Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/0Yo-A-NRvhxwfZMnNHKdkurBspY.roa
File: 0Yo-A-NRvhxwfZMnNHKdkurBspY.roa (raw, json)
Hash identifier: RpbWtGY506zgMpKYDlfJZLVWfHe7LhJIfoSW1QYFHHM=
Subject key identifier: D1:8A:3E:03:E3:51:BE:1C:70:7D:93:27:34:72:9D:92:EA:C1:B2:96
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0DC5
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0Yo-A-NRvhxwfZMnNHKdkurBspY.roa
Signing time: Fri 22 Aug 2025 08:44:20 +0000
ROA not before: Fri 22 Aug 2025 08:44:20 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 5065
IP address blocks: 103.129.144.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3525 (0xdc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Aug 22 08:44:20 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=D18A3E03E351BE1C707D932734729D92EAC1B296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d9:97:bb:3a:41:8e:df:31:e4:a6:ff:89:66:
cc:ea:2d:25:b0:76:3c:0b:d1:a4:17:f6:6a:93:cf:
c4:6e:a2:38:c1:06:d2:41:d1:dd:7d:63:03:81:cf:
a8:99:bd:cc:5c:d5:2a:b3:a2:f4:e6:9a:9e:f5:66:
11:ec:d9:90:d7:37:e6:d5:e6:2f:e1:f4:99:88:f0:
a5:3d:80:d8:9c:48:f5:17:90:20:3d:3d:78:7a:29:
63:93:0a:f1:d6:6e:8f:87:fc:f0:06:02:b8:33:c3:
16:3c:32:86:e3:c2:b1:fe:f1:d9:95:f0:6e:fa:9d:
74:6e:b8:f9:16:8d:93:1c:5b:ef:18:13:9b:38:97:
31:0e:45:7a:ea:99:28:f0:ad:0b:a0:8b:7c:da:d1:
13:0e:b0:3f:bb:c7:17:60:61:ac:85:70:de:79:98:
40:e0:34:59:10:c6:e3:03:38:cd:da:24:11:9b:8d:
09:99:97:84:bd:f3:9e:4d:01:6b:69:f9:0b:ed:b0:
f0:78:4e:4d:9d:fb:8e:0c:79:8b:a8:9f:3b:8f:ae:
dd:cb:24:ab:e6:e2:9d:8a:b9:83:51:1d:95:2d:45:
00:5a:49:54:57:a3:8f:d2:30:ba:53:16:8e:de:bc:
3b:1b:3f:c2:70:90:ad:91:a2:d6:66:81:91:48:8c:
78:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:8A:3E:03:E3:51:BE:1C:70:7D:93:27:34:72:9D:92:EA:C1:B2:96
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/0Yo-A-NRvhxwfZMnNHKdkurBspY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.144.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:10:96:b7:c5:f6:cc:65:45:e8:78:24:36:f2:57:0e:18:ac:
e3:65:a0:e5:e5:ba:59:53:99:9a:0f:95:f0:41:98:91:ff:d5:
26:8a:48:57:3e:90:db:ee:70:97:5b:66:b2:73:5d:fc:af:9a:
a1:b0:ba:d7:cf:e2:f1:b8:44:2c:ee:af:3a:38:ea:8b:da:a4:
2e:81:8e:ff:89:b9:b4:29:bc:39:5d:55:e5:1e:e5:8d:96:46:
84:4c:77:2c:c4:30:a0:b6:eb:c0:c6:97:64:3e:1e:e0:9a:fe:
0f:68:2e:43:81:a9:e3:68:0b:d8:89:ae:62:44:35:38:d0:25:
94:c0:e0:9a:62:ef:f8:54:75:11:8f:e9:d2:86:2b:2e:14:29:
1b:7e:fc:7e:4c:5b:19:a5:14:fa:3f:5a:21:0d:f6:c6:37:44:
0b:b5:b5:ee:b2:52:69:ce:43:26:b6:0d:71:58:06:9a:bd:33:
ae:c7:a7:ad:80:e1:bd:0f:92:a0:08:99:60:72:00:0b:19:b0:
e1:2b:a1:97:79:69:ba:2f:4b:8f:f0:4c:38:6c:6b:3c:e9:d4:
e1:95:af:9e:83:26:a2:e7:e9:51:c1:5d:fd:80:e2:7e:86:35:
d9:da:aa:80:76:d2:44:29:ff:f7:85:99:20:be:19:b2:dc:72:
1d:83:9b:bb
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDcUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA4MjIw
ODQ0MjBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKEQxOEEzRTAzRTM1MUJF
MUM3MDdEOTMyNzM0NzI5RDkyRUFDMUIyOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDq2Ze7OkGO3zHkpv+JZszqLSWwdjwL0aQX9mqTz8RuojjBBtJB
0d19YwOBz6iZvcxc1SqzovTmmp71ZhHs2ZDXN+bV5i/h9JmI8KU9gNicSPUXkCA9
PXh6KWOTCvHWbo+H/PAGArgzwxY8MobjwrH+8dmV8G76nXRuuPkWjZMcW+8YE5s4
lzEORXrqmSjwrQugi3za0RMOsD+7xxdgYayFcN55mEDgNFkQxuMDOM3aJBGbjQmZ
l4S9855NAWtp+QvtsPB4Tk2d+44MeYuonzuPrt3LJKvm4p2KuYNRHZUtRQBaSVRX
o4/SMLpTFo7evDsbP8JwkK2RotZmgZFIjHiRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU0Yo+A+NRvhxwfZMnNHKdkurBspYwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzBZby1BLU5Sdmh4d2ZaTW5OSEtka3Vy
QnNwWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZAwDQYJ
KoZIhvcNAQELBQADggEBAGwQlrfF9sxlReh4JDbyVw4YrONloOXlullTmZoPlfBB
mJH/1SaKSFc+kNvucJdbZrJzXfyvmqGwutfP4vG4RCzurzo46ovapC6Bjv+JubQp
vDldVeUe5Y2WRoRMdyzEMKC268DGl2Q+HuCa/g9oLkOBqeNoC9iJrmJENTjQJZTA
4Jpi7/hUdRGP6dKGKy4UKRt+/H5MWxmlFPo/WiEN9sY3RAu1te6yUmnOQya2DXFY
Bpq9M67Hp62A4b0PkqAImWByAAsZsOEroZd5abovS4/wTDhsazzp1OGVr56DJqLn
6VHBXf2A4n6GNdnaqoB20kQp//eFmSC+GbLcch2Dm7s=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:52:43 2025 by rpki-client