Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/0sHH7k9VwcXLziQQxGuts_rr_eQ.roa
File: 0sHH7k9VwcXLziQQxGuts_rr_eQ.roa (raw, json)
Hash identifier: sD94MtOrJR8N5qRK/eELE8B/TIFk4daRONrgWvcre7M=
Subject key identifier: D2:C1:C7:EE:4F:55:C1:C5:CB:CE:24:10:C4:6B:AD:B3:FA:EB:FD:E4
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 13D5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/0sHH7k9VwcXLziQQxGuts_rr_eQ.roa
Signing time: Fri 05 Jan 2024 09:17:11 +0000
ROA not before: Fri 05 Jan 2024 09:17:11 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.250.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5077 (0x13d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Jan 5 09:17:11 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D2C1C7EE4F55C1C5CBCE2410C46BADB3FAEBFDE4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ae:19:6d:c4:f2:3c:de:09:b6:bd:59:a0:95:
2d:56:02:fb:9b:56:ee:a9:e6:db:67:ef:be:76:5e:
5a:58:b2:98:c7:83:00:db:c2:22:d8:bd:da:18:a7:
9e:dd:82:6e:80:b5:36:54:19:99:69:10:8f:79:e7:
9a:19:53:11:12:b1:ab:21:9c:d9:3e:46:ea:da:36:
95:4e:d0:08:6e:10:61:73:04:4f:a7:67:47:5f:18:
cb:23:71:7f:b8:93:af:2b:f6:5a:1f:d6:ac:1d:a7:
7c:ae:3a:9b:cb:5d:80:c6:79:45:72:cf:67:e5:af:
65:92:14:3e:12:5a:d9:fd:ff:16:69:7a:4c:b0:1f:
e7:48:2a:59:ba:5a:ad:b5:04:3d:42:ff:83:18:4e:
20:10:61:22:2b:c9:c9:42:83:e7:41:07:53:41:1b:
18:d7:a6:d2:19:80:c8:89:16:79:f5:37:be:9f:9e:
da:0c:00:1d:a5:15:5f:bf:9e:cc:7d:86:22:4d:0c:
fb:4e:bf:6e:18:3e:01:09:17:a4:27:21:dd:29:f0:
db:02:05:02:86:30:1a:3a:f0:51:79:d9:c9:e8:cb:
3b:bd:f0:e1:74:11:a6:04:67:5a:c6:fe:03:d0:a4:
29:4f:3e:21:7d:59:c1:48:2b:ad:4b:df:a8:3f:5b:
6c:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C1:C7:EE:4F:55:C1:C5:CB:CE:24:10:C4:6B:AD:B3:FA:EB:FD:E4
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/0sHH7k9VwcXLziQQxGuts_rr_eQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.192.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:fe:f4:ad:c3:53:91:d2:48:ad:46:ff:1a:73:e1:ee:0a:37:
a7:b1:db:6a:fc:a2:e4:07:6b:4a:63:2d:ee:b9:70:ec:b4:88:
4b:f0:53:ec:ba:72:3e:6b:84:d1:d2:fa:1c:4f:4a:54:57:33:
23:58:d0:92:18:9b:e5:ce:10:ae:c3:cd:3f:17:2d:03:13:db:
74:d7:e4:69:cd:d1:0c:36:27:59:0b:24:fd:a2:a8:d7:b4:c2:
af:a4:0b:ce:0e:f1:7a:62:7d:4a:ec:ec:62:67:39:24:83:d9:
3e:74:89:32:ed:16:fd:3c:7f:d6:8d:65:49:44:39:f4:a6:79:
a4:28:4e:8f:41:de:2b:00:70:4a:00:97:66:49:9e:06:7c:22:
5e:44:d3:7c:ae:bb:26:9f:f9:bc:1d:2f:4c:20:5b:33:63:2c:
09:a5:4b:a0:85:ee:e3:a5:ee:bd:4d:f7:21:86:f5:ed:a1:9f:
5f:f0:c8:55:7a:10:18:40:12:5f:df:86:f5:85:c1:2d:ae:1b:
f9:58:e3:99:ee:cc:ce:88:27:69:0e:85:04:fd:77:14:df:b2:
b9:6d:f3:df:bc:b8:16:98:df:f0:aa:10:14:52:48:2c:2b:4a:
b7:0d:84:bf:4b:0d:4b:3b:a6:99:05:f9:7b:39:34:f9:35:87:
34:42:1d:3d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICE9UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yNDAxMDUw
OTE3MTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQyQzFDN0VFNEY1NUMx
QzVDQkNFMjQxMEM0NkJBREIzRkFFQkZERTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHrhltxPI83gm2vVmglS1WAvubVu6p5ttn7752XlpYspjHgwDb
wiLYvdoYp57dgm6AtTZUGZlpEI9555oZUxESsashnNk+RuraNpVO0AhuEGFzBE+n
Z0dfGMsjcX+4k68r9lof1qwdp3yuOpvLXYDGeUVyz2flr2WSFD4SWtn9/xZpekyw
H+dIKlm6Wq21BD1C/4MYTiAQYSIryclCg+dBB1NBGxjXptIZgMiJFnn1N76fntoM
AB2lFV+/nsx9hiJNDPtOv24YPgEJF6QnId0p8NsCBQKGMBo68FF52cnoyzu98OF0
EaYEZ1rG/gPQpClPPiF9WcFIK61L36g/W2wpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU0sHH7k9VwcXLziQQxGuts/rr/eQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMHNISDdrOVZ3Y1hMemlRUXhHdXRz
X3JyX2VRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt76wDAN
BgkqhkiG9w0BAQsFAAOCAQEAa/70rcNTkdJIrUb/GnPh7go3p7Hbavyi5AdrSmMt
7rlw7LSIS/BT7LpyPmuE0dL6HE9KVFczI1jQkhib5c4QrsPNPxctAxPbdNfkac3R
DDYnWQsk/aKo17TCr6QLzg7xemJ9SuzsYmc5JIPZPnSJMu0W/Tx/1o1lSUQ59KZ5
pChOj0HeKwBwSgCXZkmeBnwiXkTTfK67Jp/5vB0vTCBbM2MsCaVLoIXu46XuvU33
IYb17aGfX/DIVXoQGEASX9+G9YXBLa4b+Vjjme7MzognaQ6FBP13FN+yuW3z37y4
Fpjf8KoQFFJILCtKtw2Ev0sNSzummQX5ezk0+TWHNEIdPQ==
-----END CERTIFICATE-----
Generated at Wed Jun 4 00:57:08 2025 by rpki-client