Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/HDC2FA6G3lzxKC2984VzICs7jD8.roa
File: HDC2FA6G3lzxKC2984VzICs7jD8.roa (raw, json)
Hash identifier: VI78uCVuNRhLD+1m8SmJNtdbrTY4yBnwH+PJ0jjUPkM=
Subject key identifier: 1C:30:B6:14:0E:86:DE:5C:F1:28:2D:BD:F3:85:73:20:2B:3B:8C:3F
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0CA9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HDC2FA6G3lzxKC2984VzICs7jD8.roa
Signing time: Sun 07 Feb 2021 11:50:17 +0000
ROA not before: Sun 07 Feb 2021 11:50:17 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131627
IP address blocks: 210.58.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3241 (0xca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:50:17 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1C30B6140E86DE5CF1282DBDF38573202B3B8C3F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9e:21:cb:f8:26:be:11:d5:ca:c2:92:bd:f4:
76:35:06:eb:b3:35:ba:4c:34:2c:d6:5a:69:5f:c9:
0e:69:73:e9:c4:c1:b2:6e:48:ab:48:7d:fc:ec:40:
4a:5a:2f:b4:f4:bf:38:61:49:67:78:c1:84:2b:e3:
3e:de:01:57:1b:a1:07:3e:17:38:03:79:cb:6d:4b:
14:29:00:26:0a:5f:3a:78:cb:55:e1:7c:c1:19:f1:
bf:5e:3c:17:c4:28:ef:d9:35:b5:d0:c2:8f:cd:e7:
43:6c:14:92:40:40:e5:13:81:8e:b8:5e:ed:26:3a:
b0:32:43:94:2d:7d:dd:52:32:ad:a8:58:fa:3a:22:
d1:d7:54:5d:b4:cc:14:6f:2d:d3:d8:f9:9b:57:10:
42:7d:8a:06:29:c3:76:a1:ce:de:b5:eb:31:79:f9:
e2:43:b2:aa:11:54:37:fc:54:a0:e9:88:33:bd:64:
5e:33:08:d1:a7:54:d5:a2:2c:7c:43:99:1f:d3:23:
81:82:58:f5:2c:01:40:5f:5d:79:9e:6d:ef:39:c4:
f7:8c:f6:ea:c9:d9:5d:3b:87:2a:84:e7:65:19:d6:
3e:66:23:87:0b:bc:ab:00:e2:1c:e0:5d:a1:77:16:
95:38:13:50:9e:cd:f4:12:0f:13:71:bc:e8:46:cc:
af:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:30:B6:14:0E:86:DE:5C:F1:28:2D:BD:F3:85:73:20:2B:3B:8C:3F
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HDC2FA6G3lzxKC2984VzICs7jD8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.128.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:f4:3c:e9:08:98:c9:40:46:7e:a5:ae:de:33:f8:46:4f:e2:
45:9c:10:37:ef:b0:de:e5:02:e8:43:9a:41:81:25:89:66:55:
36:23:c5:eb:58:68:e4:37:b3:0b:13:f3:bb:23:87:b4:9b:0c:
52:f9:66:dd:37:01:52:65:9b:99:c5:8f:2a:1c:81:76:93:dc:
30:dc:08:98:0d:54:97:92:7d:a3:08:92:3c:4c:ee:62:61:6e:
f6:5f:7c:dd:2f:0b:77:ce:80:7a:3b:b0:2f:6a:5a:da:ad:64:
6b:e9:0c:37:b7:20:57:3b:33:bd:9e:42:5c:f5:b0:d9:38:82:
6f:08:e0:ed:f7:46:af:4d:5d:05:86:7f:dd:df:0a:1e:94:76:
05:bb:62:a0:c1:4d:fd:1d:78:b4:f6:d5:14:ad:c6:a8:98:8d:
e4:19:c7:e9:0b:8a:74:ea:70:9b:a5:ba:c1:1a:9d:a1:fa:2a:
0f:61:50:92:71:92:b3:20:9a:ac:a5:23:0e:f7:88:11:99:59:
fe:ae:e2:7c:e4:b3:1e:10:19:01:92:ef:d7:47:f2:2e:73:f4:
df:3b:71:3e:43:2b:37:ad:12:6f:40:ca:d8:a0:c5:14:73:79:
c5:76:f5:05:06:88:42:a1:bc:31:af:b7:81:b5:78:3e:d0:50:
c0:b6:22:7f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTUwMTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFDMzBCNjE0MEU4NkRF
NUNGMTI4MkRCREYzODU3MzIwMkIzQjhDM0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6niHL+Ca+EdXKwpK99HY1BuuzNbpMNCzWWmlfyQ5pc+nEwbJu
SKtIffzsQEpaL7T0vzhhSWd4wYQr4z7eAVcboQc+FzgDecttSxQpACYKXzp4y1Xh
fMEZ8b9ePBfEKO/ZNbXQwo/N50NsFJJAQOUTgY64Xu0mOrAyQ5Qtfd1SMq2oWPo6
ItHXVF20zBRvLdPY+ZtXEEJ9igYpw3ahzt616zF5+eJDsqoRVDf8VKDpiDO9ZF4z
CNGnVNWiLHxDmR/TI4GCWPUsAUBfXXmebe85xPeM9urJ2V07hyqE52UZ1j5mI4cL
vKsA4hzgXaF3FpU4E1CezfQSDxNxvOhGzK/1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHDC2FA6G3lzxKC2984VzICs7jD8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSERDMkZBNkczbHp4S0MyOTg0VnpJ
Q3M3akQ4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdI6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAa/Q86QiYyUBGfqWu3jP4Rk/iRZwQN++w3uUC6EOa
QYEliWZVNiPF61ho5DezCxPzuyOHtJsMUvlm3TcBUmWbmcWPKhyBdpPcMNwImA1U
l5J9owiSPEzuYmFu9l983S8Ld86AejuwL2pa2q1ka+kMN7cgVzszvZ5CXPWw2TiC
bwjg7fdGr01dBYZ/3d8KHpR2BbtioMFN/R14tPbVFK3GqJiN5BnH6QuKdOpwm6W6
wRqdofoqD2FQknGSsyCarKUjDveIEZlZ/q7ifOSzHhAZAZLv10fyLnP03ztxPkMr
N60Sb0DK2KDFFHN5xXb1BQaIQqG8Ma+3gbV4PtBQwLYifw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:46:44 2025 by rpki-client