Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/u1tMQ9BIux3bRWH8BghBtjKHA98.roa
File: u1tMQ9BIux3bRWH8BghBtjKHA98.roa (raw, json)
Hash identifier: IdiDXF5ao8OSrC2rvOyg1W749DnL1P/6PgXzKV+SUQU=
Subject key identifier: BB:5B:4C:43:D0:48:BB:1D:DB:45:61:FC:06:08:41:B6:32:87:03:DF
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0CC9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/u1tMQ9BIux3bRWH8BghBtjKHA98.roa
Signing time: Sun 07 Feb 2021 13:00:20 +0000
ROA not before: Sun 07 Feb 2021 13:00:20 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 210.58.112.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3273 (0xcc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 13:00:20 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=BB5B4C43D048BB1DDB4561FC060841B6328703DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:69:41:f9:64:dd:d3:a7:9b:0c:12:21:9f:ad:
63:70:fa:f1:5c:33:cc:03:5d:b3:1a:e6:b0:26:a7:
f6:d6:b0:6c:b8:bd:ba:5c:50:5b:fe:a6:af:ff:5d:
e4:b1:60:98:7e:a0:5b:28:fc:dc:c5:14:12:c6:77:
b8:8a:2c:70:17:90:d5:9a:4f:ef:d2:ec:cc:90:17:
32:0e:0d:e2:5d:a9:6c:f4:59:a8:60:64:38:d4:2c:
b3:78:02:77:32:45:25:7a:1d:92:b2:80:46:53:54:
51:ca:0c:3c:2b:85:43:1a:37:ae:c5:cb:37:6b:d7:
16:a1:ff:2c:7e:43:f8:9b:bd:d6:c3:62:0a:6f:5f:
b9:a1:64:ad:40:f1:a6:e1:af:11:1a:6b:21:45:35:
12:4c:a6:86:de:da:ed:8b:f3:c7:88:de:54:8f:e2:
ed:48:b0:86:39:3a:29:29:0d:30:bc:79:8e:12:4f:
fe:87:85:f9:90:28:8d:eb:f8:95:fd:ef:a1:93:85:
83:1e:70:38:a4:97:fe:e2:53:77:2f:85:20:39:f5:
5e:9d:5e:a0:20:c6:5f:7c:e2:a7:45:0a:0c:65:57:
e8:41:63:9e:4d:e8:1f:e3:94:0a:9c:8a:1e:8c:c7:
90:83:17:c5:b3:3f:df:5e:50:18:de:ad:5f:08:d4:
14:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:5B:4C:43:D0:48:BB:1D:DB:45:61:FC:06:08:41:B6:32:87:03:DF
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/u1tMQ9BIux3bRWH8BghBtjKHA98.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.112.0/20
Signature Algorithm: sha256WithRSAEncryption
70:d7:43:56:23:11:2b:b2:ed:06:dd:76:d1:fe:2e:7e:80:b0:
66:49:d5:ee:72:cb:ee:ae:00:cb:b5:5a:47:cf:fa:b9:f7:87:
24:a1:85:ca:ed:1a:30:55:6b:48:f3:92:25:2e:19:5c:75:de:
b7:c5:7d:50:a2:7e:a5:fd:b7:cc:84:d0:54:38:67:45:f6:1e:
3e:09:eb:d1:1c:6d:8c:89:f5:84:2b:fe:34:9e:b2:2c:35:af:
65:59:63:c6:b7:7a:5e:de:6f:6d:81:7d:4c:e9:f1:df:aa:2b:
a1:91:20:1a:33:b8:a1:7a:71:7d:5c:a0:3a:d0:10:21:86:c7:
5a:89:51:57:de:f9:59:91:fe:5d:5d:de:fa:16:ea:32:16:d6:
af:ac:86:61:88:54:a7:45:34:fa:3b:8c:6c:c3:a6:b6:bc:b1:
66:60:c1:ef:d1:7e:c4:1c:1d:1f:f2:ab:9c:dc:fc:65:a7:0c:
8f:da:5e:a5:0f:c3:56:b0:3a:38:a6:17:73:5a:b2:a2:b7:61:
36:0c:f8:23:6b:c0:a9:ac:9d:3b:3a:fc:b5:43:53:ea:16:bf:
76:ab:92:7c:ac:31:4c:6d:a8:66:45:47:77:f1:b9:ff:1b:aa:
fb:bc:bc:16:7c:6b:95:d2:ca:98:de:a8:05:e3:78:23:fc:6c:
b1:a7:04:df
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MzAwMjBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJCNUI0QzQzRDA0OEJC
MUREQjQ1NjFGQzA2MDg0MUI2MzI4NzAzREYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3aUH5ZN3Tp5sMEiGfrWNw+vFcM8wDXbMa5rAmp/bWsGy4vbpc
UFv+pq//XeSxYJh+oFso/NzFFBLGd7iKLHAXkNWaT+/S7MyQFzIODeJdqWz0Wahg
ZDjULLN4AncyRSV6HZKygEZTVFHKDDwrhUMaN67Fyzdr1xah/yx+Q/ibvdbDYgpv
X7mhZK1A8abhrxEaayFFNRJMpobe2u2L88eI3lSP4u1IsIY5OikpDTC8eY4ST/6H
hfmQKI3r+JX976GThYMecDikl/7iU3cvhSA59V6dXqAgxl984qdFCgxlV+hBY55N
6B/jlAqcih6Mx5CDF8WzP99eUBjerV8I1BRjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUu1tMQ9BIux3bRWH8BghBtjKHA98wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdTF0TVE5Qkl1eDNiUldIOEJnaEJ0
aktIQTk4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNI6cDAN
BgkqhkiG9w0BAQsFAAOCAQEAcNdDViMRK7LtBt120f4ufoCwZknV7nLL7q4Ay7Va
R8/6ufeHJKGFyu0aMFVrSPOSJS4ZXHXet8V9UKJ+pf23zITQVDhnRfYePgnr0Rxt
jIn1hCv+NJ6yLDWvZVljxrd6Xt5vbYF9TOnx36oroZEgGjO4oXpxfVygOtAQIYbH
WolRV975WZH+XV3e+hbqMhbWr6yGYYhUp0U0+juMbMOmtryxZmDB79F+xBwdH/Kr
nNz8ZacMj9pepQ/DVrA6OKYXc1qyordhNgz4I2vAqaydOzr8tUNT6ha/dquSfKwx
TG2oZkVHd/G5/xuq+7y8FnxrldLKmN6oBeN4I/xssacE3w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:01:40 2025 by rpki-client