Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EBT/VfpikHEUK2CQFthCEgGLfTJOEtA.roa
File: VfpikHEUK2CQFthCEgGLfTJOEtA.roa (raw, json)
Hash identifier: EiVaaKdbtfcG2EUiU9IA6abk0ZRyU2ze/Zfo5zTzPmw=
Subject key identifier: 55:FA:62:90:71:14:2B:60:90:16:D8:42:12:01:8B:7D:32:4E:12:D0
Certificate issuer: /CN=2D84CA269320E256216A2DEE2EA381A304526AB4
Certificate serial: 08B1
Authority key identifier: 2D:84:CA:26:93:20:E2:56:21:6A:2D:EE:2E:A3:81:A3:04:52:6A:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LYTKJpMg4lYhai3uLqOBowRSarQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EBT/VfpikHEUK2CQFthCEgGLfTJOEtA.roa
Signing time: Sun 07 Feb 2021 11:36:02 +0000
ROA not before: Sun 07 Feb 2021 11:36:02 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 211.76.96.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2225 (0x8b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D84CA269320E256216A2DEE2EA381A304526AB4
Validity
Not Before: Feb 7 11:36:02 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=55FA629071142B609016D84212018B7D324E12D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:54:fb:b4:24:47:7e:ae:a9:d1:9b:03:1d:3b:
bc:1d:5c:d8:b3:ba:3e:55:04:47:34:c6:0b:0a:b0:
a6:13:25:a6:8d:54:3f:88:fa:c5:60:e6:53:db:24:
ab:d7:34:c4:06:10:6e:00:b2:41:a2:ac:44:9c:e1:
38:00:9c:fc:88:a6:5d:d7:ac:5d:b5:61:22:64:4c:
49:9a:4a:b8:9a:b7:b5:62:3c:6c:17:cd:2a:a7:77:
09:0a:09:98:ad:57:e1:2f:c1:e1:c5:ba:00:95:a5:
c7:12:81:c1:ab:8a:36:d9:23:99:d5:bf:b5:83:c2:
cf:3d:37:16:6a:17:36:71:69:4d:33:3e:2c:18:fb:
d9:3f:16:4e:0b:a1:f2:12:f5:56:44:d2:b7:b5:4d:
90:69:f3:98:c5:69:d7:3d:0a:85:88:f3:18:39:db:
e4:5f:fd:2c:12:79:0b:6a:64:db:67:83:7e:02:8d:
49:a9:e7:f1:46:04:40:77:2c:5e:41:fc:7b:4b:2f:
9f:1f:0f:6e:05:09:10:bb:e0:52:04:5f:56:e7:91:
17:23:56:83:5f:00:f4:64:3b:15:a2:d1:b7:1e:0c:
0f:3e:a2:4e:9b:22:4c:d7:85:42:5c:d6:c3:7b:84:
46:f1:a4:05:9e:5d:9d:f8:0e:a4:92:dc:5a:6e:fc:
5e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FA:62:90:71:14:2B:60:90:16:D8:42:12:01:8B:7D:32:4E:12:D0
X509v3 Authority Key Identifier:
keyid:2D:84:CA:26:93:20:E2:56:21:6A:2D:EE:2E:A3:81:A3:04:52:6A:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EBT/LYTKJpMg4lYhai3uLqOBowRSarQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LYTKJpMg4lYhai3uLqOBowRSarQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EBT/VfpikHEUK2CQFthCEgGLfTJOEtA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.96.0/20
Signature Algorithm: sha256WithRSAEncryption
3d:f5:7c:ff:4c:54:f8:04:57:8a:27:86:68:5b:36:9d:d9:b7:
c8:61:39:98:3b:d9:ef:8b:be:2c:bd:27:29:9a:b3:50:d4:ed:
12:ce:9e:64:af:2c:8e:e3:c9:c2:b1:2f:f9:d3:b0:6a:0d:d3:
5a:f2:4e:f7:59:2b:d2:34:f6:8f:70:61:65:d9:7c:1c:0d:57:
20:20:b0:a7:89:da:65:2e:a7:13:20:a4:2a:a8:36:21:dc:bb:
00:d7:f9:e9:5d:c1:5c:21:98:78:45:84:15:ef:17:f6:54:03:
88:d0:a5:18:ef:83:ce:b1:3f:c6:c5:a3:bf:74:12:0e:03:05:
8a:e4:44:a4:81:34:50:64:72:05:c1:22:23:98:73:61:6e:dc:
07:db:ff:ae:20:f7:e7:a7:85:aa:f5:3f:96:fe:ba:6a:40:7d:
f7:e1:98:36:0d:cc:df:b1:bf:71:26:01:88:8f:e2:9f:24:84:
6d:25:a7:14:6f:f6:df:a5:44:7f:88:4b:b5:2b:5b:0f:39:62:
fa:a4:ed:23:5a:94:1f:01:5b:f0:ac:7b:de:66:48:02:38:a5:
d9:75:c8:19:db:ab:91:af:e6:c3:ad:d0:1d:0f:4b:58:57:95:
8e:d7:06:49:f1:08:3d:ff:95:19:fa:cb:c2:e5:93:00:42:0f:
a5:d3:d6:99
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ4
NENBMjY5MzIwRTI1NjIxNkEyREVFMkVBMzgxQTMwNDUyNkFCNDAeFw0yMTAyMDcx
MTM2MDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDU1RkE2MjkwNzExNDJC
NjA5MDE2RDg0MjEyMDE4QjdEMzI0RTEyRDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHVPu0JEd+rqnRmwMdO7wdXNizuj5VBEc0xgsKsKYTJaaNVD+I
+sVg5lPbJKvXNMQGEG4AskGirESc4TgAnPyIpl3XrF21YSJkTEmaSriat7ViPGwX
zSqndwkKCZitV+EvweHFugCVpccSgcGrijbZI5nVv7WDws89NxZqFzZxaU0zPiwY
+9k/Fk4LofIS9VZE0re1TZBp85jFadc9CoWI8xg52+Rf/SwSeQtqZNtng34CjUmp
5/FGBEB3LF5B/HtLL58fD24FCRC74FIEX1bnkRcjVoNfAPRkOxWi0bceDA8+ok6b
IkzXhUJc1sN7hEbxpAWeXZ34DqSS3Fpu/F5PAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUVfpikHEUK2CQFthCEgGLfTJOEtAwHwYDVR0jBBgwFoAULYTKJpMg4lYhai3u
LqOBowRSarQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRUJUL0xZ
VEtKcE1nNGxZaGFpM3VMcU9Cb3dSU2FyUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFlUS0pwTWc0bFloYWkzdUxxT0Jvd1JTYXJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRUJUL1ZmcGlrSEVVSzJDUUZ0aENFZ0dMZlRK
T0V0QS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATTTGAwDQYJ
KoZIhvcNAQELBQADggEBAD31fP9MVPgEV4onhmhbNp3Zt8hhOZg72e+Lviy9Jyma
s1DU7RLOnmSvLI7jycKxL/nTsGoN01ryTvdZK9I09o9wYWXZfBwNVyAgsKeJ2mUu
pxMgpCqoNiHcuwDX+eldwVwhmHhFhBXvF/ZUA4jQpRjvg86xP8bFo790Eg4DBYrk
RKSBNFBkcgXBIiOYc2Fu3Afb/64g9+enhar1P5b+umpAfffhmDYNzN+xv3EmAYiP
4p8khG0lpxRv9t+lRH+IS7UrWw85Yvqk7SNalB8BW/Cse95mSAI4pdl1yBnbq5Gv
5sOt0B0PS1hXlY7XBknxCD3/lRn6y8LlkwBCD6XT1pk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:28 2025 by rpki-client