Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/izVRQ7JLPoikKp5m-2SqYrAutUQ.roa
File: izVRQ7JLPoikKp5m-2SqYrAutUQ.roa (raw, json)
Hash identifier: HBf6u6pm8Xxecg4TSXECUcvkRPQipEAyoXUxPHY1K2M=
Subject key identifier: 8B:35:51:43:B2:4B:3E:88:A4:2A:9E:66:FB:64:AA:62:B0:2E:B5:44
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 1466
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/izVRQ7JLPoikKp5m-2SqYrAutUQ.roa
Signing time: Fri 22 Aug 2025 08:51:29 +0000
ROA not before: Fri 22 Aug 2025 08:51:29 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 131621
IP address blocks: 182.173.1.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5222 (0x1466)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Aug 22 08:51:29 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=8B355143B24B3E88A42A9E66FB64AA62B02EB544
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2f:c1:b9:19:6b:10:f1:f5:e8:04:76:2a:35:
3f:6a:f7:1a:66:0f:4f:21:84:43:e7:37:4c:a5:2d:
27:e4:d5:67:fd:67:3c:a0:8b:ee:db:a2:45:cc:ca:
40:aa:29:bc:81:7b:f6:40:8b:48:68:73:c3:f6:5e:
4b:88:70:8c:de:9a:94:64:59:9e:31:09:d2:71:c2:
4e:dd:13:71:e8:69:3d:4e:ef:8b:c9:2c:71:7e:35:
bb:1a:33:3f:b9:fc:b9:b2:4e:2a:b9:33:c6:14:f2:
c9:9b:43:2c:bf:b1:df:aa:16:b0:71:1e:fc:95:5c:
14:59:92:9c:f4:5a:de:45:50:a0:8b:58:82:ab:31:
2b:b0:97:e2:47:d6:a6:2e:0f:8c:97:43:76:34:87:
a9:ef:68:28:29:07:1c:87:6d:b9:8c:f8:f0:32:bf:
f3:0e:4a:12:fe:c9:1d:71:d7:ba:f2:b8:ba:1a:2a:
1d:70:de:a0:75:89:b9:30:c8:48:f5:61:23:81:32:
31:06:f2:54:19:13:42:ad:80:35:30:49:8c:ad:fd:
d3:46:9f:48:cb:38:18:96:84:14:02:60:de:39:fe:
63:f7:e8:88:a1:23:e9:19:5e:8d:1a:87:9e:3e:b4:
d0:81:86:25:77:fc:7f:4e:7b:70:ed:a5:70:6b:6d:
b8:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:35:51:43:B2:4B:3E:88:A4:2A:9E:66:FB:64:AA:62:B0:2E:B5:44
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/izVRQ7JLPoikKp5m-2SqYrAutUQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
182.173.1.0/24
Signature Algorithm: sha256WithRSAEncryption
78:61:c3:ce:63:ba:f5:b6:22:a1:6c:2b:52:af:21:90:7b:f2:
4e:5b:17:b6:17:35:27:db:ae:a1:42:a2:b7:09:46:a4:3e:68:
25:94:65:0f:b9:b8:ff:f0:28:89:a0:03:d1:8e:1e:08:ce:e0:
4d:82:fc:5b:2c:29:32:66:9a:59:e4:84:4f:2b:5a:77:d4:8d:
5a:a4:03:38:b7:a1:8a:57:d6:8a:c7:bf:a6:45:ec:5c:5d:25:
4f:c4:cf:37:9d:16:af:28:64:b5:92:3b:20:19:d0:78:e5:95:
26:e0:f4:60:f2:12:88:2c:30:55:41:d7:94:ba:46:1d:a9:a6:
be:df:8f:c5:d9:70:cc:18:96:c3:95:7e:df:c8:4f:44:19:73:
51:de:27:12:b2:45:17:a7:10:a3:01:df:49:40:33:5b:ff:ab:
31:65:82:20:55:ce:3e:46:27:f1:f1:33:66:13:13:d7:23:2f:
2e:81:c7:55:47:f1:22:66:71:9a:78:e9:f8:21:0c:2a:c4:99:
58:93:7c:4d:38:c7:3e:0d:43:32:cd:26:e7:b3:49:03:88:6e:
71:f6:0e:95:31:ed:7a:a8:c4:54:25:8e:b7:1b:a8:69:08:34:
3c:78:68:e9:f3:c2:0b:de:63:56:32:02:16:41:c4:c8:63:77:
1a:e2:c0:61
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFGYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yNTA4MjIw
ODUxMjlaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDhCMzU1MTQzQjI0QjNF
ODhBNDJBOUU2NkZCNjRBQTYyQjAyRUI1NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTL8G5GWsQ8fXoBHYqNT9q9xpmD08hhEPnN0ylLSfk1Wf9Zzyg
i+7bokXMykCqKbyBe/ZAi0hoc8P2XkuIcIzempRkWZ4xCdJxwk7dE3HoaT1O74vJ
LHF+NbsaMz+5/LmyTiq5M8YU8smbQyy/sd+qFrBxHvyVXBRZkpz0Wt5FUKCLWIKr
MSuwl+JH1qYuD4yXQ3Y0h6nvaCgpBxyHbbmM+PAyv/MOShL+yR1x17ryuLoaKh1w
3qB1ibkwyEj1YSOBMjEG8lQZE0KtgDUwSYyt/dNGn0jLOBiWhBQCYN45/mP36Iih
I+kZXo0ah54+tNCBhiV3/H9Oe3DtpXBrbbiXAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUizVRQ7JLPoikKp5m+2SqYrAutUQwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9pelZSUTdKTFBvaWtLcDVtLTJT
cVlyQXV0VVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtq0B
MA0GCSqGSIb3DQEBCwUAA4IBAQB4YcPOY7r1tiKhbCtSryGQe/JOWxe2FzUn266h
QqK3CUakPmgllGUPubj/8CiJoAPRjh4IzuBNgvxbLCkyZppZ5IRPK1p31I1apAM4
t6GKV9aKx7+mRexcXSVPxM83nRavKGS1kjsgGdB45ZUm4PRg8hKILDBVQdeUukYd
qaa+34/F2XDMGJbDlX7fyE9EGXNR3icSskUXpxCjAd9JQDNb/6sxZYIgVc4+Rifx
8TNmExPXIy8ugcdVR/EiZnGaeOn4IQwqxJlYk3xNOMc+DUMyzSbns0kDiG5x9g6V
Me16qMRUJY63G6hpCDQ8eGjp88IL3mNWMgIWQcTIY3ca4sBh
-----END CERTIFICATE-----
Generated at Sun Aug 24 04:54:06 2025 by rpki-client