Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ULC/PgB9r9jVTCPtVKiepZddJzpcbUo.roa
File: PgB9r9jVTCPtVKiepZddJzpcbUo.roa (raw, json)
Hash identifier: vBxWpaqgshwe3RibdHx5SOEgkqKqxVYAwMzWfFwvA8A=
Subject key identifier: 3E:00:7D:AF:D8:D5:4C:23:ED:54:A8:9E:A5:97:5D:27:3A:5C:6D:4A
Certificate issuer: /CN=BFBB7F7B5C58323490875849B8EDDA495EF17B1B
Certificate serial: 05F5
Authority key identifier: BF:BB:7F:7B:5C:58:32:34:90:87:58:49:B8:ED:DA:49:5E:F1:7B:1B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/v7t_e1xYMjSQh1hJuO3aSV7xexs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/PgB9r9jVTCPtVKiepZddJzpcbUo.roa
Signing time: Fri 22 Aug 2025 08:58:53 +0000
ROA not before: Fri 22 Aug 2025 08:58:53 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 131642
IP address blocks: 103.157.42.0/23 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1525 (0x5f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BFBB7F7B5C58323490875849B8EDDA495EF17B1B
Validity
Not Before: Aug 22 08:58:53 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=3E007DAFD8D54C23ED54A89EA5975D273A5C6D4A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:94:fe:b8:e0:4d:6d:ae:a6:29:59:a4:b0:01:
61:c6:4b:e8:ba:3d:bb:85:25:9e:7c:4b:99:fe:6d:
87:45:f0:39:50:35:25:65:ec:03:f8:1e:7f:ab:9d:
7c:48:5c:da:6c:f4:bf:e3:99:df:52:b5:dc:5a:4b:
8f:03:ee:7d:40:16:de:0d:f4:a2:c4:e2:e8:b5:49:
24:77:aa:d6:6b:32:4a:43:08:6f:65:6e:be:45:d1:
3a:78:65:08:94:a4:7d:d7:35:00:a5:00:2c:3e:9f:
0b:49:b6:da:c4:d6:12:b4:60:5c:ba:61:7b:ae:f0:
2d:c5:f0:d0:ab:ca:8d:67:e5:ad:a8:d1:5d:2b:b7:
1e:2b:8d:86:75:c7:65:11:ae:7d:63:17:13:bb:9c:
32:02:fd:25:04:fc:63:13:f7:7e:f6:02:45:90:a7:
db:ca:4a:92:29:0e:d6:c9:34:f7:90:f1:57:19:1f:
3d:ed:e6:b0:3a:28:71:a4:84:22:af:dc:7d:d6:1b:
7d:d8:a5:3b:02:04:ac:71:92:82:44:6e:91:b4:a9:
db:83:c4:77:57:6c:e9:d5:59:4a:54:5d:5e:e8:66:
72:ad:94:c1:e2:03:6a:fa:1c:8b:9b:60:0c:50:88:
90:f2:bd:b2:42:59:80:70:33:3c:18:69:8a:40:2a:
5d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:00:7D:AF:D8:D5:4C:23:ED:54:A8:9E:A5:97:5D:27:3A:5C:6D:4A
X509v3 Authority Key Identifier:
keyid:BF:BB:7F:7B:5C:58:32:34:90:87:58:49:B8:ED:DA:49:5E:F1:7B:1B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/v7t_e1xYMjSQh1hJuO3aSV7xexs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/v7t_e1xYMjSQh1hJuO3aSV7xexs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ULC/PgB9r9jVTCPtVKiepZddJzpcbUo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.157.42.0/23
Signature Algorithm: sha256WithRSAEncryption
13:fd:48:d2:2a:6d:d2:b6:34:9c:6a:80:79:0c:b5:4c:48:93:
de:59:91:8d:e5:49:19:d5:73:ad:b7:e1:22:81:80:5e:79:a8:
df:bd:62:fa:91:aa:71:c2:0e:3d:b4:b8:e3:04:2d:3f:c6:91:
7f:57:8c:79:c7:87:5e:0c:d8:b1:04:75:66:37:2c:bf:ba:8e:
6c:45:1c:3d:80:e1:fd:d9:3f:a7:75:2d:c1:36:4b:20:88:f5:
db:ec:fb:d1:fe:50:d8:91:0a:ac:24:6b:52:a9:d4:9b:7e:61:
ee:b1:e1:96:06:89:5e:36:27:52:68:fe:51:93:0a:b8:63:93:
a0:4b:93:95:13:67:f6:83:fb:b8:54:51:c2:fd:c7:c3:63:bd:
f2:3f:ab:ea:b7:ef:9b:63:80:a5:62:3f:1e:f9:7a:1d:af:4c:
5d:58:81:5b:8a:ce:ad:19:5a:b2:71:e0:2e:7f:18:9b:0b:41:
79:93:e5:37:5b:39:d2:99:56:65:da:4f:35:b9:7d:0b:f7:8d:
64:58:47:06:34:df:db:a6:84:53:7a:4d:46:c4:41:28:ab:e1:
fe:a2:2e:c9:b8:e2:fb:69:1b:dd:f6:2e:be:9c:c3:95:42:63:
db:18:63:ec:0c:ad:64:b0:67:11:a7:1b:79:2c:d8:f1:ef:cd:
df:81:1a:10
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBfUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkZC
QjdGN0I1QzU4MzIzNDkwODc1ODQ5QjhFRERBNDk1RUYxN0IxQjAeFw0yNTA4MjIw
ODU4NTNaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDNFMDA3REFGRDhENTRD
MjNFRDU0QTg5RUE1OTc1RDI3M0E1QzZENEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTlP644E1trqYpWaSwAWHGS+i6PbuFJZ58S5n+bYdF8DlQNSVl
7AP4Hn+rnXxIXNps9L/jmd9StdxaS48D7n1AFt4N9KLE4ui1SSR3qtZrMkpDCG9l
br5F0Tp4ZQiUpH3XNQClACw+nwtJttrE1hK0YFy6YXuu8C3F8NCryo1n5a2o0V0r
tx4rjYZ1x2URrn1jFxO7nDIC/SUE/GMT9372AkWQp9vKSpIpDtbJNPeQ8VcZHz3t
5rA6KHGkhCKv3H3WG33YpTsCBKxxkoJEbpG0qduDxHdXbOnVWUpUXV7oZnKtlMHi
A2r6HIubYAxQiJDyvbJCWYBwMzwYaYpAKl33AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUPgB9r9jVTCPtVKiepZddJzpcbUowHwYDVR0jBBgwFoAUv7t/e1xYMjSQh1hJ
uO3aSV7xexswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVUxDL3Y3
dF9lMXhZTWpTUWgxaEp1TzNhU1Y3eGV4cy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
djd0X2UxeFlNalNRaDFoSnVPM2FTVjd4ZXhzLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVUxDL1BnQjlyOWpWVENQdFZLaWVwWmRkSnpw
Y2JVby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnnSowDQYJ
KoZIhvcNAQELBQADggEBABP9SNIqbdK2NJxqgHkMtUxIk95ZkY3lSRnVc6234SKB
gF55qN+9YvqRqnHCDj20uOMELT/GkX9XjHnHh14M2LEEdWY3LL+6jmxFHD2A4f3Z
P6d1LcE2SyCI9dvs+9H+UNiRCqwka1Kp1Jt+Ye6x4ZYGiV42J1Jo/lGTCrhjk6BL
k5UTZ/aD+7hUUcL9x8NjvfI/q+q375tjgKViPx75eh2vTF1YgVuKzq0ZWrJx4C5/
GJsLQXmT5TdbOdKZVmXaTzW5fQv3jWRYRwY039umhFN6TUbEQSir4f6iLsm44vtp
G932Lr6cw5VCY9sYY+wMrWSwZxGnG3ks2PHvzd+BGhA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:44:28 2025 by rpki-client