Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/7Gaf8ZKhWebZWVrmPJa-f2dChe0.roa
File: 7Gaf8ZKhWebZWVrmPJa-f2dChe0.roa (raw, json)
Hash identifier: vJsdtBYtiqcvSOwBX/Z+/UcAzPkGs5Xx8pZi1gwoIc0=
Subject key identifier: EC:66:9F:F1:92:A1:59:E6:D9:59:5A:E6:3C:96:BE:7F:67:42:85:ED
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0E67
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/7Gaf8ZKhWebZWVrmPJa-f2dChe0.roa
Signing time: Fri 22 Aug 2025 08:56:29 +0000
ROA not before: Fri 22 Aug 2025 08:56:29 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 4780
IP address blocks: 203.121.224.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3687 (0xe67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Aug 22 08:56:29 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=EC669FF192A159E6D9595AE63C96BE7F674285ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:f9:35:5d:63:18:14:8a:fa:b3:49:96:5d:7e:
ce:45:8a:ef:20:4d:f2:72:2d:02:ed:c2:58:70:54:
44:ad:2b:04:40:67:9a:1d:a6:cf:af:43:aa:50:76:
eb:3d:e8:01:31:be:e5:66:ab:9f:a7:6d:c8:e1:f4:
6f:f8:58:ab:8f:b5:45:32:00:61:f0:94:fa:e4:fd:
09:90:64:14:ed:41:28:bb:fb:63:66:2a:45:f1:7d:
14:8a:22:ef:b2:ff:35:a1:4a:02:20:9e:e7:35:28:
58:68:fa:71:ac:72:e0:48:6c:7c:2a:47:6f:69:db:
c8:cb:39:fe:55:2b:b0:66:fb:c4:35:61:2d:01:82:
3e:3f:80:8e:11:9b:11:8d:83:bf:18:80:88:a8:be:
2a:c6:96:7f:84:84:7f:6b:63:01:a4:e7:21:a8:73:
9a:38:88:9e:65:81:07:2e:60:88:b6:60:08:f7:3a:
3e:ce:4d:35:ad:5a:b2:d2:92:df:52:9b:29:5a:c1:
82:52:6d:ff:9b:14:ef:ae:3c:e8:6b:62:8e:8f:fa:
31:8c:df:37:f4:82:9d:81:1e:0c:75:59:61:bc:c2:
d9:00:3d:d3:4c:4e:20:c7:24:af:41:10:1c:0f:01:
d2:dc:5d:44:b8:76:6f:ec:d3:6e:fd:81:71:c4:69:
5a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:66:9F:F1:92:A1:59:E6:D9:59:5A:E6:3C:96:BE:7F:67:42:85:ED
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/7Gaf8ZKhWebZWVrmPJa-f2dChe0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.224.0/20
Signature Algorithm: sha256WithRSAEncryption
a0:86:75:31:71:55:58:07:2e:60:12:f6:0a:13:55:75:3c:36:
45:7c:c1:f0:8e:3d:65:09:97:34:83:98:7a:a9:9a:11:e6:59:
29:39:9d:5d:19:68:ec:cb:af:81:05:1b:35:54:20:5a:12:a2:
cd:b2:f3:40:d4:40:01:24:ad:f4:8b:82:9e:18:90:8e:87:ef:
e4:d9:44:69:51:2a:fe:f0:78:bc:b9:5d:00:1d:bd:a9:0c:75:
8e:16:dd:90:f1:65:08:0c:2a:b1:43:2d:50:65:f2:04:ec:8a:
68:71:65:9f:e4:5b:36:32:64:b1:c6:09:bd:90:f5:7d:3c:52:
37:d7:e2:57:ed:67:71:17:e3:9c:bd:d1:8a:55:70:47:e5:96:
08:11:02:97:0c:54:19:91:a1:2e:8e:6e:25:a9:cc:b9:a7:02:
a2:db:c9:be:3c:e5:87:db:0a:5d:c9:8a:5b:0b:29:53:3d:1e:
1a:04:52:22:4b:1c:4f:5a:89:04:b2:d4:c2:48:ce:bf:81:bf:
1d:c6:e1:ce:96:3e:a5:89:f2:8b:73:d0:bc:53:7b:2f:1d:d9:
20:24:01:1b:37:03:aa:a6:15:32:4a:b4:8a:cd:63:92:1a:dd:
89:52:42:5d:cc:83:68:59:4b:96:02:90:8b:ab:98:53:9e:15:
84:9e:30:00
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw
ODU2MjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEVDNjY5RkYxOTJBMTU5
RTZEOTU5NUFFNjNDOTZCRTdGNjc0Mjg1RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr+TVdYxgUivqzSZZdfs5Fiu8gTfJyLQLtwlhwVEStKwRAZ5od
ps+vQ6pQdus96AExvuVmq5+nbcjh9G/4WKuPtUUyAGHwlPrk/QmQZBTtQSi7+2Nm
KkXxfRSKIu+y/zWhSgIgnuc1KFho+nGscuBIbHwqR29p28jLOf5VK7Bm+8Q1YS0B
gj4/gI4RmxGNg78YgIiovirGln+EhH9rYwGk5yGoc5o4iJ5lgQcuYIi2YAj3Oj7O
TTWtWrLSkt9SmylawYJSbf+bFO+uPOhrYo6P+jGM3zf0gp2BHgx1WWG8wtkAPdNM
TiDHJK9BEBwPAdLcXUS4dm/s0279gXHEaVo9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU7Gaf8ZKhWebZWVrmPJa+f2dChe0wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS83R2FmOFpLaFdlYlpXVnJtUEph
LWYyZENoZTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3ng
MA0GCSqGSIb3DQEBCwUAA4IBAQCghnUxcVVYBy5gEvYKE1V1PDZFfMHwjj1lCZc0
g5h6qZoR5lkpOZ1dGWjsy6+BBRs1VCBaEqLNsvNA1EABJK30i4KeGJCOh+/k2URp
USr+8Hi8uV0AHb2pDHWOFt2Q8WUIDCqxQy1QZfIE7IpocWWf5Fs2MmSxxgm9kPV9
PFI31+JX7WdxF+OcvdGKVXBH5ZYIEQKXDFQZkaEujm4lqcy5pwKi28m+POWH2wpd
yYpbCylTPR4aBFIiSxxPWokEstTCSM6/gb8dxuHOlj6lifKLc9C8U3svHdkgJAEb
NwOqphUySrSKzWOSGt2JUkJdzINoWUuWApCLq5hTnhWEnjAA
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:44:57 2025 by rpki-client