Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/mXRDe0qKpR-3fUrfKZiVhUKV_rI.roa
File: mXRDe0qKpR-3fUrfKZiVhUKV_rI.roa (raw, json)
Hash identifier: g3JN7yHivXTW5XkyzJQGQa1fjFDsgJkC6/CL0mtQifA=
Subject key identifier: 99:74:43:7B:4A:8A:A5:1F:B7:7D:4A:DF:29:98:95:85:42:95:FE:B2
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0E13
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/mXRDe0qKpR-3fUrfKZiVhUKV_rI.roa
Signing time: Wed 29 Sep 2021 02:39:56 +0000
ROA not before: Wed 29 Sep 2021 02:39:56 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131591
IP address blocks: 223.22.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3603 (0xe13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:56 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9974437B4A8AA51FB77D4ADF299895854295FEB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d5:5a:1e:b7:2b:9e:10:79:ef:c9:97:1d:9f:
21:85:88:51:19:c5:0b:82:41:dc:0c:e4:fa:e8:ab:
3c:49:c3:3e:4d:8f:6f:3d:77:a4:7e:d7:55:9f:d7:
21:9e:25:c8:46:48:d9:44:da:55:71:6e:32:d8:c1:
79:f5:85:49:00:78:6b:e7:7a:ce:af:11:10:27:7a:
ee:ce:6d:24:49:30:92:af:39:54:ea:7d:44:d7:d2:
e6:93:4e:ea:26:7a:59:f0:bd:f4:91:87:46:a8:7c:
ba:69:3b:d7:77:a2:f0:c9:b9:49:bd:b5:65:a5:24:
54:d0:af:dc:39:76:34:dc:f9:61:03:4b:4c:84:75:
8c:ee:45:eb:35:e4:70:c8:d9:ac:cb:62:27:d9:17:
9c:30:09:ee:79:52:c4:c6:23:31:1f:19:ff:86:e5:
0d:66:ca:b3:8b:78:ab:6b:50:42:b0:4c:8c:5c:8d:
e7:e8:a6:b3:b0:a2:9e:e0:3c:f3:3e:3a:e7:63:5e:
b5:f4:70:3f:eb:a6:de:5f:a2:09:f6:aa:75:1d:83:
c7:91:6f:4c:80:cd:6d:f9:54:64:b2:b2:29:48:22:
cd:63:fc:c4:fb:f5:44:50:f6:de:89:15:07:1c:9f:
f2:93:cc:c0:14:5f:d9:e9:29:b3:31:79:fb:6c:5d:
9a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:74:43:7B:4A:8A:A5:1F:B7:7D:4A:DF:29:98:95:85:42:95:FE:B2
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/mXRDe0qKpR-3fUrfKZiVhUKV_rI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.0.0/16
Signature Algorithm: sha256WithRSAEncryption
64:71:bb:c0:3e:3c:43:79:45:13:45:80:e6:9c:87:3b:66:2b:
17:6a:2f:57:50:45:4e:12:cf:48:7f:02:58:18:8d:d5:79:3d:
aa:7a:2d:4d:13:70:49:22:b9:05:36:94:2d:14:8b:9d:98:a2:
27:44:36:b7:5e:ee:99:99:3e:1a:3e:3c:c9:49:94:96:56:0c:
c8:e9:10:af:5c:6c:b7:17:ac:b3:9f:81:fe:9a:73:48:db:b9:
60:16:ef:7c:be:09:35:1a:d9:93:99:6e:52:6a:78:16:54:a7:
d5:80:d4:34:97:66:e4:17:ab:6b:47:a3:64:ab:85:6b:6d:28:
9d:39:cf:7b:6a:ca:6a:02:c6:40:74:21:f2:64:71:39:74:08:
09:16:0b:ad:13:90:3a:d5:04:1f:83:70:54:30:31:6a:97:9d:
e8:f4:ea:d5:61:ef:f6:0a:3b:eb:60:1f:a4:f6:e6:a4:47:be:
18:4d:f0:a8:27:04:c2:75:48:1e:2c:fd:ba:7f:07:17:5e:fc:
a5:46:28:e1:8f:a3:b6:c7:1b:6c:3f:40:55:c4:97:84:88:f8:
37:e2:28:1b:ae:6c:be:2a:25:c7:ab:e1:0b:ca:72:d7:fd:23:
5f:26:57:fc:9e:bb:98:cb:21:4a:3f:89:4e:12:c6:ce:f1:8e:
df:64:bc:72
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICDhMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDk5NzQ0MzdCNEE4QUE1
MUZCNzdENEFERjI5OTg5NTg1NDI5NUZFQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB1VoetyueEHnvyZcdnyGFiFEZxQuCQdwM5ProqzxJwz5Nj289
d6R+11Wf1yGeJchGSNlE2lVxbjLYwXn1hUkAeGvnes6vERAneu7ObSRJMJKvOVTq
fUTX0uaTTuomelnwvfSRh0aofLppO9d3ovDJuUm9tWWlJFTQr9w5djTc+WEDS0yE
dYzuRes15HDI2azLYifZF5wwCe55UsTGIzEfGf+G5Q1myrOLeKtrUEKwTIxcjefo
prOwop7gPPM+OudjXrX0cD/rpt5fogn2qnUdg8eRb0yAzW35VGSysilIIs1j/MT7
9URQ9t6JFQccn/KTzMAUX9npKbMxeftsXZrhAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUmXRDe0qKpR+3fUrfKZiVhUKV/rIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbVhSRGUwcUtwUi0zZlVyZktaaVZo
VUtWX3JJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN8WMA0G
CSqGSIb3DQEBCwUAA4IBAQBkcbvAPjxDeUUTRYDmnIc7ZisXai9XUEVOEs9IfwJY
GI3VeT2qei1NE3BJIrkFNpQtFIudmKInRDa3Xu6ZmT4aPjzJSZSWVgzI6RCvXGy3
F6yzn4H+mnNI27lgFu98vgk1GtmTmW5SangWVKfVgNQ0l2bkF6trR6Nkq4VrbSid
Oc97aspqAsZAdCHyZHE5dAgJFgutE5A61QQfg3BUMDFql53o9OrVYe/2CjvrYB+k
9uakR74YTfCoJwTCdUgeLP26fwcXXvylRijhj6O2xxtsP0BVxJeEiPg34igbrmy+
KiXHq+ELynLX/SNfJlf8nruYyyFKP4lOEsbO8Y7fZLxy
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:53:43 2025 by rpki-client