Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/1NvRIIgsw36jv1JPruOnfe6B5l0.roa
File: 1NvRIIgsw36jv1JPruOnfe6B5l0.roa (raw, json)
Hash identifier: wr3wO5pomnNqcHXEV81x9pHMfpgLRKocC+eB8odzGOM=
Subject key identifier: D4:DB:D1:20:88:2C:C3:7E:A3:BF:52:4F:AE:E3:A7:7D:EE:81:E6:5D
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0D93
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/1NvRIIgsw36jv1JPruOnfe6B5l0.roa
Signing time: Fri 22 Aug 2025 08:52:54 +0000
ROA not before: Fri 22 Aug 2025 08:52:54 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 4780
IP address blocks: 114.29.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3475 (0xd93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Aug 22 08:52:54 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=D4DBD120882CC37EA3BF524FAEE3A77DEE81E65D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:5a:c3:23:3c:bb:aa:e6:7b:69:80:bc:08:85:
37:8a:c8:6c:17:a3:c1:72:ae:32:78:13:1f:fe:66:
6f:cc:34:4a:05:14:68:74:99:1c:09:7f:40:3b:c1:
be:06:a2:a5:34:df:c9:3b:3d:5d:24:e2:95:08:71:
f2:cd:6c:6f:aa:e8:e1:be:bc:3d:18:e9:c9:e8:8a:
70:d2:4e:d5:0c:a7:83:71:57:cb:f7:7c:ce:d3:04:
ed:af:37:c2:26:a2:8a:73:68:5a:ce:bd:32:d6:c0:
89:a3:e1:3a:38:76:d4:ad:1e:e9:8a:77:51:8d:bb:
a3:a3:f7:55:49:61:ee:55:da:ad:37:53:4b:1f:8c:
7f:35:7f:7c:5e:08:d8:ad:c3:16:39:18:f6:43:c6:
81:74:f8:92:26:4a:1e:e1:ef:99:a3:06:bf:ee:e7:
13:fb:b7:0f:ad:98:3f:7d:64:b3:16:29:b1:35:09:
12:22:48:83:3a:ef:a1:b5:6f:bc:12:9c:11:77:65:
cd:61:e7:ee:71:d4:55:df:34:7a:df:d0:30:e1:1d:
24:25:22:d0:3c:e2:6c:35:bb:a1:49:6a:0a:dc:26:
bf:9d:6b:17:53:dd:fd:9e:43:0d:a9:d3:e7:3a:a1:
9c:d8:62:c6:6e:76:8f:2f:3f:a4:3f:40:7f:e6:fc:
bd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DB:D1:20:88:2C:C3:7E:A3:BF:52:4F:AE:E3:A7:7D:EE:81:E6:5D
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/1NvRIIgsw36jv1JPruOnfe6B5l0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.29.240.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:28:34:db:bc:8e:73:ca:b0:0c:f7:e1:50:42:d9:d7:3d:59:
83:fe:b4:cd:fa:a3:df:70:41:10:83:37:7c:50:63:a5:dc:c0:
11:27:14:de:6e:bb:d4:78:86:79:c5:9d:9b:89:c2:6b:a2:a3:
60:01:c3:40:92:f7:d7:a4:3d:a2:49:ae:0a:b5:c0:f6:c0:a1:
23:95:3d:2d:e8:6c:26:f9:8d:77:5d:3a:7e:5e:0f:5d:83:94:
23:c2:18:12:c8:df:ca:3c:d9:e7:2e:f6:e4:4d:3f:8b:85:a4:
cd:d8:71:9f:2e:e5:ad:d9:83:7e:dd:33:12:a1:3f:f3:21:9d:
d6:90:1d:84:4a:bc:e0:24:ac:5e:a0:a0:4d:a9:da:d8:8c:72:
be:c3:1a:30:98:04:f2:51:97:7a:41:e8:9e:f8:ac:6c:b4:8b:
86:fa:0c:3d:2e:62:4c:e1:bc:cd:64:28:89:f4:3d:13:83:b9:
98:7a:5a:77:d5:b4:3e:2c:9f:3b:1c:56:ab:c6:90:10:b2:35:
3a:f9:61:0e:36:e2:c5:59:41:5d:22:84:d6:37:91:d2:57:73:
69:e8:16:f9:cf:73:76:f3:a2:5f:01:b2:57:e1:11:bf:d3:97:
5b:6e:58:5e:9e:44:86:d1:49:f1:0d:8e:a6:08:3e:ef:7d:6f:
45:6f:41:48
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDZMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTA4MjIw
ODUyNTRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQ0REJEMTIwODgyQ0Mz
N0VBM0JGNTI0RkFFRTNBNzdERUU4MUU2NUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiWsMjPLuq5ntpgLwIhTeKyGwXo8FyrjJ4Ex/+Zm/MNEoFFGh0
mRwJf0A7wb4GoqU038k7PV0k4pUIcfLNbG+q6OG+vD0Y6cnoinDSTtUMp4NxV8v3
fM7TBO2vN8ImoopzaFrOvTLWwImj4To4dtStHumKd1GNu6Oj91VJYe5V2q03U0sf
jH81f3xeCNitwxY5GPZDxoF0+JImSh7h75mjBr/u5xP7tw+tmD99ZLMWKbE1CRIi
SIM676G1b7wSnBF3Zc1h5+5x1FXfNHrf0DDhHSQlItA84mw1u6FJagrcJr+daxdT
3f2eQw2p0+c6oZzYYsZudo8vP6Q/QH/m/L0FAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU1NvRIIgsw36jv1JPruOnfe6B5l0wHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBLzFOdlJJSWdzdzM2anYxSlBydU9uZmU2
QjVsMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ
KoZIhvcNAQELBQADggEBAFooNNu8jnPKsAz34VBC2dc9WYP+tM36o99wQRCDN3xQ
Y6XcwBEnFN5uu9R4hnnFnZuJwmuio2ABw0CS99ekPaJJrgq1wPbAoSOVPS3obCb5
jXddOn5eD12DlCPCGBLI38o82ecu9uRNP4uFpM3YcZ8u5a3Zg37dMxKhP/MhndaQ
HYRKvOAkrF6goE2p2tiMcr7DGjCYBPJRl3pB6J74rGy0i4b6DD0uYkzhvM1kKIn0
PRODuZh6WnfVtD4snzscVqvGkBCyNTr5YQ424sVZQV0ihNY3kdJXc2noFvnPc3bz
ol8BslfhEb/Tl1tuWF6eRIbRSfENjqYIPu99b0VvQUg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:57:48 2025 by rpki-client