Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/KvfHidfL35UNVHaj2OJ_aKbDFiA.roa
File: KvfHidfL35UNVHaj2OJ_aKbDFiA.roa (raw, json)
Hash identifier: u/tjCfTVMjj8elrABLjqRRjZGm8/5TsNdNsC8yCc/+8=
Subject key identifier: 2A:F7:C7:89:D7:CB:DF:95:0D:54:76:A3:D8:E2:7F:68:A6:C3:16:20
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0DC6
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/KvfHidfL35UNVHaj2OJ_aKbDFiA.roa
Signing time: Fri 22 Aug 2025 08:44:20 +0000
ROA not before: Fri 22 Aug 2025 08:44:20 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 131639
IP address blocks: 2403:7f40:f000::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3526 (0xdc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Aug 22 08:44:20 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=2AF7C789D7CBDF950D5476A3D8E27F68A6C31620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1b:0e:91:38:ce:51:90:9c:58:a5:53:1f:6c:
86:89:2e:1c:59:30:b2:35:e5:48:dd:a2:fb:8e:33:
8a:fd:27:05:c7:f8:94:c1:bd:24:88:4b:d4:f0:bc:
ec:23:57:73:a3:16:b0:37:4e:46:99:d6:65:f0:91:
dd:f2:35:55:08:7b:10:22:a6:a4:67:ea:86:28:69:
23:43:4f:96:5a:97:1f:58:4f:92:cf:4b:ca:70:33:
aa:f0:e6:5a:7b:dc:44:3e:3a:66:b6:47:87:ef:2c:
41:ac:79:14:ac:61:f2:8f:2c:fe:a1:27:4a:57:e1:
b2:81:e1:d6:62:42:58:b6:6e:a9:b5:00:9e:13:e8:
24:f3:ee:d6:04:63:cc:8f:f8:90:4f:03:01:0d:9f:
34:83:a9:7c:22:94:4d:07:ea:b5:fe:a7:9b:00:92:
26:eb:26:6a:50:b6:01:1b:6c:0a:9b:88:60:e7:80:
cf:23:cc:01:48:6d:48:2b:2a:4a:f3:28:97:4c:1f:
72:e1:79:5c:4c:f7:e3:1b:ec:9d:18:fd:ff:d6:d8:
5b:61:10:31:3d:2b:5d:22:c7:f0:eb:3b:25:92:61:
39:52:d8:b3:9b:1f:0c:75:81:df:a7:53:28:2d:8e:
e5:e5:f6:73:bd:0e:b1:49:6a:a7:f0:aa:fe:01:53:
f9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F7:C7:89:D7:CB:DF:95:0D:54:76:A3:D8:E2:7F:68:A6:C3:16:20
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/KvfHidfL35UNVHaj2OJ_aKbDFiA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:f000::/48
Signature Algorithm: sha256WithRSAEncryption
8b:f6:ab:45:df:ef:66:0c:34:7a:9d:60:8c:3c:b2:69:ba:8b:
2c:b5:60:32:d9:b9:43:2c:d0:b7:f3:47:18:5a:24:f0:0e:60:
01:e2:ac:49:4b:86:db:4a:c8:09:a8:ae:2d:60:5c:04:32:0d:
14:61:27:9d:f4:9c:a9:2f:02:a1:2f:70:f9:04:be:58:69:ec:
16:48:01:6a:2d:30:21:70:5e:f9:97:73:fe:6e:fb:d7:db:b0:
4e:85:97:b1:d9:03:9d:b0:c3:98:75:ab:8c:d3:03:94:c1:37:
71:66:dc:6e:d2:92:74:f9:ae:54:c2:54:e6:70:e8:db:52:34:
90:b8:d9:3d:57:29:cc:20:2e:97:78:b1:2c:d5:66:7f:ad:35:
c8:5c:4d:6c:9c:98:bf:b5:b1:9e:1d:1f:16:46:2b:49:71:df:
8d:dd:89:43:3b:e9:ff:da:0f:0c:f4:5f:d5:dc:55:98:a7:8b:
9c:56:cc:a2:f5:22:c5:8e:1a:d4:47:ee:34:3c:29:c2:a4:7d:
52:ae:c5:7e:8d:60:71:57:d7:dd:6c:33:cc:56:82:68:ec:1a:
ae:56:53:dd:ac:a8:cf:0a:0b:1d:19:0f:7e:5a:a8:2e:b1:2f:
29:c1:dd:ad:64:8d:72:89:df:ae:be:e8:d0:35:9f:ce:61:38:
39:06:63:8e
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDcYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA4MjIw
ODQ0MjBaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDJBRjdDNzg5RDdDQkRG
OTUwRDU0NzZBM0Q4RTI3RjY4QTZDMzE2MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsGw6ROM5RkJxYpVMfbIaJLhxZMLI15UjdovuOM4r9JwXH+JTB
vSSIS9TwvOwjV3OjFrA3TkaZ1mXwkd3yNVUIexAipqRn6oYoaSNDT5Zalx9YT5LP
S8pwM6rw5lp73EQ+Oma2R4fvLEGseRSsYfKPLP6hJ0pX4bKB4dZiQli2bqm1AJ4T
6CTz7tYEY8yP+JBPAwENnzSDqXwilE0H6rX+p5sAkibrJmpQtgEbbAqbiGDngM8j
zAFIbUgrKkrzKJdMH3LheVxM9+Mb7J0Y/f/W2FthEDE9K10ix/DrOyWSYTlS2LOb
Hwx1gd+nUygtjuXl9nO9DrFJaqfwqv4BU/kbAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUKvfHidfL35UNVHaj2OJ/aKbDFiAwHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0t2ZkhpZGZMMzVVTlZIYWoyT0pfYUti
REZpQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A8AAw
DQYJKoZIhvcNAQELBQADggEBAIv2q0Xf72YMNHqdYIw8smm6iyy1YDLZuUMs0Lfz
RxhaJPAOYAHirElLhttKyAmori1gXAQyDRRhJ530nKkvAqEvcPkEvlhp7BZIAWot
MCFwXvmXc/5u+9fbsE6Fl7HZA52ww5h1q4zTA5TBN3Fm3G7SknT5rlTCVOZw6NtS
NJC42T1XKcwgLpd4sSzVZn+tNchcTWycmL+1sZ4dHxZGK0lx343diUM76f/aDwz0
X9XcVZini5xWzKL1IsWOGtRH7jQ8KcKkfVKuxX6NYHFX191sM8xWgmjsGq5WU92s
qM8KCx0ZD35aqC6xLynB3a1kjXKJ366+6NA1n85hODkGY44=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:49 2025 by rpki-client