Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/I5Yl1FMgJzdCbpVGzlcYdM211FM.roa
File: I5Yl1FMgJzdCbpVGzlcYdM211FM.roa (raw, json)
Hash identifier: 7NI4icw6KrQdAfpZaCdH1YC0VHTNDqcXdFb82TC6Iqk=
Subject key identifier: 23:96:25:D4:53:20:27:37:42:6E:95:46:CE:57:18:74:CD:B5:D4:53
Certificate issuer: /CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9
Certificate serial: 0E1F
Authority key identifier: DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/I5Yl1FMgJzdCbpVGzlcYdM211FM.roa
Signing time: Fri 22 Aug 2025 09:00:53 +0000
ROA not before: Fri 22 Aug 2025 09:00:53 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 131607
IP address blocks: 101.3.188.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3615 (0xe1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DF5673A1972126E7D2CC5D4D51B49108345BF8C9
Validity
Not Before: Aug 22 09:00:53 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=239625D453202737426E9546CE571874CDB5D453
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:5b:b4:70:90:7f:4a:67:56:e9:07:b5:36:10:
97:46:27:2c:31:f6:e0:17:77:4f:73:75:25:ba:25:
52:11:e8:25:a0:ad:e5:02:69:ed:e1:83:08:3f:41:
6e:10:26:66:2d:25:6a:ac:d2:8c:0f:2b:4b:61:ae:
bb:07:86:f6:c7:e5:96:90:ef:a2:31:1e:01:32:8c:
09:c0:68:91:49:ea:fb:8a:05:d9:fd:df:43:de:fa:
86:bc:f9:14:3f:94:03:da:4e:78:75:35:f4:32:e0:
af:08:bb:e3:3d:bb:d2:91:b1:29:af:dc:4a:63:14:
50:04:c8:8e:f2:76:80:21:1b:29:37:97:6a:51:dc:
ed:60:74:43:00:aa:77:3c:ab:03:d2:5d:f6:19:9a:
06:b7:91:f5:cc:e5:dd:88:04:23:09:d4:be:af:fc:
72:aa:c4:02:e5:8a:65:8f:e2:3a:69:e3:f6:7f:c4:
9c:b3:dc:79:df:29:96:f2:56:02:10:00:c9:80:61:
02:df:5b:b0:ce:53:9c:5c:5f:f4:4b:9e:0a:8e:40:
e1:4c:65:3c:28:3f:e1:3c:46:df:0c:54:a8:09:0f:
96:d5:34:f9:49:ac:0b:b4:69:46:f8:09:1a:b6:71:
07:5c:5f:96:22:9b:8f:42:80:a0:e2:44:51:37:30:
08:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:96:25:D4:53:20:27:37:42:6E:95:46:CE:57:18:74:CD:B5:D4:53
X509v3 Authority Key Identifier:
keyid:DF:56:73:A1:97:21:26:E7:D2:CC:5D:4D:51:B4:91:08:34:5B:F8:C9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/31ZzoZchJufSzF1NUbSRCDRb-Mk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/31ZzoZchJufSzF1NUbSRCDRb-Mk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TAIFO7716/I5Yl1FMgJzdCbpVGzlcYdM211FM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
101.3.188.0/22
Signature Algorithm: sha256WithRSAEncryption
97:75:85:85:0e:c0:98:da:cc:ec:07:cb:29:32:cf:33:d1:d6:
64:2d:23:e6:c9:5a:7e:ff:71:76:0d:06:67:5d:94:87:df:ac:
9d:a9:52:f7:fd:74:c0:3b:90:a5:77:52:d8:5e:8f:5e:21:b8:
85:79:29:9c:39:a2:2c:78:c0:ae:b9:4b:ac:66:b4:61:a1:a4:
94:63:41:d6:8d:3f:e6:23:b4:f7:47:be:b7:8a:89:9b:21:3f:
51:0b:ec:c0:77:6a:b0:51:7c:da:9c:bb:e5:4f:81:9e:a8:39:
e5:79:a8:69:9a:d9:ba:9a:1b:b1:9e:7c:47:f7:83:cc:ae:ad:
68:8b:25:a4:5c:0a:c8:e3:84:d9:b3:56:46:92:a9:0e:29:81:
53:26:4f:37:a0:66:47:8b:97:91:dd:02:50:89:bf:cd:0f:59:
18:98:bc:70:ee:a8:bd:cf:9d:c2:00:ba:6d:de:d3:18:68:9c:
37:9e:3c:ed:da:14:5e:98:21:90:3d:d5:da:c6:ab:54:b7:86:
37:3e:08:aa:28:43:1e:bf:af:43:79:1b:df:b0:08:cd:6b:fc:
bd:69:df:4b:88:3a:e8:41:47:81:cd:19:02:be:9e:e0:17:4e:
47:b7:37:82:0d:58:00:b7:d9:e5:a4:32:41:69:d9:39:d7:10:
fd:9f:0a:8b
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICDh8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREY1
NjczQTE5NzIxMjZFN0QyQ0M1RDRENTFCNDkxMDgzNDVCRjhDOTAeFw0yNTA4MjIw
OTAwNTNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDIzOTYyNUQ0NTMyMDI3
Mzc0MjZFOTU0NkNFNTcxODc0Q0RCNUQ0NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgW7RwkH9KZ1bpB7U2EJdGJywx9uAXd09zdSW6JVIR6CWgreUC
ae3hgwg/QW4QJmYtJWqs0owPK0thrrsHhvbH5ZaQ76IxHgEyjAnAaJFJ6vuKBdn9
30Pe+oa8+RQ/lAPaTnh1NfQy4K8Iu+M9u9KRsSmv3EpjFFAEyI7ydoAhGyk3l2pR
3O1gdEMAqnc8qwPSXfYZmga3kfXM5d2IBCMJ1L6v/HKqxALlimWP4jpp4/Z/xJyz
3HnfKZbyVgIQAMmAYQLfW7DOU5xcX/RLngqOQOFMZTwoP+E8Rt8MVKgJD5bVNPlJ
rAu0aUb4CRq2cQdcX5Yim49CgKDiRFE3MAh3AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUI5Yl1FMgJzdCbpVGzlcYdM211FMwHwYDVR0jBBgwFoAU31ZzoZchJufSzF1N
UbSRCDRb+MkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83
NzE2LzMxWnpvWmNoSnVmU3pGMU5VYlNSQ0RSYi1Nay5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvMzFaem9aY2hKdWZTekYxTlViU1JDRFJiLU1rLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFJRk83NzE2L0k1WWwxRk1nSnpk
Q2JwVkd6bGNZZE0yMTFGTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJlA7wwDQYJKoZIhvcNAQELBQADggEBAJd1hYUOwJjazOwHyykyzzPR1mQt
I+bJWn7/cXYNBmddlIffrJ2pUvf9dMA7kKV3Uthej14huIV5KZw5oix4wK65S6xm
tGGhpJRjQdaNP+YjtPdHvreKiZshP1EL7MB3arBRfNqcu+VPgZ6oOeV5qGma2bqa
G7GefEf3g8yurWiLJaRcCsjjhNmzVkaSqQ4pgVMmTzegZkeLl5HdAlCJv80PWRiY
vHDuqL3PncIAum3e0xhonDeePO3aFF6YIZA91drGq1S3hjc+CKooQx6/r0N5G9+w
CM1r/L1p30uIOuhBR4HNGQK+nuAXTke3N4INWAC32eWkMkFp2TnXEP2fCos=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:57 2025 by rpki-client