Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIMPLECLOU/9gmaUZZ_2_rmAz0jC0ro_7ODOZw.roa
File: 9gmaUZZ_2_rmAz0jC0ro_7ODOZw.roa (raw, json)
Hash identifier: ISlqv6PyMmxGbLOC2dYywUNxw3//1kR4x8z863j2pHo=
Subject key identifier: F6:09:9A:51:96:7F:DB:FA:E6:03:3D:23:0B:4A:E8:FF:B3:83:39:9C
Certificate issuer: /CN=454C2D00C72E2B53B427FDF45A93BC567E4040E2
Certificate serial: 01D9
Authority key identifier: 45:4C:2D:00:C7:2E:2B:53:B4:27:FD:F4:5A:93:BC:56:7E:40:40:E2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RUwtAMcuK1O0J_30WpO8Vn5AQOI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIMPLECLOU/9gmaUZZ_2_rmAz0jC0ro_7ODOZw.roa
Signing time: Fri 22 Aug 2025 09:01:43 +0000
ROA not before: Fri 22 Aug 2025 09:01:43 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 9917
IP address blocks: 157.20.108.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473 (0x1d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=454C2D00C72E2B53B427FDF45A93BC567E4040E2
Validity
Not Before: Aug 22 09:01:43 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=F6099A51967FDBFAE6033D230B4AE8FFB383399C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:99:c5:47:5c:48:4e:d0:45:6c:45:2b:ea:ec:
e5:82:b3:d5:bd:fc:5c:52:9d:e2:1b:4c:b4:f9:c9:
de:a1:e4:70:ff:e9:80:74:be:bf:24:dd:a6:1c:1f:
31:35:99:ce:72:9f:b5:99:49:ba:25:09:21:51:9d:
7d:b6:bb:e9:0e:ae:9c:0b:a8:9a:11:7c:eb:ac:07:
7d:f9:32:5e:e3:a1:3b:78:32:0c:ab:7e:f0:f6:d2:
e0:c5:a3:7c:a1:13:20:83:66:9e:94:e3:a5:f3:64:
ca:7f:e2:a8:35:96:6e:f4:e7:33:ee:c6:67:0a:55:
a0:8d:7b:0c:04:61:f7:2c:56:c8:3d:6b:d7:b4:17:
8f:de:9a:2d:0b:e1:3d:03:13:d7:27:60:fc:62:23:
7f:21:cf:bb:ea:cb:06:cf:ff:af:51:c8:95:71:2b:
89:35:ef:10:70:f1:83:81:62:45:46:20:f7:41:2f:
45:b8:b4:d2:19:c6:b4:b5:be:c6:bf:32:13:aa:e0:
6c:26:c2:9f:fd:6a:f0:c1:04:f9:eb:af:80:68:81:
fc:b7:a1:73:09:3b:c2:ef:64:08:fd:99:9f:d8:34:
bc:37:d3:30:06:a9:71:63:9c:0d:b2:68:a7:1e:14:
36:4d:94:6a:fc:94:e6:03:5e:1c:bd:f7:fc:ec:ef:
e8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:09:9A:51:96:7F:DB:FA:E6:03:3D:23:0B:4A:E8:FF:B3:83:39:9C
X509v3 Authority Key Identifier:
keyid:45:4C:2D:00:C7:2E:2B:53:B4:27:FD:F4:5A:93:BC:56:7E:40:40:E2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIMPLECLOU/RUwtAMcuK1O0J_30WpO8Vn5AQOI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RUwtAMcuK1O0J_30WpO8Vn5AQOI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIMPLECLOU/9gmaUZZ_2_rmAz0jC0ro_7ODOZw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.108.0/23
Signature Algorithm: sha256WithRSAEncryption
b8:e2:8b:25:49:09:f8:6a:be:b8:75:31:2f:bd:27:e5:fb:4c:
9b:bd:7f:5b:c4:b2:6c:76:50:62:55:88:39:d9:f3:73:ea:de:
0c:c9:4b:76:b8:91:92:5a:01:ae:cc:7f:46:ee:2d:16:11:1e:
c0:14:8c:bb:11:14:ca:22:df:da:d9:61:96:c1:4f:e8:9b:81:
55:0b:4d:9a:0a:e2:fe:2b:d1:17:6f:6c:c8:b1:6b:2e:8e:f8:
8e:59:b6:fc:65:dc:35:2d:a3:99:15:b2:77:cd:a8:b0:fe:ed:
3a:b9:13:78:1a:ca:de:a0:07:eb:6e:dd:7e:dc:fc:d5:7a:62:
2d:a0:ab:a8:ba:b0:24:c2:0a:93:70:ba:86:75:23:0b:bc:2c:
59:0a:6e:a9:be:fc:f6:57:ff:da:7f:84:4c:44:93:92:06:50:
c0:af:0c:4c:72:62:74:33:a4:87:b6:9e:54:06:eb:91:ef:05:
2c:8c:f6:f9:3d:ea:7c:5e:7d:30:c6:8f:0b:e5:ee:a1:a4:60:
4b:e3:da:7f:a4:ec:03:d9:12:04:cc:db:f4:c5:1b:6e:2f:07:
a1:34:21:3e:34:cf:24:2b:9d:a2:a4:c7:df:ef:dd:67:21:3a:
d7:7b:81:9d:70:d7:e6:38:90:e4:91:83:d4:5a:4a:c4:fe:00:
3d:86:0d:4f
-----BEGIN CERTIFICATE-----
MIIE2jCCA8KgAwIBAgICAdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU0
QzJEMDBDNzJFMkI1M0I0MjdGREY0NUE5M0JDNTY3RTQwNDBFMjAeFw0yNTA4MjIw
OTAxNDNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEY2MDk5QTUxOTY3RkRC
RkFFNjAzM0QyMzBCNEFFOEZGQjM4MzM5OUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8mcVHXEhO0EVsRSvq7OWCs9W9/FxSneIbTLT5yd6h5HD/6YB0
vr8k3aYcHzE1mc5yn7WZSbolCSFRnX22u+kOrpwLqJoRfOusB335Ml7joTt4Mgyr
fvD20uDFo3yhEyCDZp6U46XzZMp/4qg1lm705zPuxmcKVaCNewwEYfcsVsg9a9e0
F4/emi0L4T0DE9cnYPxiI38hz7vqywbP/69RyJVxK4k17xBw8YOBYkVGIPdBL0W4
tNIZxrS1vsa/MhOq4Gwmwp/9avDBBPnrr4Bogfy3oXMJO8LvZAj9mZ/YNLw30zAG
qXFjnA2yaKceFDZNlGr8lOYDXhy99/zs7+ghAgMBAAGjggH2MIIB8jAdBgNVHQ4E
FgQU9gmaUZZ/2/rmAz0jC0ro/7ODOZwwHwYDVR0jBBgwFoAURUwtAMcuK1O0J/30
WpO8Vn5AQOIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBgBgNVHR8EWTBXMFWg
U6BRhk9yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lNUExF
Q0xPVS9SVXd0QU1jdUsxTzBKXzMwV3BPOFZuNUFRT0kuY3JsMGAGCCsGAQUFBwEB
BFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9U
V05JQ0NBL1JVd3RBTWN1SzFPMEpfMzBXcE84Vm41QVFPSS5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGgBggrBgEFBQcBCwSBkzCBkDBbBggrBgEFBQcwC4ZPcnN5bmM6Ly9y
cGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NBL1NJTVBMRUNMT1UvOWdtYVVaWl8y
X3JtQXowakMwcm9fN09ET1p3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRw
LnR3bmljLnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEAZ0UbDANBgkqhkiG9w0BAQsFAAOCAQEAuOKLJUkJ+Gq+uHUxL70n5ftM
m71/W8SybHZQYlWIOdnzc+reDMlLdriRkloBrsx/Ru4tFhEewBSMuxEUyiLf2tlh
lsFP6JuBVQtNmgri/ivRF29syLFrLo74jlm2/GXcNS2jmRWyd82osP7tOrkTeBrK
3qAH627dftz81XpiLaCrqLqwJMIKk3C6hnUjC7wsWQpuqb789lf/2n+ETESTkgZQ
wK8MTHJidDOkh7aeVAbrke8FLIz2+T3qfF59MMaPC+XuoaRgS+Paf6TsA9kSBMzb
9MUbbi8HoTQhPjTPJCudoqTH3+/dZyE613uBnXDX5jiQ5JGD1FpKxP4APYYNTw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:53:39 2025 by rpki-client