Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCCC/h_OElknGOB7vWMUynXew-memoGU.roa
File: h_OElknGOB7vWMUynXew-memoGU.roa (raw, json)
Hash identifier: F9avnxRY3WqTU1kxLH9uml2p+7yxwzWzrjmicPBhJfo=
Subject key identifier: 87:F3:84:96:49:C6:38:1E:EF:58:C5:32:9D:77:B0:FA:67:A6:A0:65
Certificate issuer: /CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Certificate serial: F9
Authority key identifier: 07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/h_OElknGOB7vWMUynXew-memoGU.roa
Signing time: Mon 10 Feb 2025 13:45:43 +0000
ROA not before: Mon 10 Feb 2025 13:45:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 198949
IP address blocks: 157.20.106.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249 (0xf9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07E36A3D219A8AFC84F88B30553E638CE6C2CECE
Validity
Not Before: Feb 10 13:45:43 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=87F3849649C6381EEF58C5329D77B0FA67A6A065
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d7:5e:f8:74:9c:a1:30:ca:3f:c5:ad:b4:99:
c2:f9:8c:b4:49:1c:1c:5c:74:52:ba:30:c1:0d:f9:
68:1c:62:76:ec:12:34:75:74:f7:d9:5f:c1:34:99:
0b:27:e3:26:28:5a:0d:b8:d5:6f:b3:dc:d7:e7:d8:
fe:a4:76:0d:16:39:21:ea:b2:d8:9d:fd:1f:3c:d1:
34:50:78:9d:4b:39:7d:e6:da:a2:ed:ce:56:13:de:
21:8e:f1:bc:63:f8:74:b2:69:d3:a8:ac:04:57:1a:
c0:5e:d2:35:b5:35:bd:6e:2b:40:a4:66:17:d3:46:
49:17:42:73:9c:88:f3:13:5e:c0:40:aa:d8:bf:ac:
8b:b1:5b:68:f5:31:73:c1:8d:d3:72:5a:b3:48:b4:
7e:1c:75:3d:fb:33:af:e3:32:b1:fe:5a:97:c2:80:
34:92:93:5b:dd:45:d8:d2:b6:f5:5a:66:98:c5:58:
df:69:11:6a:ee:fc:aa:ff:4c:25:73:cc:42:78:a0:
0d:11:9e:3a:b5:04:be:74:93:72:da:e0:b4:c8:06:
75:3d:7f:bf:68:dd:2c:ce:c0:59:b5:02:28:cc:45:
2e:84:33:d7:67:66:03:ca:5f:7e:2d:c3:2f:7a:54:
a8:e3:98:4a:d2:fa:22:63:96:6d:f9:c2:18:a7:a4:
e2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F3:84:96:49:C6:38:1E:EF:58:C5:32:9D:77:B0:FA:67:A6:A0:65
X509v3 Authority Key Identifier:
keyid:07:E3:6A:3D:21:9A:8A:FC:84:F8:8B:30:55:3E:63:8C:E6:C2:CE:CE
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/B-NqPSGaivyE-IswVT5jjObCzs4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/B-NqPSGaivyE-IswVT5jjObCzs4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCCC/h_OElknGOB7vWMUynXew-memoGU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.106.0/23
Signature Algorithm: sha256WithRSAEncryption
f1:94:e8:91:bc:34:61:ea:36:56:24:31:5b:b6:7b:1a:26:36:
75:fb:52:e8:b9:aa:c2:9e:76:b8:af:b8:cd:7a:31:1f:e9:6c:
a4:33:3f:59:d8:7e:05:22:c8:fd:83:5c:22:0c:1f:8b:34:28:
0d:3b:bb:83:55:2a:02:e8:62:97:81:b1:ae:20:38:49:e9:7a:
9c:c5:3f:e2:2f:d1:31:57:d8:97:ec:7c:0b:d8:1f:15:f0:c1:
ec:64:94:d3:32:d7:90:af:4d:76:6c:00:02:3c:01:79:ae:ca:
a1:d6:5f:5f:eb:00:15:a1:8f:8d:d3:71:f7:11:98:44:71:47:
64:61:0f:8d:ea:4e:70:ee:b2:5d:c6:47:ce:6f:c8:9f:76:a9:
7e:5c:3a:3b:34:f6:20:f1:ae:77:3c:92:f4:90:4c:06:6e:58:
2f:65:a4:e4:38:41:fc:8d:24:0d:0b:55:b1:88:80:2b:27:75:
4c:1e:f9:45:45:92:a6:9f:da:3f:34:f7:e5:cb:c6:88:59:36:
b3:e1:14:e4:e9:3c:0c:b5:b5:9b:76:f1:b0:84:4d:62:f5:a1:
2a:79:34:6e:de:d0:a8:33:01:ee:92:e7:99:fa:f0:46:fa:b1:
fd:af:13:99:d9:ae:4f:47:b9:60:8c:a9:a0:7b:94:09:b2:34:
f9:ed:f1:82
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAPkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMDdF
MzZBM0QyMTlBOEFGQzg0Rjg4QjMwNTUzRTYzOENFNkMyQ0VDRTAeFw0yNTAyMTAx
MzQ1NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg3RjM4NDk2NDlDNjM4
MUVFRjU4QzUzMjlENzdCMEZBNjdBNkEwNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh1174dJyhMMo/xa20mcL5jLRJHBxcdFK6MMEN+WgcYnbsEjR1
dPfZX8E0mQsn4yYoWg241W+z3Nfn2P6kdg0WOSHqstid/R880TRQeJ1LOX3m2qLt
zlYT3iGO8bxj+HSyadOorARXGsBe0jW1Nb1uK0CkZhfTRkkXQnOciPMTXsBAqti/
rIuxW2j1MXPBjdNyWrNItH4cdT37M6/jMrH+WpfCgDSSk1vdRdjStvVaZpjFWN9p
EWru/Kr/TCVzzEJ4oA0Rnjq1BL50k3La4LTIBnU9f79o3SzOwFm1AijMRS6EM9dn
ZgPKX34twy96VKjjmErS+iJjlm35whinpOKRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUh/OElknGOB7vWMUynXew+memoGUwHwYDVR0jBBgwFoAUB+NqPSGaivyE+Isw
VT5jjObCzs4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNDQy9C
LU5xUFNHYWl2eUUtSXN3VlQ1ampPYkN6czQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0ItTnFQU0dhaXZ5RS1Jc3dWVDVqak9iQ3pzNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DQ0MvaF9PRWxrbkdPQjd2V01VeW5YZXct
bWVtb0dVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZ0UajAN
BgkqhkiG9w0BAQsFAAOCAQEA8ZTokbw0Yeo2ViQxW7Z7GiY2dftS6Lmqwp52uK+4
zXoxH+lspDM/Wdh+BSLI/YNcIgwfizQoDTu7g1UqAuhil4GxriA4Sel6nMU/4i/R
MVfYl+x8C9gfFfDB7GSU0zLXkK9NdmwAAjwBea7KodZfX+sAFaGPjdNx9xGYRHFH
ZGEPjepOcO6yXcZHzm/In3apflw6OzT2IPGudzyS9JBMBm5YL2Wk5DhB/I0kDQtV
sYiAKyd1TB75RUWSpp/aPzT35cvGiFk2s+EU5Ok8DLW1m3bxsIRNYvWhKnk0bt7Q
qDMB7pLnmfrwRvqx/a8TmdmuT0e5YIypoHuUCbI0+e3xgg==
-----END CERTIFICATE-----
Generated at Fri Apr 11 10:34:56 2025 by rpki-client