Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCHC/9U_K9Sfdp5hTaa2_wofSJBg6xCs.roa
File: 9U_K9Sfdp5hTaa2_wofSJBg6xCs.roa (raw, json)
Hash identifier: /r0Obls3XF73x0i86UR9hvXwRQ8EFzoxS8HZ1MvBMW0=
Subject key identifier: F5:4F:CA:F5:27:DD:A7:98:53:69:AD:BF:C2:87:D2:24:18:3A:C4:2B
Certificate issuer: /CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Certificate serial: 0DA3
Authority key identifier: ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/9U_K9Sfdp5hTaa2_wofSJBg6xCs.roa
Signing time: Fri 22 Aug 2025 08:54:26 +0000
ROA not before: Fri 22 Aug 2025 08:54:26 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 7539
IP address blocks: 2001:e10::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3491 (0xda3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Validity
Not Before: Aug 22 08:54:26 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=F54FCAF527DDA7985369ADBFC287D224183AC42B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:8c:68:cd:7a:8a:c9:5d:3e:b5:ac:d0:77:ab:
30:c2:9a:31:c3:e1:82:81:14:6e:72:66:e4:23:c0:
c4:13:7f:57:b7:ab:e3:5a:7c:a0:21:60:f9:00:ed:
a1:db:be:95:1d:c4:b7:d2:1a:1c:2f:62:cb:2f:d8:
9f:af:03:50:a8:a9:08:a1:ec:b1:b2:a4:67:a3:4e:
8e:9a:2a:79:1c:40:33:30:c0:e1:4a:cf:53:5f:d0:
e7:6e:af:1f:30:c6:04:c7:42:af:ae:e7:69:7f:19:
35:83:32:19:dc:f6:f7:6b:03:cc:dd:57:7c:1f:39:
38:bf:6c:6b:6c:97:ef:28:61:94:77:2a:36:e9:ab:
33:6f:32:68:e3:1d:27:68:4b:91:48:ff:ef:0d:1c:
7e:cd:e2:61:ac:82:a1:7c:76:73:2a:44:32:ea:28:
16:4c:ac:d7:e9:75:05:25:6c:04:e9:da:55:ee:89:
a1:54:2d:a1:9b:82:33:f2:57:45:26:b7:30:ab:89:
6d:d2:5a:f9:73:81:fa:e3:57:8a:3e:c9:5f:06:b9:
38:94:7c:41:1c:17:b9:d4:d2:53:b5:e0:60:f6:60:
f8:42:72:05:58:ff:e5:5d:aa:e9:af:39:3e:0b:ef:
1e:cc:46:c4:b5:27:58:ca:2b:31:f1:26:cf:80:51:
90:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:4F:CA:F5:27:DD:A7:98:53:69:AD:BF:C2:87:D2:24:18:3A:C4:2B
X509v3 Authority Key Identifier:
keyid:ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/9U_K9Sfdp5hTaa2_wofSJBg6xCs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:e10::/32
Signature Algorithm: sha256WithRSAEncryption
61:73:39:6d:34:e0:ae:d4:30:f7:44:4d:f4:c5:84:96:dc:fc:
9d:0f:63:33:8e:85:32:99:6c:75:ae:4f:04:6c:fa:40:28:64:
4b:19:e8:4d:7c:9f:f1:d7:55:33:58:e8:6d:da:db:e5:01:88:
55:d7:af:c6:70:1e:30:c7:79:a9:de:b5:ac:c0:ba:69:39:0c:
f0:9a:73:63:02:9c:db:99:a1:02:f1:c7:cf:7b:9f:ba:34:b7:
a6:1d:33:64:a3:c7:3e:85:bc:2b:c5:d3:3c:0d:b8:52:ef:5a:
45:94:e3:03:03:ce:3f:49:b3:d6:50:87:ed:83:b3:c6:cc:05:
d5:5d:f2:8e:84:3b:de:d2:db:f8:de:9c:ee:85:48:ea:2f:9b:
c2:6a:dc:c4:0e:18:80:76:55:39:31:6d:bd:44:73:df:24:6e:
57:e8:bc:8f:b6:1d:62:88:ee:b9:1b:d3:78:58:0f:61:25:bc:
25:75:df:5c:76:35:b1:2a:4f:61:11:43:e9:b8:6e:71:aa:94:
8d:a4:8a:ee:ea:67:94:f5:41:1f:02:75:d0:85:7b:21:86:b3:
38:b7:e3:84:ed:1a:77:b1:55:86:89:d0:53:9f:85:b2:22:96:
d6:82:5a:87:cc:a8:53:c8:f1:2b:21:8e:49:e4:3e:8a:45:eb:
d3:41:58:29
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDaMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQz
ODY4NUZGM0VBMUY0NjY4NURFNUY1N0M2QTRCODEwNDQ4MTg5MTAeFw0yNTA4MjIw
ODU0MjZaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEY1NEZDQUY1MjdEREE3
OTg1MzY5QURCRkMyODdEMjI0MTgzQUM0MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhjGjNeorJXT61rNB3qzDCmjHD4YKBFG5yZuQjwMQTf1e3q+Na
fKAhYPkA7aHbvpUdxLfSGhwvYssv2J+vA1CoqQih7LGypGejTo6aKnkcQDMwwOFK
z1Nf0Odurx8wxgTHQq+u52l/GTWDMhnc9vdrA8zdV3wfOTi/bGtsl+8oYZR3Kjbp
qzNvMmjjHSdoS5FI/+8NHH7N4mGsgqF8dnMqRDLqKBZMrNfpdQUlbATp2lXuiaFU
LaGbgjPyV0UmtzCriW3SWvlzgfrjV4o+yV8GuTiUfEEcF7nU0lO14GD2YPhCcgVY
/+VdqumvOT4L7x7MRsS1J1jKKzHxJs+AUZAnAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU9U/K9Sfdp5hTaa2/wofSJBg6xCswHwYDVR0jBBgwFoAU7ThoX/PqH0ZoXeX1
fGpLgQRIGJEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNIQy83
VGhvWF9QcUgwWm9YZVgxZkdwTGdRUklHSkUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzdUaG9YX1BxSDBab1hlWDFmR3BMZ1FSSUdKRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSEMvOVVfSzlTZmRwNWhUYWEyX3dvZlNK
Qmc2eENzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABDhAw
DQYJKoZIhvcNAQELBQADggEBAGFzOW004K7UMPdETfTFhJbc/J0PYzOOhTKZbHWu
TwRs+kAoZEsZ6E18n/HXVTNY6G3a2+UBiFXXr8ZwHjDHeanetazAumk5DPCac2MC
nNuZoQLxx897n7o0t6YdM2Sjxz6FvCvF0zwNuFLvWkWU4wMDzj9Js9ZQh+2Ds8bM
BdVd8o6EO97S2/jenO6FSOovm8Jq3MQOGIB2VTkxbb1Ec98kblfovI+2HWKI7rkb
03hYD2ElvCV131x2NbEqT2ERQ+m4bnGqlI2kiu7qZ5T1QR8CddCFeyGGszi344Tt
GnexVYaJ0FOfhbIiltaCWofMqFPI8SshjknkPopF69NBWCk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:57:56 2025 by rpki-client