Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/IS2LrxQcXYojyogdnit3pCUydBw.roa
File: IS2LrxQcXYojyogdnit3pCUydBw.roa (raw, json)
Hash identifier: Tm+olkR0aKGzvS4I3+QR4fxXgoLKRa9UwrX3bgTbZEU=
Subject key identifier: 21:2D:8B:AF:14:1C:5D:8A:23:CA:88:1D:9E:2B:77:A4:25:32:74:1C
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 1472
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/IS2LrxQcXYojyogdnit3pCUydBw.roa
Signing time: Fri 22 Aug 2025 08:51:31 +0000
ROA not before: Fri 22 Aug 2025 08:51:31 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 131644
IP address blocks: 119.75.240.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5234 (0x1472)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Aug 22 08:51:31 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=212D8BAF141C5D8A23CA881D9E2B77A42532741C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f0:95:b4:2a:29:84:d3:b9:b4:18:dd:6e:73:
c3:0b:df:60:ae:b4:3d:5b:c6:26:b0:14:bf:c9:1c:
af:65:0d:9f:6e:07:e1:16:72:d3:a9:c3:ec:c1:e9:
f5:9f:22:2c:15:d0:e0:13:4e:5e:c5:ee:3d:3d:38:
7a:ad:8b:aa:e1:d1:85:f2:4d:86:b6:77:c4:64:05:
19:1a:83:75:26:3e:36:00:c0:82:c1:52:17:f2:5d:
fa:ae:ee:92:70:67:6a:e1:2d:56:66:a4:7e:d3:60:
7a:46:35:80:09:7d:9e:c2:89:6b:7e:a5:8e:c8:a7:
81:1d:00:26:c3:bc:6a:7e:96:38:38:8c:fb:64:c5:
ee:ef:5f:87:3e:58:09:dd:29:df:15:ff:77:93:b0:
35:df:66:e5:46:7e:ed:56:88:63:0b:55:f8:be:0a:
8f:3b:b3:06:4a:ff:9d:dd:86:ce:47:f8:de:7c:0b:
ee:6f:75:ad:8c:63:e1:d5:61:2e:5b:42:4e:04:b9:
58:b4:2e:b8:ec:95:ac:d9:9c:a5:68:9e:63:9b:15:
fa:43:aa:61:60:4e:c2:da:1c:20:cb:65:2e:51:5b:
ca:1e:3a:5a:61:ac:f3:dc:f0:9c:bb:99:69:3e:ad:
60:ca:92:07:d6:97:f7:c6:d6:e3:8f:ef:7f:05:58:
a1:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2D:8B:AF:14:1C:5D:8A:23:CA:88:1D:9E:2B:77:A4:25:32:74:1C
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/IS2LrxQcXYojyogdnit3pCUydBw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.75.240.0/22
Signature Algorithm: sha256WithRSAEncryption
65:9e:25:42:1a:fa:f7:d6:85:5e:4e:99:30:04:d2:23:8f:86:
6d:94:3d:1e:38:f4:c2:ab:7d:21:2a:94:c6:0e:51:bf:b5:e1:
2a:7b:6a:fe:44:3d:db:ea:b2:ef:d8:fb:35:a7:d0:2c:c1:75:
b8:24:08:ce:6e:85:ea:6d:61:eb:16:0c:c4:a3:bd:29:eb:e3:
eb:ea:9c:86:1b:0f:d2:4b:c3:25:14:73:95:40:21:60:5f:c7:
35:dc:3d:69:e3:c0:f9:3d:88:85:29:4e:c5:c7:ff:a8:3e:92:
2b:e6:e9:c6:06:90:fb:1a:ea:4c:92:c6:99:94:41:6c:e5:43:
e5:07:00:76:ed:8a:f2:21:13:dd:a3:2c:4b:ed:db:1a:30:53:
f8:85:53:66:b8:fa:7c:ea:93:24:e9:b4:f5:a5:ec:44:89:a5:
0d:10:45:2e:84:4e:02:10:60:77:03:62:1e:d3:77:95:91:3d:
79:1e:e8:19:e1:e0:76:34:1c:d6:05:4d:1c:59:17:4b:0f:37:
24:4d:60:8d:6d:7b:4a:c6:74:98:6a:46:d1:7b:7e:7f:66:7a:
00:a7:04:7a:7a:57:76:11:d8:a3:75:c9:04:77:17:f8:10:77:
ff:85:41:6a:d5:47:1a:58:6a:a6:aa:70:12:34:e0:cd:0d:50:
e5:c2:02:b7
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTA4MjIw
ODUxMzFaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDIxMkQ4QkFGMTQxQzVE
OEEyM0NBODgxRDlFMkI3N0E0MjUzMjc0MUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa8JW0KimE07m0GN1uc8ML32CutD1bxiawFL/JHK9lDZ9uB+EW
ctOpw+zB6fWfIiwV0OATTl7F7j09OHqti6rh0YXyTYa2d8RkBRkag3UmPjYAwILB
UhfyXfqu7pJwZ2rhLVZmpH7TYHpGNYAJfZ7CiWt+pY7Ip4EdACbDvGp+ljg4jPtk
xe7vX4c+WAndKd8V/3eTsDXfZuVGfu1WiGMLVfi+Co87swZK/53dhs5H+N58C+5v
da2MY+HVYS5bQk4EuVi0LrjslazZnKVonmObFfpDqmFgTsLaHCDLZS5RW8oeOlph
rPPc8Jy7mWk+rWDKkgfWl/fG1uOP738FWKENAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUIS2LrxQcXYojyogdnit3pCUydBwwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9JUzJMcnhRY1hZb2p5b2dkbml0
M3BDVXlkQncucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCd0vw
MA0GCSqGSIb3DQEBCwUAA4IBAQBlniVCGvr31oVeTpkwBNIjj4ZtlD0eOPTCq30h
KpTGDlG/teEqe2r+RD3b6rLv2Ps1p9AswXW4JAjOboXqbWHrFgzEo70p6+Pr6pyG
Gw/SS8MlFHOVQCFgX8c13D1p48D5PYiFKU7Fx/+oPpIr5unGBpD7GupMksaZlEFs
5UPlBwB27YryIRPdoyxL7dsaMFP4hVNmuPp86pMk6bT1pexEiaUNEEUuhE4CEGB3
A2Ie03eVkT15HugZ4eB2NBzWBU0cWRdLDzckTWCNbXtKxnSYakbRe35/ZnoApwR6
eld2EdijdckEdxf4EHf/hUFq1UcaWGqmqnASNODNDVDlwgK3
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:50:39 2025 by rpki-client