Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/wYsuiKGn7bL4zgBScTokWMmCRf0.roa
File: wYsuiKGn7bL4zgBScTokWMmCRf0.roa (raw, json)
Hash identifier: eNzGfGgP8Rq56GKCCo3z8hahYvOt0Wgorkkl6GRHkug=
Subject key identifier: C1:8B:2E:88:A1:A7:ED:B2:F8:CE:00:52:71:3A:24:58:C9:82:45:FD
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 11AA
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/wYsuiKGn7bL4zgBScTokWMmCRf0.roa
Signing time: Mon 10 Feb 2025 14:27:36 +0000
ROA not before: Mon 10 Feb 2025 14:27:36 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7539
IP address blocks: 210.200.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4522 (0x11aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:36 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=C18B2E88A1A7EDB2F8CE0052713A2458C98245FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d4:3d:73:82:04:88:ca:7a:7a:45:ca:5e:44:
0f:8a:2d:77:fb:2a:88:df:ad:e7:46:21:f9:dd:12:
5f:56:bf:cb:ae:72:3a:c6:0c:0c:d8:44:a4:cd:cd:
bc:18:36:60:c5:91:8e:df:a6:d7:06:9a:27:eb:7d:
4f:76:50:ac:4c:a0:f7:97:8e:d9:9d:89:52:c1:ea:
04:12:9d:cd:00:01:43:8c:25:1b:47:3e:e5:1f:b9:
bd:bf:49:59:5e:d1:8c:10:82:a5:2e:33:48:28:91:
36:46:ca:ba:78:49:08:70:62:cd:dc:d8:2d:cf:4e:
65:ae:37:fc:66:a2:dd:13:f3:e0:be:34:4a:91:b7:
98:d5:6f:2e:2b:a4:ab:c8:39:06:b9:c7:a0:08:1b:
18:a0:15:63:06:96:9d:26:75:15:8d:3e:86:16:2c:
1e:cd:72:40:58:7a:86:8c:61:ef:95:f8:4f:ed:8a:
be:03:c7:04:a6:83:ca:99:e3:93:88:9d:48:63:3a:
be:a9:91:80:d9:c9:b6:6c:1b:49:86:22:8d:e7:38:
a3:b0:5f:a7:83:57:fe:de:99:f6:de:f0:76:dd:06:
f8:e3:b9:ef:1d:0f:cc:2b:af:5a:85:c1:28:7b:dd:
64:d7:dd:f3:22:e3:8b:4c:b5:bc:ae:7c:eb:f6:be:
41:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:8B:2E:88:A1:A7:ED:B2:F8:CE:00:52:71:3A:24:58:C9:82:45:FD
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/wYsuiKGn7bL4zgBScTokWMmCRf0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.32.0/20
Signature Algorithm: sha256WithRSAEncryption
3f:8e:af:c2:10:69:b3:4b:8b:26:75:2f:cc:c7:ad:86:d0:8b:
68:b8:09:61:8c:9e:02:24:7d:47:0f:b8:fd:14:07:ce:b1:48:
be:88:4d:8d:1f:f7:57:33:55:3e:47:ea:19:05:37:b5:6b:52:
91:82:9f:ee:de:6f:21:c2:26:b3:99:ca:ae:5a:be:4e:62:42:
7d:2a:a8:4b:43:20:7a:ef:a1:9b:0c:f8:3d:fb:55:38:74:79:
21:fe:8e:43:3d:b4:8f:da:5a:8a:5d:ba:c0:3f:34:78:46:8c:
8f:27:c1:3e:32:9a:d1:e8:8e:5e:a7:7a:b5:ff:87:77:c8:c6:
2a:a4:46:00:ca:e1:dc:7b:10:fb:3c:50:a8:a4:50:e9:8d:ec:
07:90:26:72:fb:d3:1e:92:9b:0c:63:6b:fc:45:4e:1e:dd:88:
16:6a:74:d6:b2:01:c7:97:3a:6d:40:1f:fd:e6:25:00:7b:27:
8f:ed:2c:2f:13:72:82:20:e2:26:7c:d7:2e:24:ee:d5:d6:57:
c8:17:84:ea:2f:fb:31:8f:f8:15:7a:8c:c8:e4:42:b9:45:25:
23:df:86:9a:d2:e4:4f:19:f7:be:69:08:df:91:24:58:78:5d:
b8:d6:ff:7c:0f:b4:1f:c5:ab:0e:52:7c:9d:ba:ea:ac:64:e8:
4c:00:a3:17
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEaowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzZaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEMxOEIyRTg4QTFBN0VE
QjJGOENFMDA1MjcxM0EyNDU4Qzk4MjQ1RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv1D1zggSIynp6RcpeRA+KLXf7KojfredGIfndEl9Wv8uucjrG
DAzYRKTNzbwYNmDFkY7fptcGmifrfU92UKxMoPeXjtmdiVLB6gQSnc0AAUOMJRtH
PuUfub2/SVle0YwQgqUuM0gokTZGyrp4SQhwYs3c2C3PTmWuN/xmot0T8+C+NEqR
t5jVby4rpKvIOQa5x6AIGxigFWMGlp0mdRWNPoYWLB7NckBYeoaMYe+V+E/tir4D
xwSmg8qZ45OInUhjOr6pkYDZybZsG0mGIo3nOKOwX6eDV/7emfbe8HbdBvjjue8d
D8wrr1qFwSh73WTX3fMi44tMtbyufOv2vkH5AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUwYsuiKGn7bL4zgBScTokWMmCRf0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3dZc3VpS0duN2JMNHpnQlNjVG9rV01t
Q1JmMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATSyCAwDQYJ
KoZIhvcNAQELBQADggEBAD+Or8IQabNLiyZ1L8zHrYbQi2i4CWGMngIkfUcPuP0U
B86xSL6ITY0f91czVT5H6hkFN7VrUpGCn+7ebyHCJrOZyq5avk5iQn0qqEtDIHrv
oZsM+D37VTh0eSH+jkM9tI/aWopdusA/NHhGjI8nwT4ymtHojl6nerX/h3fIxiqk
RgDK4dx7EPs8UKikUOmN7AeQJnL70x6Smwxja/xFTh7diBZqdNayAceXOm1AH/3m
JQB7J4/tLC8TcoIg4iZ81y4k7tXWV8gXhOov+zGP+BV6jMjkQrlFJSPfhprS5E8Z
975pCN+RJFh4XbjW/3wPtB/Fqw5SfJ266qxk6EwAoxc=
-----END CERTIFICATE-----
Generated at Sun Apr 13 21:45:33 2025 by rpki-client