Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/CcfFmqdhcZ4tfDB1LEaC6ONL088.roa
File: CcfFmqdhcZ4tfDB1LEaC6ONL088.roa (raw, json)
Hash identifier: H7dFmk7zzGssv4mOpwv4yNH4o8Jxm0k2Ma2G6kTdw40=
Subject key identifier: 09:C7:C5:9A:A7:61:71:9E:2D:7C:30:75:2C:46:82:E8:E3:4B:D3:CF
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11B2
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/CcfFmqdhcZ4tfDB1LEaC6ONL088.roa
Signing time: Mon 10 Feb 2025 14:27:38 +0000
ROA not before: Mon 10 Feb 2025 14:27:38 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7482
IP address blocks: 210.85.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4530 (0x11b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:38 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=09C7C59AA761719E2D7C30752C4682E8E34BD3CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5a:25:39:b6:ce:5f:23:21:55:f6:d6:ae:59:
ad:b8:e4:d8:38:11:21:56:86:75:0f:a3:14:86:a2:
17:bf:42:be:4d:bf:21:e2:b7:49:ed:06:54:b5:0b:
b6:3d:7d:33:82:73:34:30:a0:c6:0e:9b:90:ae:ec:
8f:b7:62:cd:2b:d7:65:0b:f0:af:17:86:f7:f0:f3:
4c:cb:de:7c:b4:80:67:39:3d:fe:13:be:86:37:df:
ec:37:91:92:d3:bb:6e:43:90:db:dd:f1:d9:cc:f8:
bf:d8:70:6f:2f:a0:5b:41:a9:60:7a:ab:b4:af:e2:
d1:85:36:1e:c4:6c:1d:02:97:ad:14:59:cc:19:0c:
16:60:a6:f4:2e:1a:5d:b6:c4:bb:1a:27:85:1c:be:
b4:fa:16:0e:40:d8:31:f3:72:d9:4b:49:2d:1b:b5:
d1:8f:60:06:e7:2f:81:fb:dd:32:74:9d:e2:f8:2a:
cc:44:8d:18:e6:d0:f5:de:05:5f:c2:f9:dd:f4:80:
98:ed:3e:94:03:e3:11:52:a8:ae:77:dc:ec:69:a2:
90:18:a1:ff:3f:de:7e:eb:a6:d6:02:89:c1:53:38:
fb:6a:d3:43:4a:e2:3b:d9:05:19:97:3b:9c:09:a5:
10:55:8f:de:35:01:95:e5:98:36:7f:13:9f:1a:70:
d8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:C7:C5:9A:A7:61:71:9E:2D:7C:30:75:2C:46:82:E8:E3:4B:D3:CF
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/CcfFmqdhcZ4tfDB1LEaC6ONL088.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.85.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0b:b7:4b:92:e2:da:04:2d:9d:3d:1b:a0:d6:4d:fc:72:9a:38:
68:56:87:78:67:03:5d:d3:ab:cb:25:ac:c0:87:53:6c:d7:eb:
7f:1d:24:83:dc:a5:00:47:5a:51:8b:5b:f9:28:ce:c4:a5:3f:
8b:ee:6b:f1:ff:92:2c:74:13:96:84:24:b5:ef:04:e4:e3:53:
8f:91:a0:ec:3f:c9:a0:e8:9c:17:fc:37:99:a5:ce:3e:9f:83:
f0:55:45:72:0e:5b:63:20:6f:20:2e:81:29:39:c9:79:6e:8a:
70:f9:2d:77:97:a6:c6:0c:f6:ff:a5:d0:2e:d2:36:ff:57:a9:
bb:80:10:6c:13:0d:68:ec:e6:55:f3:53:79:ec:14:e3:33:47:
e0:66:95:8c:06:b7:15:8f:b7:9a:65:d8:3f:ee:23:bb:52:23:
07:14:65:e1:5e:44:3a:f8:ac:57:11:13:97:f9:4f:64:cd:69:
36:09:bb:50:e6:0f:a5:53:4f:6f:8c:38:b4:9e:53:75:10:5d:
d2:8a:47:c5:83:bd:01:5d:58:d0:7d:90:0c:20:a4:c7:e7:fc:
17:88:f9:9e:53:50:fb:1c:9b:8c:75:12:ce:08:15:1f:cd:c3:
46:68:5d:be:01:1f:28:03:e4:31:c3:aa:3f:c4:e9:c6:a3:37:
70:f2:e8:69
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICEbIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA5QzdDNTlBQTc2MTcx
OUUyRDdDMzA3NTJDNDY4MkU4RTM0QkQzQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGWiU5ts5fIyFV9tauWa245Ng4ESFWhnUPoxSGohe/Qr5NvyHi
t0ntBlS1C7Y9fTOCczQwoMYOm5Cu7I+3Ys0r12UL8K8Xhvfw80zL3ny0gGc5Pf4T
voY33+w3kZLTu25DkNvd8dnM+L/YcG8voFtBqWB6q7Sv4tGFNh7EbB0Cl60UWcwZ
DBZgpvQuGl22xLsaJ4UcvrT6Fg5A2DHzctlLSS0btdGPYAbnL4H73TJ0neL4KsxE
jRjm0PXeBV/C+d30gJjtPpQD4xFSqK533OxpopAYof8/3n7rptYCicFTOPtq00NK
4jvZBRmXO5wJpRBVj941AZXlmDZ/E58acNhjAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUCcfFmqdhcZ4tfDB1LEaC6ONL088wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0NjZkZtcWRoY1o0dGZEQjFMRWFDNk9O
TDA4OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDSVTANBgkq
hkiG9w0BAQsFAAOCAQEAC7dLkuLaBC2dPRug1k38cpo4aFaHeGcDXdOryyWswIdT
bNfrfx0kg9ylAEdaUYtb+SjOxKU/i+5r8f+SLHQTloQkte8E5ONTj5Gg7D/JoOic
F/w3maXOPp+D8FVFcg5bYyBvIC6BKTnJeW6KcPktd5emxgz2/6XQLtI2/1epu4AQ
bBMNaOzmVfNTeewU4zNH4GaVjAa3FY+3mmXYP+4ju1IjBxRl4V5EOvisVxETl/lP
ZM1pNgm7UOYPpVNPb4w4tJ5TdRBd0opHxYO9AV1Y0H2QDCCkx+f8F4j5nlNQ+xyb
jHUSzggVH83DRmhdvgEfKAPkMcOqP8TpxqM3cPLoaQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:44:45 2025 by rpki-client