Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/MQIg0tBTuMg6LHVTpglgu5BpSrM.roa
File: MQIg0tBTuMg6LHVTpglgu5BpSrM.roa (raw, json)
Hash identifier: 0s/BQbqY2kKMALV3OjZSf/A9aL653Hs1tsVLgPMUp0Y=
Subject key identifier: 31:02:20:D2:D0:53:B8:C8:3A:2C:75:53:A6:09:60:BB:90:69:4A:B3
Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial: 0E0A
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/MQIg0tBTuMg6LHVTpglgu5BpSrM.roa
Signing time: Fri 22 Aug 2025 08:50:59 +0000
ROA not before: Fri 22 Aug 2025 08:50:59 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 18419
IP address blocks: 39.1.96.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3594 (0xe0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Validity
Not Before: Aug 22 08:50:59 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=310220D2D053B8C83A2C7553A60960BB90694AB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d7:58:74:70:79:e0:df:c5:38:1e:8a:02:8c:
74:ee:30:a4:3d:75:50:af:62:7f:c6:f1:13:c8:e6:
06:3e:06:05:f2:a9:1f:ad:fc:76:aa:aa:c5:1b:83:
dd:73:bc:b9:8d:22:6c:9f:98:1b:d0:e0:75:d2:5f:
93:f2:21:8c:65:cb:5f:b6:1e:0b:d3:5b:ce:47:57:
8d:13:fe:6d:e3:9d:4d:47:ba:0a:2f:e6:05:b7:17:
27:5f:3e:97:d8:f9:d9:cf:9f:09:ad:94:32:f7:90:
ba:d2:13:a7:e0:97:af:5c:da:06:5c:c8:92:0d:63:
f8:fe:a1:cf:48:e7:e5:7c:55:f5:e2:22:8f:41:09:
0f:3e:29:12:11:23:b3:b6:f4:07:f2:0b:54:8d:74:
ef:04:5b:fd:4a:a9:f5:77:a6:74:ae:9c:25:31:db:
5e:69:34:24:12:b7:d8:f4:94:14:6d:89:3d:49:f0:
aa:ed:9a:5f:c7:1f:7f:2b:e7:7f:36:95:d3:6c:96:
b2:09:be:5c:cf:38:0c:e9:ef:3d:eb:b8:cb:1b:2a:
b8:bc:3d:9c:5f:36:29:10:7f:83:69:d5:88:62:73:
bb:ac:4f:68:49:bf:11:0f:04:76:04:64:b0:52:99:
44:5c:70:de:02:fa:95:00:64:0c:43:02:e5:0c:44:
41:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:02:20:D2:D0:53:B8:C8:3A:2C:75:53:A6:09:60:BB:90:69:4A:B3
X509v3 Authority Key Identifier:
keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/MQIg0tBTuMg6LHVTpglgu5BpSrM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
39.1.96.0/20
Signature Algorithm: sha256WithRSAEncryption
53:de:da:ed:a2:b4:53:8f:86:d3:ad:e6:2b:59:bf:ff:36:d3:
70:a7:e8:f6:fd:3b:5b:fc:6a:e1:27:d8:56:db:4c:f8:15:65:
e5:2a:ca:09:5d:3f:a5:04:e5:48:98:fa:5c:52:82:81:7c:f5:
ac:c4:03:fa:47:e4:aa:42:19:54:77:74:49:29:d3:7c:80:44:
c2:a0:12:a7:48:1a:69:61:e8:d8:df:e4:aa:45:c4:92:fb:f8:
2c:55:ea:1d:ba:cb:6e:8d:48:63:0f:8a:6f:73:3a:f9:b4:94:
23:cb:f6:39:0f:99:92:41:64:55:11:da:c7:ea:11:32:f1:1a:
06:5d:a6:70:4b:09:05:4f:d0:e0:09:86:de:4e:b5:1d:bd:e0:
54:6c:b8:43:23:d1:1a:22:48:14:9c:37:ea:8b:f3:fa:1f:ce:
5d:57:2a:f4:08:6e:3e:9d:79:58:19:0b:b3:47:c2:ea:e8:16:
92:8f:bb:8f:de:07:7b:94:3e:33:db:f7:34:5d:45:97:07:f8:
5c:8f:67:a2:3e:63:87:65:c1:d8:e4:10:ad:77:59:91:72:4b:
92:05:74:b6:d9:35:97:e8:40:4e:41:57:41:05:fe:44:a3:8b:
be:0e:69:cf:72:b4:fa:c5:8b:8c:d4:76:60:bf:0a:ca:78:ef:
cc:19:d5:8e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDgowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yNTA4MjIw
ODUwNTlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDMxMDIyMEQyRDA1M0I4
QzgzQTJDNzU1M0E2MDk2MEJCOTA2OTRBQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw11h0cHng38U4HooCjHTuMKQ9dVCvYn/G8RPI5gY+BgXyqR+t
/HaqqsUbg91zvLmNImyfmBvQ4HXSX5PyIYxly1+2HgvTW85HV40T/m3jnU1Hugov
5gW3FydfPpfY+dnPnwmtlDL3kLrSE6fgl69c2gZcyJINY/j+oc9I5+V8VfXiIo9B
CQ8+KRIRI7O29AfyC1SNdO8EW/1KqfV3pnSunCUx215pNCQSt9j0lBRtiT1J8Krt
ml/HH38r5382ldNslrIJvlzPOAzp7z3ruMsbKri8PZxfNikQf4Np1Yhic7usT2hJ
vxEPBHYEZLBSmURccN4C+pUAZAxDAuUMREHXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUMQIg0tBTuMg6LHVTpglgu5BpSrMwHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9NUUlnMHRCVHVNZzZMSFZUcGds
Z3U1QnBTck0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJwFg
MA0GCSqGSIb3DQEBCwUAA4IBAQBT3trtorRTj4bTreYrWb//NtNwp+j2/Ttb/Grh
J9hW20z4FWXlKsoJXT+lBOVImPpcUoKBfPWsxAP6R+SqQhlUd3RJKdN8gETCoBKn
SBppYejY3+SqRcSS+/gsVeodustujUhjD4pvczr5tJQjy/Y5D5mSQWRVEdrH6hEy
8RoGXaZwSwkFT9DgCYbeTrUdveBUbLhDI9EaIkgUnDfqi/P6H85dVyr0CG4+nXlY
GQuzR8Lq6BaSj7uP3gd7lD4z2/c0XUWXB/hcj2eiPmOHZcHY5BCtd1mRckuSBXS2
2TWX6EBOQVdBBf5Eo4u+DmnPcrT6xYuM1HZgvwrKeO/MGdWO
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:08 2025 by rpki-client