Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/AMZN/X4HxZWmdjwcnNqKY_7Wsjg6f3pk.roa
File: X4HxZWmdjwcnNqKY_7Wsjg6f3pk.roa (raw, json)
Hash identifier: aHjgMa8P9BvN8mnzIqg2u4hfE1Fh7r1+udGkw/3mlDI=
Subject key identifier: 5F:81:F1:65:69:9D:8F:07:27:36:A2:98:FF:B5:AC:8E:0E:9F:DE:99
Certificate issuer: /CN=655679B564FF9DD15745A99C75189C02FC81258E
Certificate serial: F1
Authority key identifier: 65:56:79:B5:64:FF:9D:D1:57:45:A9:9C:75:18:9C:02:FC:81:25:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ZVZ5tWT_ndFXRamcdRicAvyBJY4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/AMZN/X4HxZWmdjwcnNqKY_7Wsjg6f3pk.roa
Signing time: Thu 04 Jul 2024 15:34:11 +0000
ROA not before: Thu 04 Jul 2024 15:34:11 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7538
IP address blocks: 103.149.151.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 241 (0xf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=655679B564FF9DD15745A99C75189C02FC81258E
Validity
Not Before: Jul 4 15:34:11 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=5F81F165699D8F072736A298FFB5AC8E0E9FDE99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4c:8c:e3:a0:d4:1b:30:12:eb:c3:21:54:98:
81:e9:f2:f7:cb:6b:4f:41:c2:e1:9f:4e:67:e4:5c:
12:9e:cb:3b:af:1b:93:4f:03:dc:f0:8c:66:b8:91:
52:1f:13:39:4e:93:2a:ac:54:9f:30:a6:96:4d:d9:
7a:ef:ba:db:f1:f6:88:08:cf:b9:0e:33:12:bd:ee:
63:f9:ac:40:6a:8e:a3:76:6c:4f:32:e6:42:96:b8:
fa:ed:a2:a3:3c:b6:6a:2d:2e:2f:c2:65:1c:74:f1:
2d:1e:ca:6e:f6:0f:4c:54:84:cd:e8:67:9b:7d:eb:
f5:de:b7:94:ea:0c:87:c1:28:89:6d:69:c3:cd:50:
82:48:37:ea:d8:38:51:fc:9b:23:37:39:f3:e3:08:
6a:69:6d:2d:c4:89:25:12:27:a1:da:97:1b:16:b3:
6e:63:e4:36:df:ef:e2:fa:13:e9:f0:4d:ff:fb:87:
89:bb:6a:49:6d:dd:19:97:ef:63:d3:ba:dc:15:78:
e5:76:aa:03:09:10:73:b3:c3:53:99:b5:db:17:38:
a0:41:2e:1d:f8:1e:42:06:b4:c9:21:43:7c:47:c0:
c9:cb:e0:c0:3f:55:98:0a:93:85:af:4f:e1:c6:c5:
20:ac:94:7a:bf:a0:df:72:19:4b:6f:cd:18:d5:1c:
cd:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:81:F1:65:69:9D:8F:07:27:36:A2:98:FF:B5:AC:8E:0E:9F:DE:99
X509v3 Authority Key Identifier:
keyid:65:56:79:B5:64:FF:9D:D1:57:45:A9:9C:75:18:9C:02:FC:81:25:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AMZN/ZVZ5tWT_ndFXRamcdRicAvyBJY4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZVZ5tWT_ndFXRamcdRicAvyBJY4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/AMZN/X4HxZWmdjwcnNqKY_7Wsjg6f3pk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.151.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:03:eb:12:d4:25:3c:07:9e:70:d1:5e:1f:4f:eb:01:2b:1d:
a6:e9:3a:89:0d:70:40:18:a6:1d:3b:66:22:37:ae:49:be:fc:
3a:91:3b:86:a5:59:03:d1:69:27:ee:24:f6:e8:d8:60:66:9f:
f3:36:de:18:68:f5:32:19:ec:f8:e7:ba:8c:16:35:3a:f5:9e:
21:0f:a1:7e:1e:20:eb:63:e9:a8:2c:d9:d7:0f:e3:88:5f:c5:
64:5e:e1:95:d9:85:84:bf:04:51:7a:94:33:8d:22:87:fe:36:
d7:16:14:9c:14:d7:65:14:8c:5f:ee:67:3f:ef:0b:80:2f:ef:
6b:94:dc:e2:90:27:10:21:95:16:15:a9:72:f0:7a:5e:91:44:
6c:31:2e:61:76:20:f8:89:00:54:1f:66:7b:a6:b6:16:c1:d9:
b7:db:af:1f:ba:8c:01:07:a8:a7:cd:b6:24:d5:ad:9d:0d:0c:
ef:14:eb:85:1e:63:26:0f:a2:66:0b:ea:ba:b5:af:c5:b5:2b:
63:61:26:0f:ce:1a:59:12:62:21:75:3b:85:2d:b7:d4:9e:c5:
86:a0:f9:3c:5a:49:7c:c3:08:22:e0:59:77:7a:b1:df:08:42:
0d:5b:bf:c6:20:79:7b:19:81:bc:0e:06:32:96:21:f4:99:92:
f6:bc:d2:67
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAPEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjU1
Njc5QjU2NEZGOUREMTU3NDVBOTlDNzUxODlDMDJGQzgxMjU4RTAeFw0yNDA3MDQx
NTM0MTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDVGODFGMTY1Njk5RDhG
MDcyNzM2QTI5OEZGQjVBQzhFMEU5RkRFOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxTIzjoNQbMBLrwyFUmIHp8vfLa09BwuGfTmfkXBKeyzuvG5NP
A9zwjGa4kVIfEzlOkyqsVJ8wppZN2Xrvutvx9ogIz7kOMxK97mP5rEBqjqN2bE8y
5kKWuPrtoqM8tmotLi/CZRx08S0eym72D0xUhM3oZ5t96/Xet5TqDIfBKIltacPN
UIJIN+rYOFH8myM3OfPjCGppbS3EiSUSJ6HalxsWs25j5Dbf7+L6E+nwTf/7h4m7
aklt3RmX72PTutwVeOV2qgMJEHOzw1OZtdsXOKBBLh34HkIGtMkhQ3xHwMnL4MA/
VZgKk4WvT+HGxSCslHq/oN9yGUtvzRjVHM09AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUX4HxZWmdjwcnNqKY/7Wsjg6f3pkwHwYDVR0jBBgwFoAUZVZ5tWT/ndFXRamc
dRicAvyBJY4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQU1aTi9a
Vlo1dFdUX25kRlhSYW1jZFJpY0F2eUJKWTQuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1pWWjV0V1RfbmRGWFJhbWNkUmljQXZ5QkpZNC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FNWk4vWDRIeFpXbWRqd2NuTnFLWV83V3Nq
ZzZmM3BrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeVlzAN
BgkqhkiG9w0BAQsFAAOCAQEAuQPrEtQlPAeecNFeH0/rASsdpuk6iQ1wQBimHTtm
IjeuSb78OpE7hqVZA9FpJ+4k9ujYYGaf8zbeGGj1Mhns+Oe6jBY1OvWeIQ+hfh4g
62PpqCzZ1w/jiF/FZF7hldmFhL8EUXqUM40ih/421xYUnBTXZRSMX+5nP+8LgC/v
a5Tc4pAnECGVFhWpcvB6XpFEbDEuYXYg+IkAVB9me6a2FsHZt9uvH7qMAQeop822
JNWtnQ0M7xTrhR5jJg+iZgvqurWvxbUrY2EmD84aWRJiIXU7hS231J7FhqD5PFpJ
fMMIIuBZd3qx3whCDVu/xiB5exmBvA4GMpYh9JmS9rzSZw==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:17 2024 by rpki-client on console-fra.rpki-client.org