Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Z04Bgi7OiD-eaytqM9pXQRQ0ErU.roa
File: Z04Bgi7OiD-eaytqM9pXQRQ0ErU.roa (raw, json)
Hash identifier: wdJa2dSgEEOtCcBkBt3OsUNwguWDk0SP095/tS/kdYo=
Subject key identifier: 67:4E:01:82:2E:CE:88:3F:9E:6B:2B:6A:33:DA:57:41:14:34:12:B5
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0E5B
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Z04Bgi7OiD-eaytqM9pXQRQ0ErU.roa
Signing time: Fri 22 Aug 2025 08:56:25 +0000
ROA not before: Fri 22 Aug 2025 08:56:25 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 4780
IP address blocks: 124.109.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3675 (0xe5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Aug 22 08:56:25 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=674E01822ECE883F9E6B2B6A33DA5741143412B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ae:1c:08:80:b9:62:2b:6f:24:89:58:a1:52:
ad:2f:3c:32:5b:0e:0c:c0:ac:10:2b:23:0b:db:a8:
09:52:4d:2f:80:9e:d8:3b:34:b8:65:39:9d:cd:46:
b9:1c:2c:26:b5:3d:50:a8:77:99:4e:25:b6:d2:13:
38:0e:81:6a:9a:4d:2e:a8:d1:98:15:c2:23:83:cd:
99:d9:38:e1:9f:60:44:1c:01:6e:02:92:3f:a9:2c:
3b:3f:52:04:1b:e5:3a:ad:ca:74:9c:a8:1f:0d:61:
30:14:06:f4:0b:28:8f:05:c8:82:ca:cb:2d:5d:7e:
3c:11:e1:92:76:98:79:e8:52:db:54:91:88:30:44:
72:8e:88:43:74:ce:74:dc:6f:21:c7:61:d6:cb:f0:
e0:b4:c1:98:77:87:8f:4a:ee:a3:50:1f:52:1d:f4:
c6:c5:ac:6c:0e:5d:d8:5c:f6:fc:aa:8f:25:4d:8c:
c8:e9:a5:32:d6:9a:52:14:c7:a8:cf:53:05:ba:8b:
c7:a4:7b:9d:03:71:fc:cc:60:54:72:4e:9b:bd:e5:
4f:86:f9:06:91:22:4e:a6:cc:59:79:15:8b:e6:1f:
18:bc:1b:b6:de:d1:a2:12:80:16:b1:42:c7:9f:72:
d2:ff:b3:fa:af:60:16:b4:90:7e:b5:a9:b0:0b:a5:
f1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4E:01:82:2E:CE:88:3F:9E:6B:2B:6A:33:DA:57:41:14:34:12:B5
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/Z04Bgi7OiD-eaytqM9pXQRQ0ErU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.109.112.0/20
Signature Algorithm: sha256WithRSAEncryption
61:5e:2e:2b:81:47:be:93:74:f7:42:1a:51:60:93:a3:5a:23:
c7:50:92:49:d8:c3:c0:7d:63:9d:41:f3:7b:c3:01:78:44:cd:
91:f2:a6:d4:15:73:78:0a:a7:b7:dc:3f:9c:af:f7:ff:a1:24:
a4:ad:ef:18:01:5a:d7:07:a6:87:e3:41:cb:26:e1:34:93:94:
f5:04:8f:19:f9:77:ae:1f:9c:55:27:cc:c7:86:46:aa:91:00:
1f:ad:df:00:45:c8:e4:2e:48:3a:4d:85:c4:c8:fc:77:56:6a:
a4:43:96:c9:94:04:4a:ad:23:6f:48:44:a1:0d:6e:a1:02:bd:
f7:b9:8a:bb:40:77:78:6a:ae:ba:b6:3d:a7:93:fa:0a:1a:c6:
63:91:09:45:99:f8:7a:eb:c2:b8:0f:e7:dc:74:5c:5d:f8:62:
fb:97:73:31:7e:84:58:46:58:7e:e6:ef:2f:5d:ad:aa:93:49:
a4:4f:72:39:5f:ca:dc:75:21:e4:a2:93:65:08:14:43:3f:a0:
18:ad:97:14:57:3c:44:05:27:4a:15:71:fd:74:a5:07:7f:3e:
33:74:a1:5a:39:de:26:8b:ca:b6:59:f3:bf:d5:6f:12:6c:16:
d8:b0:45:ec:f8:08:35:c6:b9:fb:29:7f:c0:27:16:7b:9d:cf:
bf:4c:2b:dd
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDlswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw
ODU2MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDY3NEUwMTgyMkVDRTg4
M0Y5RTZCMkI2QTMzREE1NzQxMTQzNDEyQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwrhwIgLliK28kiVihUq0vPDJbDgzArBArIwvbqAlSTS+Antg7
NLhlOZ3NRrkcLCa1PVCod5lOJbbSEzgOgWqaTS6o0ZgVwiODzZnZOOGfYEQcAW4C
kj+pLDs/UgQb5TqtynScqB8NYTAUBvQLKI8FyILKyy1dfjwR4ZJ2mHnoUttUkYgw
RHKOiEN0znTcbyHHYdbL8OC0wZh3h49K7qNQH1Id9MbFrGwOXdhc9vyqjyVNjMjp
pTLWmlIUx6jPUwW6i8eke50DcfzMYFRyTpu95U+G+QaRIk6mzFl5FYvmHxi8G7be
0aISgBaxQsefctL/s/qvYBa0kH61qbALpfHTAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUZ04Bgi7OiD+eaytqM9pXQRQ0ErUwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9aMDRCZ2k3T2lELWVheXRxTTlw
WFFSUTBFclUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEfG1w
MA0GCSqGSIb3DQEBCwUAA4IBAQBhXi4rgUe+k3T3QhpRYJOjWiPHUJJJ2MPAfWOd
QfN7wwF4RM2R8qbUFXN4Cqe33D+cr/f/oSSkre8YAVrXB6aH40HLJuE0k5T1BI8Z
+XeuH5xVJ8zHhkaqkQAfrd8ARcjkLkg6TYXEyPx3VmqkQ5bJlARKrSNvSEShDW6h
Ar33uYq7QHd4aq66tj2nk/oKGsZjkQlFmfh668K4D+fcdFxd+GL7l3MxfoRYRlh+
5u8vXa2qk0mkT3I5X8rcdSHkopNlCBRDP6AYrZcUVzxEBSdKFXH9dKUHfz4zdKFa
Od4mi8q2WfO/1W8SbBbYsEXs+Ag1xrn7KX/AJxZ7nc+/TCvd
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:55:06 2025 by rpki-client