Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/T68GOVLZPb3lZ-YNJ4VAZw4M1x4.roa
File: T68GOVLZPb3lZ-YNJ4VAZw4M1x4.roa (raw, json)
Hash identifier: mBTNLV9JvVgmuTksJH9h3fKt3M6AhXmmRl6pTEal/XI=
Subject key identifier: 4F:AF:06:39:52:D9:3D:BD:E5:67:E6:0D:27:85:40:67:0E:0C:D7:1E
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0DCA
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/T68GOVLZPb3lZ-YNJ4VAZw4M1x4.roa
Signing time: Fri 22 Aug 2025 08:44:21 +0000
ROA not before: Fri 22 Aug 2025 08:44:21 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 38254
IP address blocks: 2403:7f40:e000::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3530 (0xdca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Aug 22 08:44:21 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=4FAF063952D93DBDE567E60D278540670E0CD71E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6a:94:2c:e0:a7:19:96:fb:78:34:7f:67:fd:
ce:99:4c:7d:af:52:c5:0f:b1:c2:e5:61:07:82:5a:
8d:6e:40:95:d8:c8:42:d6:82:6b:75:c8:10:7c:18:
cd:28:3a:45:d6:31:40:94:e2:7c:3f:19:d7:e4:4d:
2e:72:7a:f3:ba:61:fa:29:64:b5:2c:9b:4c:21:16:
e9:e8:94:63:11:bb:09:bb:a3:93:4a:07:2a:73:0b:
b8:91:2d:77:9d:87:e6:ab:af:8e:b9:81:fe:ab:ae:
7e:72:5b:06:db:8f:e7:2a:fc:89:99:37:d8:36:b5:
37:ba:0e:8b:f7:90:78:d1:e6:ee:f3:30:ed:6c:05:
3c:7f:02:e0:02:cb:30:1e:47:fb:05:78:bd:f6:d1:
f5:6d:0e:28:37:e2:6c:3c:d7:30:79:16:41:ca:e2:
12:89:b5:46:c2:74:50:73:18:76:a3:a3:9f:71:71:
06:41:ed:41:5e:5a:35:e3:c7:bc:a1:cd:10:72:7a:
2d:79:8a:74:79:27:a5:88:73:11:0e:6a:9c:cd:cc:
d5:36:3f:e7:13:04:06:2b:aa:12:b3:36:63:4c:68:
af:32:56:67:4e:62:aa:d8:58:c5:5b:2f:9f:c4:37:
02:99:15:59:56:f9:b0:e1:05:ea:61:61:10:0f:fd:
bd:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:AF:06:39:52:D9:3D:BD:E5:67:E6:0D:27:85:40:67:0E:0C:D7:1E
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/T68GOVLZPb3lZ-YNJ4VAZw4M1x4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:e000::/48
Signature Algorithm: sha256WithRSAEncryption
95:13:50:bf:53:c6:f0:47:7e:6d:4e:06:7b:fb:6b:d5:03:0c:
4e:65:f2:c3:63:c8:1b:91:f6:3b:72:82:09:22:a4:8d:3a:81:
bd:5d:f8:2f:16:2a:a2:b1:4f:ae:4a:3d:be:0c:48:8a:0a:03:
a9:92:ad:b0:5c:1a:28:ee:84:90:3b:30:02:92:1a:17:7d:e5:
0b:51:b9:26:ad:57:76:f0:e2:1b:60:a1:1a:e2:c3:b5:3e:bb:
ab:98:1b:78:1e:4f:cb:60:66:0f:e0:09:09:46:2a:cc:eb:e7:
ef:26:b1:29:fc:2e:a9:d1:bb:7c:66:13:b6:5e:c5:cd:ea:8e:
2e:5a:b3:7a:b2:19:20:4e:a4:23:3a:c1:18:84:8f:88:2d:f3:
5c:9e:92:c0:a9:a3:b9:39:8e:ae:e9:fd:49:76:48:00:05:ad:
5a:dc:81:48:83:50:5b:bd:ee:41:db:66:7a:39:68:32:f6:62:
67:33:c4:fd:31:3e:46:dc:75:3d:85:93:e3:b6:11:96:f0:3a:
c1:37:20:8e:86:21:9f:5d:c6:5f:a5:6c:7f:05:8c:70:64:c4:
e4:f8:d2:42:66:20:5e:ad:03:3a:43:b0:61:c0:2a:bb:09:37:
57:7b:93:ac:30:84:7d:f3:c7:5a:1f:30:ea:4b:2a:3e:3f:47:
93:86:5c:98
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDcowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yNTA4MjIw
ODQ0MjFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDRGQUYwNjM5NTJEOTNE
QkRFNTY3RTYwRDI3ODU0MDY3MEUwQ0Q3MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOapQs4KcZlvt4NH9n/c6ZTH2vUsUPscLlYQeCWo1uQJXYyELW
gmt1yBB8GM0oOkXWMUCU4nw/GdfkTS5yevO6YfopZLUsm0whFunolGMRuwm7o5NK
BypzC7iRLXedh+arr465gf6rrn5yWwbbj+cq/ImZN9g2tTe6Dov3kHjR5u7zMO1s
BTx/AuACyzAeR/sFeL320fVtDig34mw81zB5FkHK4hKJtUbCdFBzGHajo59xcQZB
7UFeWjXjx7yhzRByei15inR5J6WIcxEOapzNzNU2P+cTBAYrqhKzNmNMaK8yVmdO
YqrYWMVbL5/ENwKZFVlW+bDhBephYRAP/b2XAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUT68GOVLZPb3lZ+YNJ4VAZw4M1x4wHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL1Q2OEdPVkxaUGIzbFotWU5KNFZBWnc0
TTF4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A4AAw
DQYJKoZIhvcNAQELBQADggEBAJUTUL9TxvBHfm1OBnv7a9UDDE5l8sNjyBuR9jty
ggkipI06gb1d+C8WKqKxT65KPb4MSIoKA6mSrbBcGijuhJA7MAKSGhd95QtRuSat
V3bw4htgoRriw7U+u6uYG3geT8tgZg/gCQlGKszr5+8msSn8LqnRu3xmE7Zexc3q
ji5as3qyGSBOpCM6wRiEj4gt81yeksCpo7k5jq7p/Ul2SAAFrVrcgUiDUFu97kHb
Zno5aDL2YmczxP0xPkbcdT2Fk+O2EZbwOsE3II6GIZ9dxl+lbH8FjHBkxOT40kJm
IF6tAzpDsGHAKrsJN1d7k6wwhH3zx1ofMOpLKj4/R5OGXJg=
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:53:53 2025 by rpki-client