Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/AhPI1REtvXR-HmqhvrJRUTP3vZQ.roa
File: AhPI1REtvXR-HmqhvrJRUTP3vZQ.roa (raw, json)
Hash identifier: p7ZON6VJFzxo/oXIY51nIP15JkA52qIdYX3MrvdhXx4=
Subject key identifier: 02:13:C8:D5:11:2D:BD:74:7E:1E:6A:A1:BE:B2:51:51:33:F7:BD:94
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0E58
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/AhPI1REtvXR-HmqhvrJRUTP3vZQ.roa
Signing time: Fri 22 Aug 2025 08:56:25 +0000
ROA not before: Fri 22 Aug 2025 08:56:25 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 4780
IP address blocks: 150.129.72.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3672 (0xe58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Aug 22 08:56:25 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=0213C8D5112DBD747E1E6AA1BEB2515133F7BD94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8a:47:49:7e:07:ff:82:4d:23:9b:d9:25:3d:
93:4a:ea:d7:d6:7f:13:2d:a2:c6:d8:58:50:55:29:
9f:03:06:e2:1e:12:a3:4d:ca:7f:1b:10:02:2a:dc:
a2:9b:24:32:a1:43:5f:2f:cb:11:f9:b8:79:2c:20:
a5:c5:b6:4c:01:6f:ae:6e:89:95:4d:01:ea:84:28:
64:b0:a6:e4:28:2a:00:01:be:2c:a5:1e:e4:8e:8c:
fb:00:d5:2a:3e:4a:94:59:54:bd:ad:01:56:7d:93:
ac:d7:e0:2e:ad:06:64:c9:3d:a2:c2:a8:bd:db:97:
f2:e4:cf:b5:4c:25:c0:80:ef:95:84:70:6b:69:42:
5a:a4:4e:d6:05:ea:32:ea:9f:bc:b9:76:11:17:de:
01:dd:af:25:57:03:8a:e3:6e:ef:5f:4b:79:6a:10:
23:34:7d:eb:7f:68:31:17:60:6b:d7:3d:28:e9:62:
22:73:66:0f:a7:98:4d:e9:a5:7a:59:50:06:d3:fb:
f6:66:e4:07:f0:74:20:71:5b:31:3a:ec:17:fe:ac:
41:da:12:bd:77:55:cf:43:be:2d:1d:d9:ef:d3:9d:
78:ae:b8:80:38:1d:2b:a6:af:17:d8:de:1b:e9:81:
49:a1:60:95:e2:ea:d1:1d:a3:69:fa:73:97:d3:18:
43:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:13:C8:D5:11:2D:BD:74:7E:1E:6A:A1:BE:B2:51:51:33:F7:BD:94
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/AhPI1REtvXR-HmqhvrJRUTP3vZQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.129.72.0/22
Signature Algorithm: sha256WithRSAEncryption
99:f3:7f:0d:e9:e1:38:c7:ee:67:ae:8f:e1:a7:d1:f0:6f:c7:
a5:ce:05:e7:83:61:75:f8:f6:4a:9a:cb:69:3a:a0:cb:6e:1d:
b1:25:78:ec:2b:5b:65:84:4e:ef:f3:0b:b6:93:eb:54:5b:c7:
92:43:3f:4e:30:ad:e0:ca:d6:fb:70:4a:de:24:b1:54:7d:78:
76:bc:99:dd:95:90:c3:66:dd:bf:68:c8:51:5d:6a:55:14:06:
9b:84:1e:f6:6d:3e:92:0d:28:77:11:77:00:92:2e:a9:ae:11:
db:04:bc:44:24:4c:8b:8f:2e:d9:ca:e9:0a:76:06:95:06:2e:
f3:db:97:40:1f:05:54:31:77:1e:b6:c9:ce:bf:ff:80:d1:cb:
b3:84:a9:c2:47:5e:d5:c5:13:34:7e:58:31:07:64:4f:2b:a5:
0d:48:0f:e3:6b:ad:fc:74:87:bb:91:d3:b7:b5:60:3a:f5:38:
2c:7f:30:35:a7:b0:39:22:b5:b9:d9:fe:05:68:7d:52:cd:62:
87:9e:3c:0a:e8:bc:1e:c0:9f:66:75:5e:23:b3:9e:f1:be:f8:
fb:f7:54:8d:2e:56:f9:ff:f8:dd:f0:3d:8f:38:71:24:d5:11:
10:53:92:ec:8d:c8:f3:45:72:21:a6:cf:bd:72:54:53:14:bc:
7c:35:83:0e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw
ODU2MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDAyMTNDOEQ1MTEyREJE
NzQ3RTFFNkFBMUJFQjI1MTUxMzNGN0JEOTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8ikdJfgf/gk0jm9klPZNK6tfWfxMtosbYWFBVKZ8DBuIeEqNN
yn8bEAIq3KKbJDKhQ18vyxH5uHksIKXFtkwBb65uiZVNAeqEKGSwpuQoKgABviyl
HuSOjPsA1So+SpRZVL2tAVZ9k6zX4C6tBmTJPaLCqL3bl/Lkz7VMJcCA75WEcGtp
QlqkTtYF6jLqn7y5dhEX3gHdryVXA4rjbu9fS3lqECM0fet/aDEXYGvXPSjpYiJz
Zg+nmE3ppXpZUAbT+/Zm5AfwdCBxWzE67Bf+rEHaEr13Vc9Dvi0d2e/TnXiuuIA4
HSumrxfY3hvpgUmhYJXi6tEdo2n6c5fTGEPZAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUAhPI1REtvXR+HmqhvrJRUTP3vZQwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9BaFBJMVJFdHZYUi1IbXFodnJK
UlVUUDN2WlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCloFI
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ838N6eE4x+5nro/hp9Hwb8elzgXng2F1+PZK
mstpOqDLbh2xJXjsK1tlhE7v8wu2k+tUW8eSQz9OMK3gytb7cEreJLFUfXh2vJnd
lZDDZt2/aMhRXWpVFAabhB72bT6SDSh3EXcAki6prhHbBLxEJEyLjy7ZyukKdgaV
Bi7z25dAHwVUMXcetsnOv/+A0cuzhKnCR17VxRM0flgxB2RPK6UNSA/ja638dIe7
kdO3tWA69TgsfzA1p7A5IrW52f4FaH1SzWKHnjwK6LwewJ9mdV4js57xvvj791SN
Llb5//jd8D2POHEk1REQU5LsjcjzRXIhps+9clRTFLx8NYMO
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:44:10 2025 by rpki-client