Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/8Td2JCIj1A9DHRyJAI1P9i55qXo.roa
File: 8Td2JCIj1A9DHRyJAI1P9i55qXo.roa (raw, json)
Hash identifier: Ijtv5s5RufRZ8sFRbblaCqvZdsvSyW80iIHvEML5n30=
Subject key identifier: F1:37:76:24:22:23:D4:0F:43:1D:1C:89:00:8D:4F:F6:2E:79:A9:7A
Certificate issuer: /CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Certificate serial: 1069
Authority key identifier: B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/8Td2JCIj1A9DHRyJAI1P9i55qXo.roa
Signing time: Fri 22 Aug 2025 08:54:13 +0000
ROA not before: Fri 22 Aug 2025 08:54:13 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 4780
IP address blocks: 192.72.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4201 (0x1069)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4A65A0EB8669219C4185442D49FC9D6F825B665
Validity
Not Before: Aug 22 08:54:13 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=F13776242223D40F431D1C89008D4FF62E79A97A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ae:70:ff:06:85:fa:b5:a3:c5:98:31:97:a7:
5e:ac:a2:1a:e3:24:0f:e8:ac:37:5e:df:41:f1:3f:
ea:04:da:2d:3f:57:1e:ba:e4:a5:86:4d:bd:79:ee:
f4:d8:81:c0:dc:24:82:ba:fc:53:0e:53:fc:d4:c0:
2e:12:d5:63:09:8f:39:94:f8:5d:a5:83:9c:bc:dd:
6e:06:fe:fa:82:06:dc:35:94:cc:0f:6e:23:47:c8:
18:b2:7e:fd:a0:36:e2:43:ba:39:f7:3f:93:65:ed:
8b:86:32:5a:74:87:91:7b:b8:73:18:1f:fd:84:b6:
67:e1:c4:08:36:55:ae:31:c0:40:99:6d:bf:70:c2:
8d:6f:84:5d:6b:e9:59:b9:a3:51:fd:33:db:01:2e:
77:22:20:19:e4:af:20:41:0b:75:18:37:18:b5:01:
f9:6f:3e:f4:e8:fd:91:8b:4f:a9:56:cc:de:a9:c9:
cd:c6:fc:00:4e:65:85:33:91:35:1b:dc:57:92:92:
07:ea:68:fe:2f:12:a2:83:69:7c:1e:3a:92:d7:48:
0f:00:48:13:52:95:02:b4:f4:26:f9:46:38:45:a6:
45:28:b2:48:bd:66:23:04:f4:93:2a:b9:2b:50:ad:
e0:48:26:d4:35:d0:d1:e7:08:2a:26:d7:69:92:e6:
d5:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:37:76:24:22:23:D4:0F:43:1D:1C:89:00:8D:4F:F6:2E:79:A9:7A
X509v3 Authority Key Identifier:
keyid:B4:A6:5A:0E:B8:66:92:19:C4:18:54:42:D4:9F:C9:D6:F8:25:B6:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/tKZaDrhmkhnEGFRC1J_J1vgltmU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tKZaDrhmkhnEGFRC1J_J1vgltmU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/8Td2JCIj1A9DHRyJAI1P9i55qXo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.72.252.0/24
Signature Algorithm: sha256WithRSAEncryption
46:8d:0d:46:ba:62:d1:b2:17:81:fe:2c:75:56:93:fb:c9:f2:
0e:24:bb:4e:f4:d3:af:62:e9:ba:40:99:2a:18:1b:f6:4a:9d:
b6:dc:e0:ec:d7:98:00:7e:2a:7a:1f:d2:95:56:01:14:37:8b:
93:e3:1c:c0:03:8a:53:45:aa:6a:df:20:1f:f2:c3:0c:54:18:
98:fc:41:a8:4a:a1:4c:cf:5b:e7:f3:6d:0c:5b:00:c8:0e:90:
b5:a4:1d:27:21:bd:ef:40:e5:d8:2e:72:f1:9a:b2:b3:69:bd:
9e:a5:7a:9d:51:fd:91:32:30:f4:f7:42:91:c3:10:b8:f9:b5:
f6:cb:08:08:81:5c:ed:30:a2:0c:5e:18:1e:92:46:d6:35:77:
49:ab:7a:bd:7a:f8:36:d8:0b:4c:26:81:ca:09:d6:0b:37:95:
ae:3c:b7:81:9b:29:eb:4d:1a:22:56:9a:5e:c9:c5:d8:bc:74:
48:ba:01:76:19:1f:ef:a4:4f:c9:59:7a:f5:38:10:14:09:bc:
20:3a:ec:1a:0a:99:ac:aa:39:09:a9:67:49:21:1d:f9:53:1c:
fa:1d:ad:1a:8d:1b:b5:a7:5f:81:4c:19:32:f8:8d:69:5e:4b:
56:a1:fe:e8:a0:40:90:35:3e:14:11:d9:02:5b:1f:a4:f5:77:
f7:f0:fe:fc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEGkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRB
NjVBMEVCODY2OTIxOUM0MTg1NDQyRDQ5RkM5RDZGODI1QjY2NTAeFw0yNTA4MjIw
ODU0MTNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEYxMzc3NjI0MjIyM0Q0
MEY0MzFEMUM4OTAwOEQ0RkY2MkU3OUE5N0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUrnD/BoX6taPFmDGXp16sohrjJA/orDde30HxP+oE2i0/Vx66
5KWGTb157vTYgcDcJIK6/FMOU/zUwC4S1WMJjzmU+F2lg5y83W4G/vqCBtw1lMwP
biNHyBiyfv2gNuJDujn3P5Nl7YuGMlp0h5F7uHMYH/2EtmfhxAg2Va4xwECZbb9w
wo1vhF1r6Vm5o1H9M9sBLnciIBnkryBBC3UYNxi1AflvPvTo/ZGLT6lWzN6pyc3G
/ABOZYUzkTUb3FeSkgfqaP4vEqKDaXweOpLXSA8ASBNSlQK09Cb5RjhFpkUoski9
ZiME9JMquStQreBIJtQ10NHnCCom12mS5tUZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU8Td2JCIj1A9DHRyJAI1P9i55qXowHwYDVR0jBBgwFoAUtKZaDrhmkhnEGFRC
1J/J1vgltmUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy90
S1phRHJobWtobkVHRlJDMUpfSjF2Z2x0bVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3RLWmFEcmhta2huRUdGUkMxSl9KMXZnbHRtVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvOFRkMkpDSWoxQTlESFJ5SkFJMVA5
aTU1cVhvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBI/DAN
BgkqhkiG9w0BAQsFAAOCAQEARo0NRrpi0bIXgf4sdVaT+8nyDiS7TvTTr2LpukCZ
Khgb9kqdttzg7NeYAH4qeh/SlVYBFDeLk+McwAOKU0Wqat8gH/LDDFQYmPxBqEqh
TM9b5/NtDFsAyA6QtaQdJyG970Dl2C5y8Zqys2m9nqV6nVH9kTIw9PdCkcMQuPm1
9ssICIFc7TCiDF4YHpJG1jV3Sat6vXr4NtgLTCaBygnWCzeVrjy3gZsp600aIlaa
XsnF2Lx0SLoBdhkf76RPyVl69TgQFAm8IDrsGgqZrKo5CalnSSEd+VMc+h2tGo0b
tadfgUwZMviNaV5LVqH+6KBAkDU+FBHZAlsfpPV39/D+/A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:39:58 2025 by rpki-client