Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCIC/KtdGQlmdoDc3YypvNLYiMAiai6M.roa
File: KtdGQlmdoDc3YypvNLYiMAiai6M.roa (raw, json)
Hash identifier: bQ3NpQk5yfraBE43V55Ry+YOhB1O9VSgcvswrUqnTvM=
Subject key identifier: 2A:D7:46:42:59:9D:A0:37:37:63:2A:6F:34:B6:22:30:08:9A:8B:A3
Certificate issuer: /CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Certificate serial: 1A43
Authority key identifier: 6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KtdGQlmdoDc3YypvNLYiMAiai6M.roa
Signing time: Fri 22 Aug 2025 08:53:53 +0000
ROA not before: Fri 22 Aug 2025 08:53:53 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 18419
IP address blocks: 210.244.88.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6723 (0x1a43)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6EE5B41857AD23D5BEE6716E31AA334BF2545B72
Validity
Not Before: Aug 22 08:53:53 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=2AD74642599DA03737632A6F34B62230089A8BA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:8f:90:c0:32:93:eb:16:2a:54:bd:57:4e:
a8:6e:6a:40:fe:56:08:79:fa:7f:cc:73:f4:f1:df:
d5:83:db:ed:ce:62:8d:03:4a:79:a6:74:69:29:bf:
f9:58:b0:9b:55:ed:50:9b:a0:66:8f:0b:b6:55:92:
65:bf:1d:65:ee:34:96:9d:ca:11:c8:75:62:95:87:
79:11:72:48:d5:fb:a7:30:01:5a:10:47:f3:e1:00:
0d:7c:71:5b:dc:f4:7a:a8:2a:3a:95:c1:50:f9:9a:
32:dd:42:d1:32:d1:08:7c:6d:11:b2:42:7d:7d:22:
9b:7c:cf:8d:10:94:38:1f:49:f5:72:4a:2b:23:7e:
c4:93:d7:73:f8:2b:43:89:87:49:76:ea:07:0a:9c:
65:07:93:96:65:76:f3:f9:a4:e5:f7:b0:c3:68:b9:
da:e6:dd:8f:55:ce:51:62:24:6c:c4:df:fb:d2:cc:
dc:25:2b:4c:5b:54:9c:42:7a:8a:93:85:82:b0:34:
5f:98:8a:75:ae:57:1d:fd:ee:5b:02:00:47:48:11:
71:b1:ea:af:64:2f:8e:7e:c0:46:9a:07:1d:a3:0c:
7b:82:57:f8:34:28:b8:12:83:46:58:58:7a:43:05:
ca:22:09:99:8c:90:40:ac:35:4d:29:5b:53:97:3a:
e8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D7:46:42:59:9D:A0:37:37:63:2A:6F:34:B6:22:30:08:9A:8B:A3
X509v3 Authority Key Identifier:
keyid:6E:E5:B4:18:57:AD:23:D5:BE:E6:71:6E:31:AA:33:4B:F2:54:5B:72
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/buW0GFetI9W-5nFuMaozS_JUW3I.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/buW0GFetI9W-5nFuMaozS_JUW3I.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCIC/KtdGQlmdoDc3YypvNLYiMAiai6M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.244.88.0/22
Signature Algorithm: sha256WithRSAEncryption
46:35:a8:66:11:cc:4b:43:5f:13:16:a6:ce:70:2d:a5:1d:b3:
7d:3a:8e:d6:bb:91:be:56:24:1e:19:d9:4d:e7:b2:91:e8:b6:
57:c7:d3:9a:2d:80:32:8a:1f:ba:da:c0:11:01:a9:ee:8b:c0:
5c:62:c3:46:ee:86:eb:61:bc:a2:62:f9:ec:f0:b1:83:b9:f9:
b0:d6:cf:b0:8b:75:ec:ac:8a:3f:ff:5b:82:1d:92:db:a6:0e:
0a:92:cd:21:a6:47:9e:92:e2:46:36:59:c1:13:35:db:d4:ab:
12:55:1d:e7:7d:fc:42:61:8e:11:22:14:b2:78:18:e4:5e:8c:
8f:38:a7:63:34:d3:f2:7d:93:a4:41:34:67:82:db:a7:73:e6:
f4:14:ce:28:13:bd:cb:a5:d4:28:f0:00:e1:ec:c2:e1:10:18:
f8:3d:f5:16:ae:db:f0:61:f1:8c:b3:13:2d:e9:c1:95:cf:79:
7d:30:73:4d:69:44:74:a3:31:a3:bf:95:67:a8:7b:f3:59:00:
fa:40:e7:9d:b7:f0:32:05:ae:eb:22:93:f9:8f:7c:37:0e:52:
37:00:2b:f8:c5:0f:55:bb:a2:b5:7c:c3:6e:7d:fd:9b:f5:be:
ad:eb:70:a3:70:19:72:65:8f:9b:ac:2f:5d:01:ea:d0:27:57:
07:e0:a5:e6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICGkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNkVF
NUI0MTg1N0FEMjNENUJFRTY3MTZFMzFBQTMzNEJGMjU0NUI3MjAeFw0yNTA4MjIw
ODUzNTNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDJBRDc0NjQyNTk5REEw
MzczNzYzMkE2RjM0QjYyMjMwMDg5QThCQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv5o+QwDKT6xYqVL1XTqhuakD+Vgh5+n/Mc/Tx39WD2+3OYo0D
SnmmdGkpv/lYsJtV7VCboGaPC7ZVkmW/HWXuNJadyhHIdWKVh3kRckjV+6cwAVoQ
R/PhAA18cVvc9HqoKjqVwVD5mjLdQtEy0Qh8bRGyQn19Ipt8z40QlDgfSfVySisj
fsST13P4K0OJh0l26gcKnGUHk5ZldvP5pOX3sMNoudrm3Y9VzlFiJGzE3/vSzNwl
K0xbVJxCeoqThYKwNF+YinWuVx397lsCAEdIEXGx6q9kL45+wEaaBx2jDHuCV/g0
KLgSg0ZYWHpDBcoiCZmMkECsNU0pW1OXOuj/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKtdGQlmdoDc3YypvNLYiMAiai6MwHwYDVR0jBBgwFoAUbuW0GFetI9W+5nFu
MaozS/JUW3IwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNJQy9i
dVcwR0ZldEk5Vy01bkZ1TWFvelNfSlVXM0kuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2J1VzBHRmV0STlXLTVuRnVNYW96U19KVVczSS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSUMvS3RkR1FsbWRvRGMzWXlwdk5MWWlN
QWlhaTZNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtL0WDAN
BgkqhkiG9w0BAQsFAAOCAQEARjWoZhHMS0NfExamznAtpR2zfTqO1ruRvlYkHhnZ
Teeykei2V8fTmi2AMoofutrAEQGp7ovAXGLDRu6G62G8omL57PCxg7n5sNbPsIt1
7KyKP/9bgh2S26YOCpLNIaZHnpLiRjZZwRM129SrElUd5338QmGOESIUsngY5F6M
jzinYzTT8n2TpEE0Z4Lbp3Pm9BTOKBO9y6XUKPAA4ezC4RAY+D31Fq7b8GHxjLMT
LenBlc95fTBzTWlEdKMxo7+VZ6h781kA+kDnnbfwMgWu6yKT+Y98Nw5SNwAr+MUP
VbuitXzDbn39m/W+retwo3AZcmWPm6wvXQHq0CdXB+Cl5g==
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:36 2025 by rpki-client