Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Z9z5mqz8cziKGNBire8y0Xdk9zk.roa
File: Z9z5mqz8cziKGNBire8y0Xdk9zk.roa (raw, json)
Hash identifier: K9n2RjdjMDSxw/Mgcs+xI/OfsmwyNsQLT3CnE+JHy9c=
Subject key identifier: 67:DC:F9:9A:AC:FC:73:38:8A:18:D0:62:AD:EF:32:D1:77:64:F7:39
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C5B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Z9z5mqz8cziKGNBire8y0Xdk9zk.roa
Signing time: Sun 07 Feb 2021 11:35:49 +0000
ROA not before: Sun 07 Feb 2021 11:35:49 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 222.250.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3163 (0xc5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:35:49 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=67DCF99AACFC73388A18D062ADEF32D17764F739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3f:3a:d7:13:00:20:f9:d3:90:8c:8e:f9:7d:
5d:5f:6e:11:77:ee:9b:86:d7:7b:dd:f4:41:77:5a:
f6:cb:47:66:78:6f:97:9d:8c:13:7f:7a:f3:5e:f2:
dc:12:a3:ec:59:b6:e9:95:04:5c:2f:7e:77:7e:50:
79:c8:38:61:72:71:10:d2:cf:96:20:f3:d0:21:59:
e1:f7:4d:c9:ac:60:a6:e0:37:4c:1c:5b:87:b5:a6:
d0:fb:ea:79:88:73:2d:90:e2:1a:2d:1b:29:31:34:
52:8d:61:ae:ac:0e:d7:4f:bc:f0:f5:1b:f7:57:c6:
e3:88:f9:5c:33:7a:ec:3e:7e:fb:a6:30:cb:fa:22:
ff:71:3c:57:73:10:b3:09:8a:0a:2f:a2:07:92:ee:
4e:83:cc:64:73:1e:74:a8:25:28:0c:4d:b5:13:9c:
34:2e:01:aa:91:5d:8b:4c:a0:cd:71:c8:c0:22:bf:
d7:ba:c0:16:f8:b5:73:6b:03:65:c9:b1:5b:b2:d9:
19:02:ac:59:31:56:87:de:02:33:dc:0e:d5:af:3f:
67:b0:84:d7:98:ab:73:6d:9a:c4:76:c7:ed:e8:ce:
25:bc:40:70:e6:a1:b3:47:5e:74:57:bc:1b:f5:da:
a6:76:d8:9a:fe:85:52:2d:ce:22:ad:98:3b:38:15:
b9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DC:F9:9A:AC:FC:73:38:8A:18:D0:62:AD:EF:32:D1:77:64:F7:39
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Z9z5mqz8cziKGNBire8y0Xdk9zk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.0.0/16
Signature Algorithm: sha256WithRSAEncryption
61:37:89:c7:e7:bf:01:2d:ba:af:a9:47:6b:b2:e1:23:be:bf:
54:64:b2:6c:d0:a4:d3:7a:bd:10:36:d2:1b:45:eb:7b:3c:22:
45:9f:12:b0:94:49:14:e9:a0:e0:a2:2b:21:b9:35:20:f5:d1:
82:05:d7:fd:a5:76:36:2a:50:d3:14:8c:28:c7:c6:3f:34:ec:
2c:f9:2a:e7:e4:bc:2c:84:77:58:37:65:8d:0f:a8:15:b0:fa:
cd:3c:b7:44:4e:05:74:fb:42:20:06:e4:38:77:53:3e:a0:5c:
b4:d2:09:cc:d9:a9:e6:03:bc:36:f5:0e:81:cf:23:35:18:b6:
a7:6b:86:c3:d0:54:24:29:46:b9:ed:7b:52:92:01:d3:e4:5e:
30:f5:49:a2:11:3c:3c:58:b7:94:b6:cf:b8:bf:14:4d:64:cd:
00:29:11:74:d5:2d:62:19:7e:27:24:0e:f2:e0:3f:3b:f5:d8:
d6:14:d9:3e:0e:a3:99:91:c1:9d:65:f7:fd:a3:5f:54:c1:dd:
1d:25:86:37:19:3f:60:28:d6:4c:33:de:09:32:5e:ba:b6:18:
be:3e:98:d6:68:75:20:d8:51:7a:99:21:00:58:19:db:6c:4d:
91:8e:e8:ce:32:4d:5d:8d:8f:3a:04:8e:f1:e5:0f:9a:b3:f0:
39:e1:56:7f
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM1NDlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDY3RENGOTlBQUNGQzcz
Mzg4QTE4RDA2MkFERUYzMkQxNzc2NEY3MzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAPzrXEwAg+dOQjI75fV1fbhF37puG13vd9EF3WvbLR2Z4b5ed
jBN/evNe8twSo+xZtumVBFwvfnd+UHnIOGFycRDSz5Yg89AhWeH3TcmsYKbgN0wc
W4e1ptD76nmIcy2Q4hotGykxNFKNYa6sDtdPvPD1G/dXxuOI+Vwzeuw+fvumMMv6
Iv9xPFdzELMJigovogeS7k6DzGRzHnSoJSgMTbUTnDQuAaqRXYtMoM1xyMAiv9e6
wBb4tXNrA2XJsVuy2RkCrFkxVofeAjPcDtWvP2ewhNeYq3NtmsR2x+3oziW8QHDm
obNHXnRXvBv12qZ22Jr+hVItziKtmDs4FbmLAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUZ9z5mqz8cziKGNBire8y0Xdk9zkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWjl6NW1xejhjemlLR05CaXJlOHkw
WGRrOXprLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN76MA0G
CSqGSIb3DQEBCwUAA4IBAQBhN4nH578BLbqvqUdrsuEjvr9UZLJs0KTTer0QNtIb
Ret7PCJFnxKwlEkU6aDgoishuTUg9dGCBdf9pXY2KlDTFIwox8Y/NOws+Srn5Lws
hHdYN2WND6gVsPrNPLdETgV0+0IgBuQ4d1M+oFy00gnM2anmA7w29Q6BzyM1GLan
a4bD0FQkKUa57XtSkgHT5F4w9UmiETw8WLeUts+4vxRNZM0AKRF01S1iGX4nJA7y
4D879djWFNk+DqOZkcGdZff9o19Uwd0dJYY3GT9gKNZMM94JMl66thi+PpjWaHUg
2FF6mSEAWBnbbE2RjujOMk1djY86BI7x5Q+as/A54VZ/
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:50:52 2025 by rpki-client