Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALI/laX9Hcr751mEsPvFFgCnjMuc0aE.roa
File: laX9Hcr751mEsPvFFgCnjMuc0aE.roa (raw, json)
Hash identifier: OQNN8ObkkN5wJZLkf7gz0gkKq5tzEJsrh7HTrIontHY=
Subject key identifier: 95:A5:FD:1D:CA:FB:E7:59:84:B0:FB:C5:16:00:A7:8C:CB:9C:D1:A1
Certificate issuer: /CN=C46656F8C9D72547BCA79848DC6A2E6B0FC3E2B2
Certificate serial: 11E1
Authority key identifier: C4:66:56:F8:C9:D7:25:47:BC:A7:98:48:DC:6A:2E:6B:0F:C3:E2:B2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xGZW-MnXJUe8p5hI3Gouaw_D4rI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/laX9Hcr751mEsPvFFgCnjMuc0aE.roa
Signing time: Fri 01 Sep 2023 07:04:50 +0000
ROA not before: Fri 01 Sep 2023 07:04:50 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18046
IP address blocks: 103.130.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4577 (0x11e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C46656F8C9D72547BCA79848DC6A2E6B0FC3E2B2
Validity
Not Before: Sep 1 07:04:50 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=95A5FD1DCAFBE75984B0FBC51600A78CCB9CD1A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5f:1d:45:80:7c:c0:1e:2a:00:2c:00:4a:86:
0c:c6:8f:5a:b2:21:10:ef:4e:a8:17:0f:38:8f:0a:
7e:61:f3:54:72:95:71:b2:72:c3:40:9a:80:71:5b:
99:53:97:b9:d6:75:16:ef:98:f7:b5:d6:04:0f:a6:
cf:73:b0:ef:a8:6a:69:36:42:c4:a1:dd:62:4e:fa:
31:ac:51:57:c7:6c:db:00:0a:43:5e:eb:ce:42:1e:
18:9a:f5:22:84:40:1a:ac:62:e1:4a:0a:af:a6:8d:
ae:c4:b2:1f:13:e3:4c:27:75:c7:09:a0:c2:e4:78:
ee:b0:0f:a0:12:5d:83:85:4f:cc:57:68:8c:74:ff:
8b:30:55:ef:57:cb:ca:43:a2:17:9c:8b:1f:06:6c:
38:2d:e0:5c:52:84:70:a3:e7:2f:25:e6:c3:73:8e:
2b:c0:f0:71:86:f1:4b:5f:c5:47:42:ee:24:04:30:
9b:8e:e0:bd:51:7a:ff:73:95:39:fd:0f:93:5c:9a:
62:80:3f:06:b4:2f:06:13:d8:23:a8:eb:39:e0:12:
80:b9:eb:95:f2:25:d6:94:a6:d2:f3:3c:fd:d6:9d:
7a:24:9c:cb:32:f9:f6:92:54:76:5a:52:f3:93:89:
79:49:c9:9a:e2:af:c6:9f:91:55:0f:c7:b6:d8:79:
2b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A5:FD:1D:CA:FB:E7:59:84:B0:FB:C5:16:00:A7:8C:CB:9C:D1:A1
X509v3 Authority Key Identifier:
keyid:C4:66:56:F8:C9:D7:25:47:BC:A7:98:48:DC:6A:2E:6B:0F:C3:E2:B2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/xGZW-MnXJUe8p5hI3Gouaw_D4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xGZW-MnXJUe8p5hI3Gouaw_D4rI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/laX9Hcr751mEsPvFFgCnjMuc0aE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.40.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:7e:fb:da:87:dd:dd:46:20:7e:89:11:b4:33:12:42:b2:a4:
c4:d4:91:93:8f:ee:d3:ed:2b:12:76:b4:1a:93:f8:df:68:89:
4d:96:74:82:df:0e:b7:7e:9e:f8:8b:7a:6c:16:c2:31:c0:11:
9b:02:8a:e9:da:e7:ff:dc:7e:47:96:c9:0b:af:fe:58:8b:74:
24:8d:35:bf:b9:c3:36:44:ca:90:1c:a3:25:02:2e:a8:ae:2b:
b0:40:6a:0d:bc:7a:28:fe:8b:3b:8b:c0:40:9b:b3:3c:94:81:
ff:b0:be:d2:c4:60:c2:7d:55:bf:35:a5:12:6c:62:b9:d9:29:
76:de:e0:31:60:49:97:e5:3f:ea:4f:4c:c7:74:de:78:1f:a5:
00:e4:71:6c:dd:14:a0:1d:cf:d5:54:f4:4e:bf:c3:dd:27:57:
12:56:cc:cb:78:c8:c8:5e:bd:64:37:cb:5f:54:d1:51:87:1c:
7d:9c:d0:b6:f7:d1:88:81:36:4c:83:64:5f:61:77:1a:28:c5:
45:91:66:c8:76:c5:0a:b0:d8:9b:74:88:bb:f3:f6:47:98:bc:
bc:7f:fa:c6:a6:c9:cb:1f:17:8e:34:cd:60:07:62:37:7d:a0:
0f:a9:82:a5:7e:c8:d8:36:b4:a7:4c:0c:1d:04:f7:ab:87:83:
45:76:b4:92
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ2
NjU2RjhDOUQ3MjU0N0JDQTc5ODQ4REM2QTJFNkIwRkMzRTJCMjAeFw0yMzA5MDEw
NzA0NTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk1QTVGRDFEQ0FGQkU3
NTk4NEIwRkJDNTE2MDBBNzhDQ0I5Q0QxQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4Xx1FgHzAHioALABKhgzGj1qyIRDvTqgXDziPCn5h81RylXGy
csNAmoBxW5lTl7nWdRbvmPe11gQPps9zsO+oamk2QsSh3WJO+jGsUVfHbNsACkNe
685CHhia9SKEQBqsYuFKCq+mja7Esh8T40wndccJoMLkeO6wD6ASXYOFT8xXaIx0
/4swVe9Xy8pDohecix8GbDgt4FxShHCj5y8l5sNzjivA8HGG8UtfxUdC7iQEMJuO
4L1Rev9zlTn9D5NcmmKAPwa0LwYT2COo6zngEoC565XyJdaUptLzPP3WnXoknMsy
+faSVHZaUvOTiXlJyZrir8afkVUPx7bYeSvFAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUlaX9Hcr751mEsPvFFgCnjMuc0aEwHwYDVR0jBBgwFoAUxGZW+MnXJUe8p5hI
3Gouaw/D4rIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxJL3hH
WlctTW5YSlVlOHA1aEkzR291YXdfRDRySS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
eEdaVy1NblhKVWU4cDVoSTNHb3Vhd19ENHJJLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvQUxJL2xhWDlIY3I3NTFtRXNQdkZGZ0Nuak11
YzBhRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJngigwDQYJ
KoZIhvcNAQELBQADggEBAAp++9qH3d1GIH6JEbQzEkKypMTUkZOP7tPtKxJ2tBqT
+N9oiU2WdILfDrd+nviLemwWwjHAEZsCiuna5//cfkeWyQuv/liLdCSNNb+5wzZE
ypAcoyUCLqiuK7BAag28eij+izuLwECbszyUgf+wvtLEYMJ9Vb81pRJsYrnZKXbe
4DFgSZflP+pPTMd03ngfpQDkcWzdFKAdz9VU9E6/w90nVxJWzMt4yMhevWQ3y19U
0VGHHH2c0Lb30YiBNkyDZF9hdxooxUWRZsh2xQqw2Jt0iLvz9keYvLx/+samycsf
F440zWAHYjd9oA+pgqV+yNg2tKdMDB0E96uHg0V2tJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:58 2024 by rpki-client on console-ams.rpki-client.org