Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/KptL_OsZJNSpXqxERvlcBU9c_oo.roa
File: KptL_OsZJNSpXqxERvlcBU9c_oo.roa (raw, json)
Hash identifier: Pq0HdxEz+l0Zfm8k4btgDrPodsJqm6/2QijT+pwXK6U=
Subject key identifier: 2A:9B:4B:FC:EB:19:24:D4:A9:5E:AC:44:46:F9:5C:05:4F:5C:FE:8A
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 02D2
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/KptL_OsZJNSpXqxERvlcBU9c_oo.roa
Signing time: Wed 08 Oct 2025 07:17:44 +0000
ROA not before: Wed 08 Oct 2025 07:17:44 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 152609
IP address blocks: 157.20.248.0/28 maxlen: 28
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 722 (0x2d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: Oct 8 07:17:44 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=2A9B4BFCEB1924D4A95EAC4446F95C054F5CFE8A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:e0:96:20:9f:5d:fb:4a:b9:80:75:45:3d:45:
22:21:e3:16:0c:f9:d0:11:32:50:7a:42:7a:a7:1f:
fc:33:b7:cd:f8:9d:bb:e7:01:7c:af:c0:89:ca:33:
3a:ed:20:a0:80:28:e6:bb:67:8d:74:e3:31:11:7f:
41:bc:2a:79:1e:d6:c9:fc:07:3a:e4:e3:e6:e6:25:
15:27:73:8a:75:8d:a8:52:8c:6e:0f:6d:b0:e3:04:
e8:ee:9b:f6:bd:2b:77:c0:ae:d0:17:8a:17:8d:8c:
e5:de:0d:37:53:01:99:6c:5c:e5:73:92:e7:6f:82:
2a:b4:b3:54:cd:e7:5d:08:6a:f7:81:e4:38:46:cd:
3b:b6:ca:4a:69:42:83:1d:ee:c1:60:70:58:bb:aa:
0c:3c:1c:c0:a2:b0:64:f8:db:43:3c:c1:76:af:0a:
4e:2b:40:6f:d6:06:5d:b6:47:5d:59:57:a9:3f:e7:
7b:73:f3:d3:ee:7a:54:1b:13:dc:29:fc:8f:ce:4f:
12:97:d8:e0:46:ed:a6:e9:b7:9a:5a:fd:8b:42:06:
53:bf:94:54:09:3b:9b:6b:33:19:8a:00:d4:53:d9:
87:42:35:77:33:a8:93:7a:ca:88:0f:27:06:85:f6:
78:40:05:32:c6:51:e2:52:dc:2e:0e:74:16:dc:fb:
d2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:9B:4B:FC:EB:19:24:D4:A9:5E:AC:44:46:F9:5C:05:4F:5C:FE:8A
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/KptL_OsZJNSpXqxERvlcBU9c_oo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.248.0/28
Signature Algorithm: sha256WithRSAEncryption
34:8a:da:92:28:d0:fe:fe:da:d8:79:6e:11:43:c7:f7:bc:a3:
9c:13:3c:94:f8:11:33:31:72:e2:f7:34:ff:0a:b8:51:c8:e8:
c0:6c:d9:d9:80:ea:15:de:b4:c6:17:49:d7:e9:d7:c3:72:90:
37:ea:a6:1b:43:9e:23:a3:3e:83:74:d5:6f:1b:ea:c8:2e:22:
e1:7c:68:13:99:ff:c7:c2:cb:66:99:f5:64:0d:f2:83:92:c4:
e6:37:99:f7:3a:e7:fb:ac:e8:12:e7:a4:36:4b:ed:b0:c4:c5:
d5:cd:2f:12:e8:04:93:0f:7d:ed:ca:bb:b3:d9:31:8a:6d:53:
63:c0:0b:66:46:a2:8b:5b:fa:f7:b0:6b:77:01:d6:c2:7f:89:
70:7f:c4:cc:06:cc:9c:a2:48:30:fe:9f:bd:ce:04:32:a3:66:
71:d4:3c:79:e0:29:5d:ad:67:78:ed:38:5b:52:ab:7d:1d:c9:
b0:dc:16:af:b6:57:8d:70:c6:f0:25:4d:b5:f1:65:37:29:73:
45:1d:18:d9:56:d5:b6:f9:e0:df:e0:76:fe:1e:15:d4:04:41:
ec:3c:ea:c1:c5:5a:c0:27:be:99:a3:e8:b2:d5:03:42:66:5f:
d9:c0:0d:c2:cb:59:a6:6d:12:cd:97:d8:b4:7b:99:a5:cd:62:
ac:94:3b:09
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICAtIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjMz
QTcyQUFGNzk4MTA1QkIyNzdGMDk0NDU4RTQ2NEI0NjU5RjgwMzAeFw0yNTEwMDgw
NzE3NDRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDJBOUI0QkZDRUIxOTI0
RDRBOTVFQUM0NDQ2Rjk1QzA1NEY1Q0ZFOEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDp4JYgn137SrmAdUU9RSIh4xYM+dARMlB6QnqnH/wzt834nbvn
AXyvwInKMzrtIKCAKOa7Z4104zERf0G8Knke1sn8Bzrk4+bmJRUnc4p1jahSjG4P
bbDjBOjum/a9K3fArtAXiheNjOXeDTdTAZlsXOVzkudvgiq0s1TN510IaveB5DhG
zTu2ykppQoMd7sFgcFi7qgw8HMCisGT420M8wXavCk4rQG/WBl22R11ZV6k/53tz
89PuelQbE9wp/I/OTxKX2OBG7abpt5pa/YtCBlO/lFQJO5trMxmKANRT2YdCNXcz
qJN6yogPJwaF9nhABTLGUeJS3C4OdBbc+9KRAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUKptL/OsZJNSpXqxERvlcBU9c/oowHwYDVR0jBBgwFoAU8zpyqveYEFuyd/CU
RY5GS0ZZ+AMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC84
enB5cXZlWUVGdXlkX0NVUlk1R1MwWlotQU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Lzh6cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0lBTVQvS3B0TF9Pc1pKTlNwWHF4RVJ2bGNC
VTljX29vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFBJ0U+AAw
DQYJKoZIhvcNAQELBQADggEBADSK2pIo0P7+2th5bhFDx/e8o5wTPJT4ETMxcuL3
NP8KuFHI6MBs2dmA6hXetMYXSdfp18NykDfqphtDniOjPoN01W8b6sguIuF8aBOZ
/8fCy2aZ9WQN8oOSxOY3mfc65/us6BLnpDZL7bDExdXNLxLoBJMPfe3Ku7PZMYpt
U2PAC2ZGootb+vewa3cB1sJ/iXB/xMwGzJyiSDD+n73OBDKjZnHUPHngKV2tZ3jt
OFtSq30dybDcFq+2V41wxvAlTbXxZTcpc0UdGNlW1bb54N/gdv4eFdQEQew86sHF
WsAnvpmj6LLVA0JmX9nADcLLWaZtEs2X2LR7maXNYqyUOwk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:35:36 2025 by rpki-client