Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa
File: DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa (raw, json)
Hash identifier: M7DNC5f/ZNgNXYOcgP3RHvZDM8IuBzJhvvvGLFmDf0M=
Subject key identifier: 0E:89:AE:2F:95:42:47:50:91:0F:C9:1F:E0:A0:FE:66:F4:25:D4:79
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0DCB
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa
Signing time: Fri 22 Aug 2025 08:44:21 +0000
ROA not before: Fri 22 Aug 2025 08:44:21 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 38254
IP address blocks: 103.129.145.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3531 (0xdcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Aug 22 08:44:21 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=0E89AE2F95424750910FC91FE0A0FE66F425D479
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d7:32:68:6b:ec:1e:18:e9:de:e4:a8:a3:50:
5b:e6:ba:6f:df:32:c2:b6:b2:82:fd:68:d8:65:c3:
be:6e:36:11:04:bb:c0:4e:48:35:39:ef:37:69:94:
a9:d9:8b:fd:d2:bc:0f:9d:b4:24:69:aa:8b:69:b3:
08:bd:63:5d:59:1b:fc:98:fd:3a:15:02:9d:18:39:
60:87:3c:1d:71:12:3a:fa:ca:30:24:f5:7f:36:8c:
4c:72:64:de:98:02:a1:dc:19:a9:1b:2c:00:5c:ec:
70:53:bc:6a:64:d9:cc:ab:b7:12:f3:35:ef:63:53:
ed:29:35:56:b7:09:a8:5a:f9:fa:7a:db:dc:28:4a:
81:b0:bb:a1:40:e5:3b:8b:25:b8:6b:79:21:0f:13:
6c:3e:3d:b2:49:21:f9:69:f1:18:16:45:0f:ec:c5:
fa:1b:09:ae:4c:14:2f:1a:88:ae:47:58:65:1c:65:
9b:d7:4d:6c:d7:c2:47:75:7c:21:61:8a:54:cb:4c:
4d:d9:3a:32:12:a4:f2:1b:09:a3:b2:36:de:dc:fa:
40:5a:ee:2d:61:1a:60:96:73:bc:3c:65:4f:8b:14:
a7:6d:bb:4b:c5:ac:9f:46:43:8e:17:32:01:03:02:
1f:77:3d:66:58:37:d7:a6:6b:85:81:41:ad:f1:77:
99:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:89:AE:2F:95:42:47:50:91:0F:C9:1F:E0:A0:FE:66:F4:25:D4:79
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/DomuL5VCR1CRD8kf4KD-ZvQl1Hk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.145.0/24
Signature Algorithm: sha256WithRSAEncryption
14:fa:60:48:0b:ac:99:08:6b:5e:be:f7:14:b0:d3:a8:b9:93:
94:02:94:b2:0c:ad:29:ec:43:59:ed:1f:3c:ab:58:40:3a:7b:
ca:34:9f:c0:64:3c:48:89:d2:e7:e5:b4:19:61:d9:b8:3f:25:
26:78:ee:85:04:5a:3e:29:be:5d:e5:98:0a:6b:c8:cd:e6:7f:
16:5b:0b:6d:c2:f9:95:06:83:62:4d:51:cb:9b:0b:39:0f:01:
57:bc:89:b5:30:8b:15:09:f2:9b:18:fd:e7:5d:01:22:b5:16:
40:24:e0:65:0d:3e:00:29:34:d4:1b:70:52:7e:ed:50:5e:ba:
37:bb:de:9b:68:cf:a2:f5:e1:28:8b:8f:a3:fe:44:08:ab:24:
5a:d7:8e:55:3f:26:62:f6:4f:b7:09:04:e0:13:d6:95:07:b5:
d3:0f:f3:23:12:41:a4:d6:6d:7d:5a:0e:31:87:4b:c2:f7:dd:
28:b5:3b:a4:d2:b8:fd:71:4f:3f:09:e4:48:4b:ad:8a:bd:42:
ad:3b:6f:0f:8c:f2:a8:97:b1:bb:16:06:d3:31:1a:e4:69:2a:
c9:2e:4c:a9:88:54:02:cd:43:ef:cb:3a:06:51:ba:9b:2c:8a:
55:ae:76:89:41:c2:a1:95:94:32:9f:9d:bd:43:c9:e5:5e:cd:
67:8a:36:4e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDcswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA4MjIw
ODQ0MjFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDBFODlBRTJGOTU0MjQ3
NTA5MTBGQzkxRkUwQTBGRTY2RjQyNUQ0NzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDg1zJoa+weGOne5KijUFvmum/fMsK2soL9aNhlw75uNhEEu8BO
SDU57zdplKnZi/3SvA+dtCRpqotpswi9Y11ZG/yY/ToVAp0YOWCHPB1xEjr6yjAk
9X82jExyZN6YAqHcGakbLABc7HBTvGpk2cyrtxLzNe9jU+0pNVa3Caha+fp629wo
SoGwu6FA5TuLJbhreSEPE2w+PbJJIflp8RgWRQ/sxfobCa5MFC8aiK5HWGUcZZvX
TWzXwkd1fCFhilTLTE3ZOjISpPIbCaOyNt7c+kBa7i1hGmCWc7w8ZU+LFKdtu0vF
rJ9GQ44XMgEDAh93PWZYN9ema4WBQa3xd5lNAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUDomuL5VCR1CRD8kf4KD+ZvQl1HkwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0RvbXVMNVZDUjFDUkQ4a2Y0S0QtWnZR
bDFIay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZEwDQYJ
KoZIhvcNAQELBQADggEBABT6YEgLrJkIa16+9xSw06i5k5QClLIMrSnsQ1ntHzyr
WEA6e8o0n8BkPEiJ0ufltBlh2bg/JSZ47oUEWj4pvl3lmApryM3mfxZbC23C+ZUG
g2JNUcubCzkPAVe8ibUwixUJ8psY/eddASK1FkAk4GUNPgApNNQbcFJ+7VBeuje7
3ptoz6L14SiLj6P+RAirJFrXjlU/JmL2T7cJBOAT1pUHtdMP8yMSQaTWbX1aDjGH
S8L33Si1O6TSuP1xTz8J5EhLrYq9Qq07bw+M8qiXsbsWBtMxGuRpKskuTKmIVALN
Q+/LOgZRupssilWudolBwqGVlDKfnb1DyeVezWeKNk4=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:49:56 2025 by rpki-client