Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Gtmn235SsiXP0_ny36qjfgfTt4U.roa
File: Gtmn235SsiXP0_ny36qjfgfTt4U.roa (raw, json)
Hash identifier: yaRZB1ZklZHPBZw3wruBOd7Rvo3XEwfbQRZ0Crng6+Y=
Subject key identifier: 1A:D9:A7:DB:7E:52:B2:25:CF:D3:F9:F2:DF:AA:A3:7E:07:D3:B7:85
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1225
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Gtmn235SsiXP0_ny36qjfgfTt4U.roa
Signing time: Mon 10 Feb 2025 14:28:06 +0000
ROA not before: Mon 10 Feb 2025 14:28:06 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.63.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4645 (0x1225)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:06 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1AD9A7DB7E52B225CFD3F9F2DFAAA37E07D3B785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:07:d8:25:9c:5e:2e:24:37:09:c1:a7:0d:d8:
8f:2d:55:80:26:e6:b5:66:4a:e6:2c:3a:b3:cc:af:
fa:51:c2:ac:bd:27:c7:ee:40:9b:64:ca:5c:3b:5d:
b2:4d:17:ca:70:c2:64:cd:0d:6e:76:eb:b2:f0:67:
8b:35:af:98:93:f2:cd:e8:45:4c:ec:b2:e9:59:44:
fd:6c:5a:28:c1:97:32:24:45:48:e9:6d:db:32:b7:
a4:7c:c7:5b:7d:cd:79:c7:ea:47:35:0f:8a:02:0e:
6c:2b:95:31:30:f4:85:7a:66:6a:7a:e6:60:25:0b:
6a:3d:3f:34:ea:98:c0:32:2d:51:71:4f:a7:cf:0a:
53:91:df:50:02:e3:b8:f4:19:14:a8:49:b8:45:28:
81:c2:45:70:86:9a:2a:66:8e:9c:31:2b:52:e7:69:
e7:75:a6:42:5d:e9:23:4a:fb:e9:2f:8a:be:71:57:
14:0d:4d:36:98:6f:57:c8:89:66:1a:a7:f3:db:7e:
7f:22:69:2d:fa:b1:6e:83:e2:28:db:0a:76:73:bc:
15:e4:e9:d3:ae:e3:d5:30:de:b1:e7:8d:ed:1f:16:
9f:fa:76:45:54:08:28:36:9d:2b:db:00:88:a1:84:
0f:85:ea:f2:f6:66:62:21:be:ce:06:99:2d:b9:e3:
92:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D9:A7:DB:7E:52:B2:25:CF:D3:F9:F2:DF:AA:A3:7E:07:D3:B7:85
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Gtmn235SsiXP0_ny36qjfgfTt4U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:c8:5d:27:5f:52:b4:2f:21:36:b2:9d:23:3e:09:fd:03:dc:
e5:5d:49:d4:02:89:6b:71:13:fa:56:8b:e5:98:c9:c5:40:fe:
86:94:a4:3e:9a:5c:3f:66:74:6d:98:0a:c5:29:eb:eb:87:c4:
1f:b0:62:aa:7a:e9:0b:33:36:ea:7f:2c:ed:61:1f:29:df:e0:
20:f2:ef:23:3e:bd:0d:81:5a:0c:01:27:66:78:98:12:9c:c4:
b0:d0:b6:25:2c:57:ae:b6:97:8c:42:1c:67:32:2d:2c:e3:4d:
fd:8c:61:d4:09:ca:49:96:3e:5e:8b:ef:9a:1e:25:cd:a4:83:
81:94:3f:0f:88:58:2b:b5:db:65:20:ec:e8:0f:f2:96:c5:a5:
11:d0:88:22:4c:c0:79:c1:e4:31:d9:c2:a9:60:01:8f:47:5d:
4e:91:52:8b:96:89:ab:d3:5b:25:05:a7:e4:ad:91:02:2c:8a:
7a:74:5f:33:a8:33:1d:df:05:08:24:3a:ee:d3:2b:db:ce:12:
e6:a3:37:58:cc:c1:46:c4:5f:f8:b8:b9:c0:f6:fd:81:b7:58:
f7:e3:9a:a4:fb:f7:4c:bc:4a:90:d3:2e:59:c0:56:41:56:87:
67:f1:5f:84:5e:30:85:ae:13:b6:9a:ef:5c:97:54:7e:ea:0e:
9d:97:31:9f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEiUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFBRDlBN0RCN0U1MkIy
MjVDRkQzRjlGMkRGQUFBMzdFMDdEM0I3ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNB9glnF4uJDcJwacN2I8tVYAm5rVmSuYsOrPMr/pRwqy9J8fu
QJtkylw7XbJNF8pwwmTNDW5267LwZ4s1r5iT8s3oRUzssulZRP1sWijBlzIkRUjp
bdsyt6R8x1t9zXnH6kc1D4oCDmwrlTEw9IV6Zmp65mAlC2o9PzTqmMAyLVFxT6fP
ClOR31AC47j0GRSoSbhFKIHCRXCGmipmjpwxK1Lnaed1pkJd6SNK++kvir5xVxQN
TTaYb1fIiWYap/Pbfn8iaS36sW6D4ijbCnZzvBXk6dOu49Uw3rHnje0fFp/6dkVU
CCg2nSvbAIihhA+F6vL2ZmIhvs4GmS2545IdAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUGtmn235SsiXP0/ny36qjfgfTt4UwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0d0bW4yMzVTc2lYUDBfbnkzNnFqZmdm
VHQ0VS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALSP+gwDQYJ
KoZIhvcNAQELBQADggEBAGzIXSdfUrQvITaynSM+Cf0D3OVdSdQCiWtxE/pWi+WY
ycVA/oaUpD6aXD9mdG2YCsUp6+uHxB+wYqp66QszNup/LO1hHynf4CDy7yM+vQ2B
WgwBJ2Z4mBKcxLDQtiUsV662l4xCHGcyLSzjTf2MYdQJykmWPl6L75oeJc2kg4GU
Pw+IWCu122Ug7OgP8pbFpRHQiCJMwHnB5DHZwqlgAY9HXU6RUouWiavTWyUFp+St
kQIsinp0XzOoMx3fBQgkOu7TK9vOEuajN1jMwUbEX/i4ucD2/YG3WPfjmqT790y8
SpDTLlnAVkFWh2fxX4ReMIWuE7aa71yXVH7qDp2XMZ8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:56:31 2025 by rpki-client