Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APNT/2Ca_ZY8r33PXoaYuQNT-3Gtf0pE.roa
File: 2Ca_ZY8r33PXoaYuQNT-3Gtf0pE.roa (raw, json)
Hash identifier: 2j9z9gcjVyD5XJqDRvl2EeNVXd1lVZMlhKlQotN6ufA=
Subject key identifier: D8:26:BF:65:8F:2B:DF:73:D7:A1:A6:2E:40:D4:FE:DC:6B:5F:D2:91
Certificate issuer: /CN=C2528D8C5B676FD9A24DFDA7E9217457B7310263
Certificate serial: 1038
Authority key identifier: C2:52:8D:8C:5B:67:6F:D9:A2:4D:FD:A7:E9:21:74:57:B7:31:02:63
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wlKNjFtnb9miTf2n6SF0V7cxAmM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/2Ca_ZY8r33PXoaYuQNT-3Gtf0pE.roa
Signing time: Sun 01 May 2022 15:34:36 +0000
ROA not before: Sun 01 May 2022 15:34:36 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 55789
IP address blocks: 103.130.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4152 (0x1038)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C2528D8C5B676FD9A24DFDA7E9217457B7310263
Validity
Not Before: May 1 15:34:36 2022 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=D826BF658F2BDF73D7A1A62E40D4FEDC6B5FD291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ed:c1:c2:5f:49:7a:3a:2f:d9:38:68:38:0f:
c7:fb:be:86:cb:0f:40:5f:51:a2:ba:7b:2c:16:04:
01:b9:2b:a6:a5:85:01:02:87:c9:ff:5f:d6:7f:20:
1f:10:56:c7:f8:61:9b:a5:6a:93:56:a0:0d:ee:ca:
a8:7b:6d:58:c3:ae:15:6b:f6:29:e9:fd:a3:ce:b7:
41:c4:47:72:8b:fe:39:e7:f2:cb:1c:4a:11:82:6a:
73:37:78:f5:2b:53:91:b4:73:fa:5e:45:65:df:61:
25:de:3f:70:2f:66:0d:14:3a:f0:ad:39:00:72:6e:
30:89:0d:a7:50:01:87:4a:fa:31:27:78:37:5e:df:
55:50:f9:1c:31:5e:ef:b6:14:0b:e8:c3:70:52:e6:
e7:90:3a:f8:a7:95:3f:9b:79:14:bb:e5:76:fb:40:
22:a9:6d:e0:b9:9e:ac:2e:6c:aa:b2:b8:70:e8:cb:
d1:1f:7f:d1:83:8d:1c:0c:bb:33:43:ed:7a:79:c2:
23:c1:bd:b2:93:e0:b3:73:d0:26:fe:40:1a:d9:4b:
f5:3c:31:18:7a:f1:d6:6e:b8:64:9b:ae:00:75:ba:
fd:d6:a6:fc:f7:3a:35:f9:ae:1d:e4:9a:39:c3:05:
ed:d1:ed:f3:c3:ed:95:20:8f:77:c8:14:7e:18:8c:
c4:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:26:BF:65:8F:2B:DF:73:D7:A1:A6:2E:40:D4:FE:DC:6B:5F:D2:91
X509v3 Authority Key Identifier:
keyid:C2:52:8D:8C:5B:67:6F:D9:A2:4D:FD:A7:E9:21:74:57:B7:31:02:63
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/wlKNjFtnb9miTf2n6SF0V7cxAmM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wlKNjFtnb9miTf2n6SF0V7cxAmM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/2Ca_ZY8r33PXoaYuQNT-3Gtf0pE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.28.0/22
Signature Algorithm: sha256WithRSAEncryption
88:7e:1d:0f:a0:44:03:ad:c5:96:1d:3f:81:26:87:78:6a:ed:
1d:e0:c6:9b:fc:c7:53:8c:39:c0:df:84:56:db:09:f1:a8:ec:
c1:f0:85:5c:1c:ee:5b:05:f1:0d:51:5a:0d:19:bb:c5:ec:47:
88:ab:72:e2:95:e6:4b:10:4a:83:95:c9:5a:41:3d:52:56:10:
b3:3b:a5:e8:5d:57:21:64:b6:7d:00:84:93:bc:8f:cd:cc:1c:
1f:48:fb:0e:56:c8:de:84:1f:03:d5:cb:56:e9:64:96:15:b1:
ac:cf:5d:f3:c4:e4:c3:03:c1:e3:5f:b8:db:b1:b8:d3:7e:e5:
6b:76:86:34:38:b7:2e:23:c4:3c:b7:f2:bd:44:51:cd:63:52:
cd:56:55:2d:29:1f:5e:16:50:7f:e4:ff:12:3a:52:6b:c8:58:
68:f7:41:4d:b3:c7:a9:d0:53:c8:c5:1b:8d:71:10:4c:95:7b:
4a:24:e0:80:23:0d:88:21:5a:03:77:94:01:0c:c2:28:f1:eb:
14:b4:b2:a5:0f:63:7d:fc:59:3c:78:8f:97:21:47:dd:2f:0e:
e7:da:c0:49:b6:ca:4a:a1:e5:6e:25:20:6f:e3:09:a9:cc:9b:
56:13:b7:13:d4:95:3b:bb:db:6f:69:d7:36:81:5a:e7:c3:cc:
ad:f7:46:72
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEDgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzI1
MjhEOEM1QjY3NkZEOUEyNERGREE3RTkyMTc0NTdCNzMxMDI2MzAeFw0yMjA1MDEx
NTM0MzZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQ4MjZCRjY1OEYyQkRG
NzNEN0ExQTYyRTQwRDRGRURDNkI1RkQyOTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCl7cHCX0l6Oi/ZOGg4D8f7vobLD0BfUaK6eywWBAG5K6alhQEC
h8n/X9Z/IB8QVsf4YZulapNWoA3uyqh7bVjDrhVr9inp/aPOt0HER3KL/jnn8ssc
ShGCanM3ePUrU5G0c/peRWXfYSXeP3AvZg0UOvCtOQBybjCJDadQAYdK+jEneDde
31VQ+RwxXu+2FAvow3BS5ueQOvinlT+beRS75Xb7QCKpbeC5nqwubKqyuHDoy9Ef
f9GDjRwMuzND7Xp5wiPBvbKT4LNz0Cb+QBrZS/U8MRh68dZuuGSbrgB1uv3Wpvz3
OjX5rh3kmjnDBe3R7fPD7ZUgj3fIFH4YjMS1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2Ca/ZY8r33PXoaYuQNT+3Gtf0pEwHwYDVR0jBBgwFoAUwlKNjFtnb9miTf2n
6SF0V7cxAmMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBOVC93
bEtOakZ0bmI5bWlUZjJuNlNGMFY3Y3hBbU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dsS05qRnRuYjltaVRmMm42U0YwVjdjeEFtTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQTlQvMkNhX1pZOHIzM1BYb2FZdVFOVC0z
R3RmMHBFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmeCHDAN
BgkqhkiG9w0BAQsFAAOCAQEAiH4dD6BEA63Flh0/gSaHeGrtHeDGm/zHU4w5wN+E
VtsJ8ajswfCFXBzuWwXxDVFaDRm7xexHiKty4pXmSxBKg5XJWkE9UlYQszul6F1X
IWS2fQCEk7yPzcwcH0j7DlbI3oQfA9XLVulklhWxrM9d88TkwwPB41+427G4037l
a3aGNDi3LiPEPLfyvURRzWNSzVZVLSkfXhZQf+T/EjpSa8hYaPdBTbPHqdBTyMUb
jXEQTJV7SiTggCMNiCFaA3eUAQzCKPHrFLSypQ9jffxZPHiPlyFH3S8O59rASbbK
SqHlbiUgb+MJqcybVhO3E9SVO7vbb2nXNoFa58PMrfdGcg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:59 2024 by rpki-client on console-ams.rpki-client.org