Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/x8-tfOYZLubtMMD7-3gy5qRxqAg.roa
File: x8-tfOYZLubtMMD7-3gy5qRxqAg.roa (raw, json)
Hash identifier: PaYP5HuboHDvuLNxDiIu0GUo49PRZiTdLPpO2RJnPV4=
Subject key identifier: C7:CF:AD:7C:E6:19:2E:E6:ED:30:C0:FB:FB:78:32:E6:A4:71:A8:08
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0E55
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/x8-tfOYZLubtMMD7-3gy5qRxqAg.roa
Signing time: Fri 22 Aug 2025 08:56:24 +0000
ROA not before: Fri 22 Aug 2025 08:56:24 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 18419
IP address blocks: 202.148.218.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3669 (0xe55)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Aug 22 08:56:24 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=C7CFAD7CE6192EE6ED30C0FBFB7832E6A471A808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c8:b1:82:92:51:47:af:5b:4d:19:3f:df:6c:
7c:cf:31:6f:24:9c:72:49:d7:e2:ab:01:14:f9:a2:
18:ce:86:59:2a:f1:9b:d1:89:a9:d3:0e:23:bc:76:
90:2e:80:04:ba:db:93:d0:44:01:3e:48:e2:7a:c4:
fd:71:0c:22:de:9a:2b:06:6a:8f:0e:0a:bf:bc:30:
64:1c:e3:e4:ef:d2:18:e8:fb:20:4a:00:cb:73:bf:
78:6c:32:b9:da:a7:42:68:f4:12:ce:bb:69:1c:a9:
8c:00:5a:7e:df:4d:35:e6:ed:ca:ce:93:c4:d2:b5:
21:91:12:ed:4b:28:9f:db:ab:8c:c1:c9:32:56:83:
1d:6e:47:4e:cb:71:47:f8:c2:a9:f2:a1:ba:98:11:
a2:9a:76:c0:b9:b9:ee:71:81:b9:39:5c:01:35:90:
78:0d:bd:3a:9d:99:1c:fc:ac:9b:d0:da:96:00:e3:
a8:30:46:45:82:52:9e:dc:6f:60:30:0b:3a:92:8b:
58:85:07:92:c4:87:13:88:70:df:31:95:f3:7e:18:
58:35:6d:1d:9b:75:c4:d7:c5:16:f6:ee:75:71:f6:
1d:a2:25:c1:32:35:9c:21:60:81:70:76:ee:32:a2:
13:05:cb:f2:c3:62:2b:9c:54:f8:8f:be:c3:ad:4c:
81:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CF:AD:7C:E6:19:2E:E6:ED:30:C0:FB:FB:78:32:E6:A4:71:A8:08
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/x8-tfOYZLubtMMD7-3gy5qRxqAg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.148.218.0/23
Signature Algorithm: sha256WithRSAEncryption
b0:37:73:f7:70:f1:85:45:33:fa:4a:15:9f:ae:a7:23:eb:c6:
25:72:66:56:69:18:6c:c3:a3:7a:41:ab:99:18:79:c1:13:62:
ac:96:55:ed:70:b6:7b:dc:59:ea:8a:4c:fa:d7:24:4b:b8:0f:
32:fe:01:00:9b:74:16:ea:a2:27:80:40:c6:43:09:b6:5e:0b:
5f:64:6d:f6:1d:f3:b1:d6:9c:55:d5:ab:55:e9:e3:2b:00:da:
e5:28:40:94:8a:e3:49:bf:dd:40:c6:12:fb:fc:52:64:d3:0f:
ec:51:95:6e:a2:3e:bf:37:77:76:a3:f9:9e:6d:ac:ef:d9:57:
97:dc:39:d0:e2:14:46:ac:6f:ad:dc:90:2a:c4:31:e5:32:e9:
1e:e1:06:8c:02:b5:b3:0f:b8:66:0a:ae:7b:26:4d:0a:e6:3a:
39:41:30:ff:f3:29:75:d5:97:d5:67:e8:03:f7:ef:a3:17:37:
b2:f6:64:b8:72:7d:39:52:b7:88:f4:4b:f6:3c:2f:50:d6:c4:
41:90:45:28:03:7e:26:ca:31:5b:f6:2f:13:ae:d6:0a:c7:ac:
16:7c:6a:14:7d:da:b6:04:38:af:88:02:9c:01:f7:9d:fb:54:
73:21:62:f1:c4:d0:91:63:cd:76:8e:25:dd:93:24:91:2b:57:
b2:d8:b5:ae
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDlUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yNTA4MjIw
ODU2MjRaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEM3Q0ZBRDdDRTYxOTJF
RTZFRDMwQzBGQkZCNzgzMkU2QTQ3MUE4MDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1yLGCklFHr1tNGT/fbHzPMW8knHJJ1+KrART5ohjOhlkq8ZvR
ianTDiO8dpAugAS625PQRAE+SOJ6xP1xDCLemisGao8OCr+8MGQc4+Tv0hjo+yBK
AMtzv3hsMrnap0Jo9BLOu2kcqYwAWn7fTTXm7crOk8TStSGREu1LKJ/bq4zByTJW
gx1uR07LcUf4wqnyobqYEaKadsC5ue5xgbk5XAE1kHgNvTqdmRz8rJvQ2pYA46gw
RkWCUp7cb2AwCzqSi1iFB5LEhxOIcN8xlfN+GFg1bR2bdcTXxRb27nVx9h2iJcEy
NZwhYIFwdu4yohMFy/LDYiucVPiPvsOtTIHvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUx8+tfOYZLubtMMD7+3gy5qRxqAgwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS94OC10Zk9ZWkx1YnRNTUQ3LTNn
eTVxUnhxQWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBypTa
MA0GCSqGSIb3DQEBCwUAA4IBAQCwN3P3cPGFRTP6ShWfrqcj68YlcmZWaRhsw6N6
QauZGHnBE2KsllXtcLZ73Fnqikz61yRLuA8y/gEAm3QW6qIngEDGQwm2XgtfZG32
HfOx1pxV1atV6eMrANrlKECUiuNJv91AxhL7/FJk0w/sUZVuoj6/N3d2o/mebazv
2VeX3DnQ4hRGrG+t3JAqxDHlMuke4QaMArWzD7hmCq57Jk0K5jo5QTD/8yl11ZfV
Z+gD9++jFzey9mS4cn05UreI9Ev2PC9Q1sRBkEUoA34myjFb9i8TrtYKx6wWfGoU
fdq2BDiviAKcAfed+1RzIWLxxNCRY812jiXdkySRK1ey2LWu
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:37 2025 by rpki-client