Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/OI6T0z_ttykHXTyxpixATZ9yBEU.roa
File: OI6T0z_ttykHXTyxpixATZ9yBEU.roa (raw, json)
Hash identifier: k0oUDV90OgNP8MqTFYmJU0b/EF0NlPW8jkSkvpquEoY=
Subject key identifier: 38:8E:93:D3:3F:ED:B7:29:07:5D:3C:B1:A6:2C:40:4D:9F:72:04:45
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0CCF
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/OI6T0z_ttykHXTyxpixATZ9yBEU.roa
Signing time: Sun 07 Feb 2021 13:00:29 +0000
ROA not before: Sun 07 Feb 2021 13:00:29 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 210.63.208.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3279 (0xccf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 13:00:29 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=388E93D33FEDB729075D3CB1A62C404D9F720445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b8:a3:81:e7:e3:a3:43:60:0c:60:f4:7b:8a:
e5:9b:a0:24:3c:01:86:7c:6c:2e:f3:e4:10:b1:88:
6f:03:13:52:04:1b:75:de:4b:d4:b2:01:76:af:09:
89:7a:99:fe:7c:bb:a6:17:3c:a6:64:57:37:bc:54:
93:7e:d8:37:9a:49:67:63:f3:6f:c2:7f:46:8c:41:
90:27:fe:51:28:32:b2:79:77:5a:b8:a1:d0:b9:28:
bc:db:ba:06:75:f6:79:f4:59:e1:d5:b4:ed:56:70:
e2:7a:a7:d1:2c:b7:31:a2:ba:f6:25:71:ea:90:82:
77:28:da:ca:0b:88:34:10:bb:2d:6d:f2:76:7e:cc:
36:66:74:2e:5e:ad:d0:c5:5a:bf:b4:57:37:85:15:
ba:a4:37:96:ce:93:eb:a2:ab:e8:0e:5d:4b:82:cd:
40:70:16:3d:38:fd:cc:7f:37:e6:b1:d1:25:46:e3:
75:b8:23:f9:73:77:3a:c3:b6:2b:08:74:6e:11:bb:
0b:fb:40:bc:0d:d7:8f:a2:4e:81:ee:d8:03:40:75:
a5:17:d6:e2:eb:80:8d:f7:8e:d7:58:e2:61:19:e2:
50:19:90:c8:3e:e4:c0:0e:43:6e:fd:8f:f9:d7:fc:
08:9c:6d:b8:dc:69:15:d3:aa:d0:83:3a:89:15:d1:
38:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8E:93:D3:3F:ED:B7:29:07:5D:3C:B1:A6:2C:40:4D:9F:72:04:45
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/OI6T0z_ttykHXTyxpixATZ9yBEU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.208.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:cc:25:02:ea:12:4d:cf:d1:c6:22:66:e0:5d:6f:72:3f:57:
6b:de:24:d9:1c:04:f6:27:69:f5:9e:17:55:f8:98:f8:cd:64:
2c:26:67:88:c8:24:6d:39:d8:d4:28:0e:f9:ff:74:0e:29:9b:
c3:9a:c7:68:ed:18:30:c5:68:2a:7b:e7:ee:f5:50:02:97:a6:
62:4f:a7:32:d8:e0:0a:e7:49:b4:47:8d:e0:cb:16:a4:6f:7f:
5c:2d:71:cc:d2:f1:1c:c2:d7:2c:bf:b3:72:ae:14:43:0b:0a:
e9:39:a2:eb:98:8b:e5:d5:71:8e:52:5d:2a:96:bc:8d:44:fe:
b4:e7:95:60:5e:8f:7a:a1:c4:01:ad:43:61:9d:13:fd:80:30:
4c:59:f0:5e:8f:da:09:69:41:15:1a:f0:3a:05:f3:5c:01:f4:
b3:b9:c8:42:cf:54:a1:eb:5f:2f:81:32:a7:d1:d2:d8:32:c0:
f3:b1:25:69:3b:b9:71:32:40:2b:7c:a5:58:b7:33:f1:ce:fc:
75:99:e8:17:98:35:ec:2b:19:55:f1:8d:ea:6b:d6:38:cd:eb:
9f:49:2c:31:41:2d:23:df:30:89:d5:ca:d1:69:6e:c4:ec:fd:
19:07:be:15:de:4e:f6:6c:59:19:a8:b4:9b:42:db:39:2d:e4:
6c:3c:22:be
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MzAwMjlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM4OEU5M0QzM0ZFREI3
MjkwNzVEM0NCMUE2MkM0MDREOUY3MjA0NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsuKOB5+OjQ2AMYPR7iuWboCQ8AYZ8bC7z5BCxiG8DE1IEG3Xe
S9SyAXavCYl6mf58u6YXPKZkVze8VJN+2DeaSWdj82/Cf0aMQZAn/lEoMrJ5d1q4
odC5KLzbugZ19nn0WeHVtO1WcOJ6p9EstzGiuvYlceqQgnco2soLiDQQuy1t8nZ+
zDZmdC5erdDFWr+0VzeFFbqkN5bOk+uiq+gOXUuCzUBwFj04/cx/N+ax0SVG43W4
I/lzdzrDtisIdG4Ruwv7QLwN14+iToHu2ANAdaUX1uLrgI33jtdY4mEZ4lAZkMg+
5MAOQ279j/nX/AicbbjcaRXTqtCDOokV0ThfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOI6T0z/ttykHXTyxpixATZ9yBEUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvT0k2VDB6X3R0eWtIWFR5eHBpeEFU
Wjl5QkVVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I/0DAN
BgkqhkiG9w0BAQsFAAOCAQEAbswlAuoSTc/RxiJm4F1vcj9Xa94k2RwE9idp9Z4X
VfiY+M1kLCZniMgkbTnY1CgO+f90Dimbw5rHaO0YMMVoKnvn7vVQApemYk+nMtjg
CudJtEeN4MsWpG9/XC1xzNLxHMLXLL+zcq4UQwsK6Tmi65iL5dVxjlJdKpa8jUT+
tOeVYF6PeqHEAa1DYZ0T/YAwTFnwXo/aCWlBFRrwOgXzXAH0s7nIQs9UoetfL4Ey
p9HS2DLA87ElaTu5cTJAK3ylWLcz8c78dZnoF5g17CsZVfGN6mvWOM3rn0ksMUEt
I98widXK0WluxOz9GQe+Fd5O9mxZGai0m0LbOS3kbDwivg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:59:45 2025 by rpki-client