Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/IQtFaa0veq-NH315FNBJDHrP3LM.roa
File: IQtFaa0veq-NH315FNBJDHrP3LM.roa (raw, json)
Hash identifier: zoo4gLMzfCOl5UUcGrX1T0Ar7AC3cg9VxQE2DyvPLqM=
Subject key identifier: 21:0B:45:69:AD:2F:7A:AF:8D:1F:7D:79:14:D0:49:0C:7A:CF:DC:B3
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1264
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/IQtFaa0veq-NH315FNBJDHrP3LM.roa
Signing time: Mon 10 Feb 2025 14:28:22 +0000
ROA not before: Mon 10 Feb 2025 14:28:22 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.201.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4708 (0x1264)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:22 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=210B4569AD2F7AAF8D1F7D7914D0490C7ACFDCB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8e:96:d2:76:26:a8:cb:b7:96:67:36:d1:b8:
f4:44:98:c7:5a:e5:5e:1c:76:f6:85:a7:e2:c6:af:
37:73:83:f8:62:57:25:5d:fa:fb:a4:94:ce:55:1b:
75:4f:dd:93:32:b4:ef:5d:2f:5a:04:03:bc:1e:bb:
af:6d:68:52:43:f6:e3:92:6e:6b:a5:36:61:35:e5:
56:b4:6c:20:93:32:1d:1e:01:e7:92:07:6a:61:10:
ce:18:7d:c1:dc:47:0f:35:4c:dd:b4:0a:49:86:2d:
c4:f0:8b:1f:e7:2e:89:f1:5c:1e:67:cc:7e:a8:3c:
4a:71:6b:1e:56:5a:42:39:95:6f:db:c4:3e:47:52:
27:e5:0c:d3:eb:24:c6:65:54:2a:91:08:69:f8:fa:
a6:2d:4e:4c:28:f2:a8:87:67:83:2e:ce:ed:79:86:
b2:77:8f:49:10:d6:75:3b:fc:b9:e9:d2:d9:f8:a2:
6b:25:ca:ec:af:59:d2:d0:81:27:d6:67:03:73:a5:
b3:8b:d7:1b:3f:ed:7d:fb:0b:1d:4e:87:27:a0:0c:
c1:b4:1e:43:0d:9e:e9:7c:6b:61:79:13:3a:6a:0f:
5d:6c:2c:76:27:b6:19:5b:cf:0b:57:a7:aa:bb:88:
3b:2c:16:db:4c:ef:e4:46:db:ab:b0:bd:6a:2a:47:
c1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0B:45:69:AD:2F:7A:AF:8D:1F:7D:79:14:D0:49:0C:7A:CF:DC:B3
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/IQtFaa0veq-NH315FNBJDHrP3LM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6d:6d:ef:d9:14:73:d9:4f:c8:2e:55:f2:c6:cc:49:b4:f7:76:
e0:15:af:fd:4f:c4:42:45:bb:5d:13:65:14:8d:f2:2a:64:31:
18:68:01:7a:97:de:7e:65:50:c8:48:bf:6b:0a:80:11:8d:a0:
2c:1a:a6:92:3a:98:fb:33:72:61:bf:7b:bd:fa:16:1e:cd:d5:
fc:ae:89:1e:34:1d:eb:40:a5:f0:21:ba:48:51:f4:20:2d:65:
65:6c:84:5a:75:3a:54:92:b2:b3:28:23:d8:db:fc:a1:00:26:
ec:5f:e9:b9:a7:49:4a:b0:c3:4d:49:42:45:47:c2:d2:7e:d5:
3b:56:85:1c:40:0e:b4:9d:2f:b7:52:82:1f:12:49:17:c8:6a:
a0:1a:be:5e:74:7b:e4:99:c0:9b:01:c1:3e:4a:74:ed:f6:ca:
11:e7:cc:f6:4c:09:e8:29:8f:7c:c4:f6:05:78:6e:99:62:65:
44:ea:da:93:4a:d2:48:93:77:23:ff:62:3c:01:29:3a:19:07:
51:86:41:e0:0a:6a:ab:bc:e9:33:33:2d:7b:3b:5a:34:51:8c:
6d:fa:32:dd:a0:06:77:9b:48:69:51:cb:31:8a:1a:cd:68:05:
02:8a:42:9b:2d:4e:8a:92:66:91:c3:44:8d:e8:55:da:1b:43:
0b:93:db:7d
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICEmQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MjJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIxMEI0NTY5QUQyRjdB
QUY4RDFGN0Q3OTE0RDA0OTBDN0FDRkRDQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCnjpbSdiaoy7eWZzbRuPREmMda5V4cdvaFp+LGrzdzg/hiVyVd
+vuklM5VG3VP3ZMytO9dL1oEA7weu69taFJD9uOSbmulNmE15Va0bCCTMh0eAeeS
B2phEM4YfcHcRw81TN20CkmGLcTwix/nLonxXB5nzH6oPEpxax5WWkI5lW/bxD5H
UiflDNPrJMZlVCqRCGn4+qYtTkwo8qiHZ4Muzu15hrJ3j0kQ1nU7/Lnp0tn4omsl
yuyvWdLQgSfWZwNzpbOL1xs/7X37Cx1OhyegDMG0HkMNnul8a2F5EzpqD11sLHYn
thlbzwtXp6q7iDssFttM7+RG26uwvWoqR8HRAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUIQtFaa0veq+NH315FNBJDHrP3LMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0lRdEZhYTB2ZXEtTkgzMTVGTkJKREhy
UDNMTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDSyTANBgkq
hkiG9w0BAQsFAAOCAQEAbW3v2RRz2U/ILlXyxsxJtPd24BWv/U/EQkW7XRNlFI3y
KmQxGGgBepfefmVQyEi/awqAEY2gLBqmkjqY+zNyYb97vfoWHs3V/K6JHjQd60Cl
8CG6SFH0IC1lZWyEWnU6VJKysygj2Nv8oQAm7F/puadJSrDDTUlCRUfC0n7VO1aF
HEAOtJ0vt1KCHxJJF8hqoBq+XnR75JnAmwHBPkp07fbKEefM9kwJ6CmPfMT2BXhu
mWJlROrak0rSSJN3I/9iPAEpOhkHUYZB4Apqq7zpMzMteztaNFGMbfoy3aAGd5tI
aVHLMYoazWgFAopCmy1OipJmkcNEjehV2htDC5PbfQ==
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:49:20 2025 by rpki-client