Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/u6PsScHbYof-lX4AcPPBPXDXGbg.roa
File: u6PsScHbYof-lX4AcPPBPXDXGbg.roa (raw, json)
Hash identifier: M1HQy3jzxIJSh2HIeRb9IKjVtp5o1xNnyRTXXsJQsG0=
Subject key identifier: BB:A3:EC:49:C1:DB:62:87:FE:95:7E:00:70:F3:C1:3D:70:D7:19:B8
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1274
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/u6PsScHbYof-lX4AcPPBPXDXGbg.roa
Signing time: Mon 10 Feb 2025 14:28:25 +0000
ROA not before: Mon 10 Feb 2025 14:28:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131627
IP address blocks: 219.91.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4724 (0x1274)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=BBA3EC49C1DB6287FE957E0070F3C13D70D719B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:42:26:3f:02:09:c7:db:4c:80:c6:0f:24:a7:
98:e5:2e:44:64:6e:6e:e2:78:20:29:cd:83:4a:c5:
92:f7:57:12:2d:97:02:63:87:0a:8f:05:1e:d6:eb:
a7:2d:4b:9a:73:93:1c:79:01:94:f1:7d:fd:fb:72:
4f:9b:6e:b6:e7:b9:de:f2:d5:84:c6:a9:ee:66:69:
5c:cb:0d:64:72:01:52:9c:03:3c:db:0a:88:b6:ca:
3a:96:fe:66:b8:98:fd:6e:f7:64:cf:7a:dc:6d:9b:
6f:db:17:af:d9:d2:14:2e:8b:e5:f8:49:4e:33:a2:
7a:7d:76:1b:56:7e:1b:e3:dd:3c:7e:3e:56:1d:e2:
25:8a:6f:5e:b6:82:a1:51:2a:49:ec:6c:ff:03:68:
7d:e2:78:d9:32:a8:57:88:b7:bf:03:31:eb:83:73:
c0:e5:b9:02:88:b5:ef:ab:e3:83:d6:31:37:35:6c:
ea:27:de:b4:01:04:29:06:d2:01:20:bc:fa:d5:b5:
12:22:2e:2b:5b:1e:40:bf:29:90:96:ea:34:d2:bf:
9f:bb:46:32:9b:7b:87:24:06:d2:ce:ed:7d:4a:28:
e0:38:64:75:e4:bd:64:55:02:23:d2:36:92:24:8b:
3a:55:e8:c7:a9:33:3f:8a:4e:16:00:2b:78:66:7d:
c2:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A3:EC:49:C1:DB:62:87:FE:95:7E:00:70:F3:C1:3D:70:D7:19:B8
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/u6PsScHbYof-lX4AcPPBPXDXGbg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.91.64.0/18
Signature Algorithm: sha256WithRSAEncryption
0e:1a:ab:97:54:1c:94:bf:a2:f9:41:c6:04:2c:92:5b:c1:a8:
39:05:f8:c0:b7:df:2c:c3:36:ac:69:b6:c3:2b:a4:cf:02:d2:
32:d3:66:b2:50:8f:77:f7:0d:b4:85:ab:50:ae:8b:03:48:68:
d2:3c:6b:4e:51:96:89:39:52:78:42:d2:8c:74:6c:de:2c:1b:
07:a8:29:9d:b2:fc:3f:66:11:3c:46:19:5b:f9:7b:a8:e0:03:
57:9f:3c:9f:73:01:7a:dc:fe:1a:d9:ec:c5:52:52:78:c8:06:
47:d5:a2:d2:75:15:02:9b:52:9d:7d:07:71:ea:00:54:db:99:
8e:6c:21:2d:84:ed:df:0b:20:f7:41:4e:50:00:85:3a:cc:ec:
5a:9b:b2:23:f8:02:30:23:42:8d:65:20:c2:51:41:03:f3:4d:
34:05:c4:ac:a5:06:17:97:bf:31:df:e0:00:d8:7b:a0:16:12:
2a:c5:46:1e:4f:ee:5f:54:bc:8e:0e:0a:0c:f0:08:1d:45:7a:
56:9c:99:3a:05:f2:37:3b:ee:8c:fa:35:a3:31:ae:1d:c4:e6:
98:49:93:6e:86:36:aa:85:43:71:03:c4:f1:29:6f:b9:34:90:
0c:1a:da:99:51:5b:b5:86:71:9e:a1:a0:2b:71:5e:4b:d7:ed:
e5:5c:d3:57
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEnQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEJCQTNFQzQ5QzFEQjYy
ODdGRTk1N0UwMDcwRjNDMTNENzBENzE5QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8QiY/AgnH20yAxg8kp5jlLkRkbm7ieCApzYNKxZL3VxItlwJj
hwqPBR7W66ctS5pzkxx5AZTxff37ck+bbrbnud7y1YTGqe5maVzLDWRyAVKcAzzb
Coi2yjqW/ma4mP1u92TPetxtm2/bF6/Z0hQui+X4SU4zonp9dhtWfhvj3Tx+PlYd
4iWKb162gqFRKknsbP8DaH3ieNkyqFeIt78DMeuDc8DluQKIte+r44PWMTc1bOon
3rQBBCkG0gEgvPrVtRIiLitbHkC/KZCW6jTSv5+7RjKbe4ckBtLO7X1KKOA4ZHXk
vWRVAiPSNpIkizpV6MepMz+KThYAK3hmfcIHAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUu6PsScHbYof+lX4AcPPBPXDXGbgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3U2UHNTY0hiWW9mLWxYNEFjUFBCUFhE
WEdiZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbbW0AwDQYJ
KoZIhvcNAQELBQADggEBAA4aq5dUHJS/ovlBxgQsklvBqDkF+MC33yzDNqxptsMr
pM8C0jLTZrJQj3f3DbSFq1CuiwNIaNI8a05Rlok5UnhC0ox0bN4sGweoKZ2y/D9m
ETxGGVv5e6jgA1efPJ9zAXrc/hrZ7MVSUnjIBkfVotJ1FQKbUp19B3HqAFTbmY5s
IS2E7d8LIPdBTlAAhTrM7FqbsiP4AjAjQo1lIMJRQQPzTTQFxKylBheXvzHf4ADY
e6AWEirFRh5P7l9UvI4OCgzwCB1FelacmToF8jc77oz6NaMxrh3E5phJk26GNqqF
Q3EDxPEpb7k0kAwa2plRW7WGcZ6hoCtxXkvX7eVc01c=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:36:17 2025 by rpki-client