Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PIINET/CqZDXXKCiUmrL0r5sHOM2SsnlYg.roa
File: CqZDXXKCiUmrL0r5sHOM2SsnlYg.roa (raw, json)
Hash identifier: lNOl87iEZzYinUqNMvUxBczb2jf8xp6Ztl9V0nUmOs0=
Subject key identifier: 0A:A6:43:5D:72:82:89:49:AB:2F:4A:F9:B0:73:8C:D9:2B:27:95:88
Certificate issuer: /CN=69797BDE8D0581FA299D8E1420ED2957C4208A07
Certificate serial: 0D71
Authority key identifier: 69:79:7B:DE:8D:05:81:FA:29:9D:8E:14:20:ED:29:57:C4:20:8A:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/aXl73o0FgfopnY4UIO0pV8Qgigc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PIINET/CqZDXXKCiUmrL0r5sHOM2SsnlYg.roa
Signing time: Fri 22 Aug 2025 08:44:25 +0000
ROA not before: Fri 22 Aug 2025 08:44:25 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 17710
IP address blocks: 150.107.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3441 (0xd71)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69797BDE8D0581FA299D8E1420ED2957C4208A07
Validity
Not Before: Aug 22 08:44:25 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=0AA6435D72828949AB2F4AF9B0738CD92B279588
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cc:33:d1:94:b1:3e:54:b7:f2:44:bb:83:50:
db:c8:4d:e9:1d:12:45:9f:5e:54:81:e6:d0:df:b5:
e1:f7:39:a4:50:ac:ec:33:e7:8d:4b:f9:68:0f:98:
b5:a4:66:1f:f7:3b:4c:25:83:23:ef:df:b4:74:f8:
9e:28:fb:ad:2b:e2:78:e0:3c:6c:64:95:46:a7:e1:
bb:98:fb:41:0e:c9:3c:7a:97:c1:58:06:04:7d:df:
15:b3:97:76:a2:bf:00:3c:5f:f5:9c:c4:1c:9e:b0:
f1:39:69:9b:4c:b9:1b:f6:b2:d1:f0:4a:5f:ca:d6:
29:e0:17:b5:ea:89:6c:42:5b:4c:65:70:82:70:b2:
2f:a6:f1:74:3b:dd:c9:e4:bc:3f:ad:8c:d3:86:0d:
99:38:ba:2e:fb:c5:01:90:81:6e:9d:4a:71:20:24:
8a:e5:9a:c6:16:97:f2:b4:50:65:18:65:8b:32:e5:
6b:ea:1c:41:be:05:f3:fe:bb:bf:92:df:59:79:6a:
f8:b1:ef:77:c7:f7:a9:16:1c:7e:36:cd:d2:eb:4f:
3e:11:02:7c:df:3e:bc:6b:9f:c1:6a:aa:06:ad:13:
4e:85:14:94:02:32:5f:83:86:36:1a:45:7b:6e:8c:
2c:9f:6a:fb:a0:57:2c:52:e1:2c:ad:85:7b:c1:be:
57:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:A6:43:5D:72:82:89:49:AB:2F:4A:F9:B0:73:8C:D9:2B:27:95:88
X509v3 Authority Key Identifier:
keyid:69:79:7B:DE:8D:05:81:FA:29:9D:8E:14:20:ED:29:57:C4:20:8A:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIINET/aXl73o0FgfopnY4UIO0pV8Qgigc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/aXl73o0FgfopnY4UIO0pV8Qgigc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PIINET/CqZDXXKCiUmrL0r5sHOM2SsnlYg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.107.64.0/22
Signature Algorithm: sha256WithRSAEncryption
98:c4:5e:66:78:43:87:36:4e:51:f4:aa:a2:74:fa:51:1d:d0:
b5:85:2d:af:7d:a0:93:97:30:5d:a9:ab:28:90:ba:11:4b:2e:
95:a4:d1:bf:c8:5c:28:c3:10:c0:b7:b4:13:b4:c6:bc:8c:21:
14:a5:67:a5:3e:0d:5b:ac:93:9b:b9:97:c9:23:0c:bb:13:12:
6d:17:77:73:4c:84:70:14:97:d8:fa:5e:88:c7:f0:c0:bd:7e:
d3:a4:6b:26:a1:f4:e4:c9:1e:e6:f9:43:2b:4e:f5:bf:27:4d:
79:c4:e7:8c:23:6b:4f:0e:73:f7:ac:e0:10:63:2f:10:51:04:
6f:0b:03:98:de:54:93:6b:bf:17:aa:f0:be:23:d0:5f:4f:df:
d1:0a:37:cf:bc:e7:a5:95:5f:75:f2:4d:fd:a6:56:28:22:1d:
60:6c:63:34:39:da:42:5a:3a:03:ff:39:18:41:73:5b:3e:d8:
17:d2:c0:f4:fc:fb:c1:fd:93:28:c6:8c:48:69:fb:1e:2a:49:
ac:ac:65:7f:4f:b4:3c:40:33:76:69:8b:be:90:4a:95:4b:9f:
3b:35:c9:98:cc:63:69:b8:9b:07:56:24:d6:fd:62:b3:20:83:
2a:33:98:20:03:2f:75:a3:9e:9a:00:bb:94:81:41:fe:cf:00:
f4:b2:e4:9f
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDXEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk3
OTdCREU4RDA1ODFGQTI5OUQ4RTE0MjBFRDI5NTdDNDIwOEEwNzAeFw0yNTA4MjIw
ODQ0MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBBQTY0MzVENzI4Mjg5
NDlBQjJGNEFGOUIwNzM4Q0Q5MkIyNzk1ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAzDPRlLE+VLfyRLuDUNvITekdEkWfXlSB5tDfteH3OaRQrOwz
541L+WgPmLWkZh/3O0wlgyPv37R0+J4o+60r4njgPGxklUan4buY+0EOyTx6l8FY
BgR93xWzl3aivwA8X/WcxByesPE5aZtMuRv2stHwSl/K1ingF7XqiWxCW0xlcIJw
si+m8XQ73cnkvD+tjNOGDZk4ui77xQGQgW6dSnEgJIrlmsYWl/K0UGUYZYsy5Wvq
HEG+BfP+u7+S31l5avix73fH96kWHH42zdLrTz4RAnzfPrxrn8FqqgatE06FFJQC
Ml+DhjYaRXtujCyfavugVyxS4SythXvBvlcjAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUCqZDXXKCiUmrL0r5sHOM2SsnlYgwHwYDVR0jBBgwFoAUaXl73o0FgfopnY4U
IO0pV8QgigcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElJTkVU
L2FYbDczbzBGZ2ZvcG5ZNFVJTzBwVjhRZ2lnYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvYVhsNzNvMEZnZm9wblk0VUlPMHBWOFFnaWdjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvUElJTkVUL0NxWkRYWEtDaVVtckwwcjVz
SE9NMlNzbmxZZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKW
a0AwDQYJKoZIhvcNAQELBQADggEBAJjEXmZ4Q4c2TlH0qqJ0+lEd0LWFLa99oJOX
MF2pqyiQuhFLLpWk0b/IXCjDEMC3tBO0xryMIRSlZ6U+DVusk5u5l8kjDLsTEm0X
d3NMhHAUl9j6XojH8MC9ftOkayah9OTJHub5QytO9b8nTXnE54wja08Oc/es4BBj
LxBRBG8LA5jeVJNrvxeq8L4j0F9P39EKN8+856WVX3XyTf2mVigiHWBsYzQ52kJa
OgP/ORhBc1s+2BfSwPT8+8H9kyjGjEhp+x4qSaysZX9PtDxAM3Zpi76QSpVLnzs1
yZjMY2m4mwdWJNb9YrMggyozmCADL3WjnpoAu5SBQf7PAPSy5J8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:55:08 2025 by rpki-client