 +0000
ROA not before: Fri 22 Aug 2025 08:58:52 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 9678
IP address blocks: 2.58.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 304 (0x130)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647
Validity
Not Before: Aug 22 08:58:52 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=3D067BC4E7B3C3D7ACEA7438DB440C3462A95F85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:86:43:83:d7:74:f5:46:10:cf:df:4c:ef:a1:
fd:64:1e:28:9e:ff:52:a7:8b:91:44:b6:f0:60:bc:
e6:01:5a:6f:d0:2d:f1:bc:05:d5:01:4c:0c:2b:bf:
6d:6d:1c:e5:06:b7:c3:3a:07:31:3e:c0:b7:20:a4:
bc:db:ad:4c:ab:81:ef:5f:1b:a7:f0:80:7c:c9:75:
8b:71:13:9d:3e:cd:ce:43:94:66:09:4d:e0:67:a2:
fb:80:ff:b6:ba:f8:19:cc:81:18:4f:4b:4b:a7:14:
80:65:8c:ce:e8:e8:f8:98:a0:3b:5a:de:92:62:8e:
1a:50:dd:14:75:e4:f5:da:5a:6d:10:39:4c:b1:ad:
1d:2f:ad:77:ac:e2:c9:27:5d:85:dd:19:ae:59:e6:
9d:82:4f:32:8b:d4:00:92:25:9a:be:b1:aa:6c:df:
4f:de:e9:ea:25:14:5a:d6:94:14:03:c5:a7:f0:f3:
06:e7:22:f6:f5:b0:7f:da:37:ab:b3:12:90:22:f3:
7e:32:6f:43:5b:8a:d2:d5:ae:ac:35:28:9f:44:79:
c9:89:15:fe:7d:fa:a9:98:89:4e:3c:f6:74:8a:38:
dd:78:9a:64:58:96:db:ea:02:29:4f:97:33:ab:00:
79:9e:dc:a0:71:6b:25:62:09:38:45:13:ac:d1:81:
e0:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:06:7B:C4:E7:B3:C3:D7:AC:EA:74:38:DB:44:0C:34:62:A9:5F:85
X509v3 Authority Key Identifier:
keyid:BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/PQZ7xOezw9es6nQ420QMNGKpX4U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
2.58.241.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:08:1b:eb:94:82:6c:0c:ef:7f:b8:87:74:50:f4:75:d2:04:
c9:fe:a4:84:86:ac:5e:41:a3:fd:cd:c4:57:c6:82:ce:8f:29:
64:8d:2c:0c:0f:9c:72:aa:10:c6:46:30:38:c5:fc:eb:6d:9f:
ef:26:01:5b:db:76:d8:8f:e6:cf:22:df:d5:b8:83:41:0b:8c:
4f:93:96:6f:f7:ba:a5:58:87:ad:48:5d:1d:23:23:26:e8:b1:
2a:21:12:4b:a4:45:89:92:18:da:a6:22:9b:8b:3b:87:84:bf:
19:02:c8:42:3e:99:50:8e:a8:29:72:d0:72:20:fd:d3:5a:9c:
d8:73:61:66:b5:7f:5c:a4:09:e6:09:12:da:b7:ec:57:5c:35:
c1:79:a8:86:f5:da:7d:5a:cc:bf:6a:36:e7:c4:98:84:73:34:
4a:8f:53:7a:eb:f7:5c:a0:2c:c3:d7:86:74:52:0c:8d:0f:5c:
18:45:e9:86:15:5a:94:98:c5:16:d7:66:bb:47:55:de:1c:af:
9e:7b:73:86:5f:ec:b2:30:2b:55:f1:99:a0:ae:9e:ec:83:30:
c0:0d:a6:a6:b4:56:ec:f7:7b:5e:a0:2c:d1:fb:a7:80:d8:e4:
ee:6b:e3:11:92:85:e1:26:bb:7a:b4:a6:6a:be:3a:a5:68:27:
e2:0b:52:12
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICATAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkI4
OEE5MTc4NUE3ODJDOEVBM0NEREVEM0U3QzFGMDlEQTc5RjY0NzAeFw0yNTA4MjIw
ODU4NTJaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNEMDY3QkM0RTdCM0Mz
RDdBQ0VBNzQzOERCNDQwQzM0NjJBOTVGODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1hkOD13T1RhDP30zvof1kHiie/1Kni5FEtvBgvOYBWm/QLfG8
BdUBTAwrv21tHOUGt8M6BzE+wLcgpLzbrUyrge9fG6fwgHzJdYtxE50+zc5DlGYJ
TeBnovuA/7a6+BnMgRhPS0unFIBljM7o6PiYoDta3pJijhpQ3RR15PXaWm0QOUyx
rR0vrXes4sknXYXdGa5Z5p2CTzKL1ACSJZq+saps30/e6eolFFrWlBQDxafw8wbn
Ivb1sH/aN6uzEpAi834yb0NbitLVrqw1KJ9EecmJFf59+qmYiU489nSKON14mmRY
ltvqAilPlzOrAHme3KBxayViCThFE6zRgeBvAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUPQZ7xOezw9es6nQ420QMNGKpX4UwHwYDVR0jBBgwFoAUu4ipF4WngsjqPN3t
PnwfCdp59kcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3U0aXBGNFduZ3NqcVBOM3RQbndmQ2RwNTlrYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvdTRpcEY0V25nc2pxUE4zdFBud2ZDZHA1OWtjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL1BRWjd4T2V6dzllczZuUTQy
MFFNTkdLcFg0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAC
OvEwDQYJKoZIhvcNAQELBQADggEBAD0IG+uUgmwM73+4h3RQ9HXSBMn+pISGrF5B
o/3NxFfGgs6PKWSNLAwPnHKqEMZGMDjF/Ottn+8mAVvbdtiP5s8i39W4g0ELjE+T
lm/3uqVYh61IXR0jIybosSohEkukRYmSGNqmIpuLO4eEvxkCyEI+mVCOqCly0HIg
/dNanNhzYWa1f1ykCeYJEtq37FdcNcF5qIb12n1azL9qNufEmIRzNEqPU3rr91yg
LMPXhnRSDI0PXBhF6YYVWpSYxRbXZrtHVd4cr557c4Zf7LIwK1XxmaCunuyDMMAN
pqa0Vuz3e16gLNH7p4DY5O5r4xGSheEmu3q0pmq+OqVoJ+ILUhI=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:53:33 2025 by rpki-client