Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/IbRU5Gag8DihcJ-ip5oSfQpWga4.roa
File: IbRU5Gag8DihcJ-ip5oSfQpWga4.roa (raw, json)
Hash identifier: pM0H1ilfnzdKRVgQ9PnvaHmTrY4+V118Ij/Heg2DmHo=
Subject key identifier: 21:B4:54:E4:66:A0:F0:38:A1:70:9F:A2:A7:9A:12:7D:0A:56:81:AE
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0E69
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/IbRU5Gag8DihcJ-ip5oSfQpWga4.roa
Signing time: Fri 22 Aug 2025 08:56:30 +0000
ROA not before: Fri 22 Aug 2025 08:56:30 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 18419
IP address blocks: 203.121.224.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3689 (0xe69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Aug 22 08:56:30 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=21B454E466A0F038A1709FA2A79A127D0A5681AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3b:d9:6f:d1:73:a3:a6:58:93:df:75:95:2c:
5f:6b:1d:b9:4c:e3:be:43:98:e9:b2:c1:25:39:63:
c5:18:75:db:42:69:d6:1c:0a:f6:cd:41:d8:06:fe:
cb:1b:a5:22:3a:83:18:e0:eb:7e:c5:d9:0e:a3:86:
83:3f:08:39:ac:e2:63:87:0a:b3:1b:30:2a:4a:77:
bc:1c:08:3b:7d:a4:7a:5a:7b:13:8d:6e:55:47:49:
7b:42:1f:8a:05:5b:19:ea:c6:c0:89:e3:9d:33:51:
10:51:46:95:79:24:34:c9:73:74:2f:77:bc:6c:ab:
de:1b:fa:6c:5a:39:1a:fc:00:8d:1c:00:a1:24:38:
52:f2:8e:80:26:6c:b6:b7:16:60:90:3e:01:94:fc:
68:f0:99:96:b4:48:ae:a4:ce:57:b4:75:ad:8f:cc:
7a:2e:07:b2:15:82:b3:17:4f:71:4f:6e:79:63:3d:
c8:d3:dd:97:57:d8:34:7b:1c:88:fb:77:f4:ed:50:
df:e6:11:ab:ef:ab:f2:59:6b:cf:6a:10:94:32:12:
df:e2:b0:2a:e3:9a:6c:c6:1b:e5:c1:11:49:f9:85:
ab:4e:e3:a1:1c:e8:ff:1b:f6:ed:09:10:35:2a:92:
0c:c4:eb:0f:6d:4f:91:a1:01:f9:db:07:c2:30:28:
b7:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B4:54:E4:66:A0:F0:38:A1:70:9F:A2:A7:9A:12:7D:0A:56:81:AE
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/IbRU5Gag8DihcJ-ip5oSfQpWga4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.224.0/20
Signature Algorithm: sha256WithRSAEncryption
49:7e:1d:e3:76:80:df:f1:da:b4:96:9f:bc:8d:70:03:a5:bb:
78:db:ba:06:e2:bf:df:9e:a8:6b:df:c8:d4:b5:1f:f2:07:20:
5c:f6:32:91:68:d6:0a:68:08:53:be:dc:df:34:55:a9:9f:13:
4f:d4:b8:54:7c:f8:60:ff:22:2f:e9:6d:a2:0c:a1:1a:de:fe:
60:ea:19:df:f5:3c:1a:2a:96:32:7d:5f:45:93:82:46:d0:22:
89:26:64:39:70:07:e3:75:fc:26:da:39:b1:bb:0c:9f:61:2e:
0c:47:ec:b6:ef:65:13:6d:67:05:83:72:65:53:ed:3c:d7:ca:
b0:0d:60:66:24:b2:a2:d2:2e:2b:31:55:41:de:96:b8:e5:e7:
cc:ac:5c:fe:19:ef:8c:11:a6:f7:51:07:d8:f2:bf:a7:40:8c:
30:26:8a:f8:ee:82:9f:1d:9d:e9:66:d8:da:84:02:d0:d1:03:
95:33:1c:44:38:ad:15:6d:88:4d:fa:7a:74:af:32:7b:b1:5e:
1f:8f:4f:85:d7:aa:48:ef:df:fa:ef:20:15:66:65:57:8b:17:
eb:7f:76:c3:ae:f3:2d:e6:1e:29:cb:de:12:73:15:a3:3b:65:
50:0e:06:c1:3d:c8:09:09:9b:5d:20:28:38:97:7e:8f:c1:f3:
64:ab:5e:c4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDmkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw
ODU2MzBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDIxQjQ1NEU0NjZBMEYw
MzhBMTcwOUZBMkE3OUExMjdEMEE1NjgxQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTO9lv0XOjpliT33WVLF9rHblM475DmOmywSU5Y8UYddtCadYc
CvbNQdgG/ssbpSI6gxjg637F2Q6jhoM/CDms4mOHCrMbMCpKd7wcCDt9pHpaexON
blVHSXtCH4oFWxnqxsCJ450zURBRRpV5JDTJc3Qvd7xsq94b+mxaORr8AI0cAKEk
OFLyjoAmbLa3FmCQPgGU/GjwmZa0SK6kzle0da2PzHouB7IVgrMXT3FPbnljPcjT
3ZdX2DR7HIj7d/TtUN/mEavvq/JZa89qEJQyEt/isCrjmmzGG+XBEUn5hatO46Ec
6P8b9u0JEDUqkgzE6w9tT5GhAfnbB8IwKLe9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUIbRU5Gag8DihcJ+ip5oSfQpWga4wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9JYlJVNUdhZzhEaWhjSi1pcDVv
U2ZRcFdnYTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3ng
MA0GCSqGSIb3DQEBCwUAA4IBAQBJfh3jdoDf8dq0lp+8jXADpbt427oG4r/fnqhr
38jUtR/yByBc9jKRaNYKaAhTvtzfNFWpnxNP1LhUfPhg/yIv6W2iDKEa3v5g6hnf
9TwaKpYyfV9Fk4JG0CKJJmQ5cAfjdfwm2jmxuwyfYS4MR+y272UTbWcFg3JlU+08
18qwDWBmJLKi0i4rMVVB3pa45efMrFz+Ge+MEab3UQfY8r+nQIwwJor47oKfHZ3p
ZtjahALQ0QOVMxxEOK0VbYhN+np0rzJ7sV4fj0+F16pI79/67yAVZmVXixfrf3bD
rvMt5h4py94ScxWjO2VQDgbBPcgJCZtdICg4l36PwfNkq17E
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:49:55 2025 by rpki-client