Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APNT/8TAyWImqNHjzi4dFQ0T5lrF-B3c.roa
File: 8TAyWImqNHjzi4dFQ0T5lrF-B3c.roa (raw, json)
Hash identifier: FhrcWV0otm/OA7asuwkCZ+OazQqDwN1Vb9C0SHLFamQ=
Subject key identifier: F1:30:32:58:89:AA:34:78:F3:8B:87:45:43:44:F9:96:B1:7E:07:77
Certificate issuer: /CN=C2528D8C5B676FD9A24DFDA7E9217457B7310263
Certificate serial: 11A0
Authority key identifier: C2:52:8D:8C:5B:67:6F:D9:A2:4D:FD:A7:E9:21:74:57:B7:31:02:63
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wlKNjFtnb9miTf2n6SF0V7cxAmM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/8TAyWImqNHjzi4dFQ0T5lrF-B3c.roa
Signing time: Fri 01 Sep 2023 08:04:02 +0000
ROA not before: Fri 01 Sep 2023 08:04:02 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131659
IP address blocks: 103.130.30.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4512 (0x11a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C2528D8C5B676FD9A24DFDA7E9217457B7310263
Validity
Not Before: Sep 1 08:04:02 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F130325889AA3478F38B87454344F996B17E0777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:58:b1:e4:37:1b:24:0e:2b:66:fa:1c:2e:ff:
d8:9b:7c:4e:a1:55:ed:a9:36:d9:1e:f4:e9:22:ce:
19:b1:94:ce:3f:f5:7e:03:fd:09:a1:8e:a1:1e:1c:
f4:12:47:21:ba:c3:c3:6e:bd:cc:0e:db:79:1a:ee:
e7:93:eb:2c:89:56:17:7c:17:41:e4:ba:5b:b1:13:
f1:1b:6e:22:07:5f:41:4e:84:af:1c:ac:5b:aa:9a:
97:27:68:e0:04:3f:13:b7:45:62:8e:a3:01:41:2c:
67:76:d4:a1:ef:c0:ab:7d:20:0a:21:fd:d2:33:b4:
be:1b:26:29:e9:33:97:9f:ed:9d:93:22:56:bd:25:
b2:0b:e2:d1:32:c2:89:8a:14:6b:fa:5d:dd:1a:a7:
9e:9d:37:67:e5:bf:d0:45:36:d7:ab:96:b7:c5:dc:
01:99:96:79:36:33:0b:1a:57:f8:49:0d:77:7c:3c:
f9:4f:f3:f6:2e:85:29:a6:be:12:2f:67:66:e6:2d:
65:e1:93:87:fb:be:23:bf:98:39:3c:23:fb:58:29:
f2:03:d2:fc:2a:00:8b:dd:4d:f8:4c:62:e9:55:18:
26:68:f7:90:74:12:a9:f5:03:51:d5:b2:a9:98:84:
c6:00:01:7c:da:50:ab:b3:d7:35:40:09:93:94:0b:
03:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:30:32:58:89:AA:34:78:F3:8B:87:45:43:44:F9:96:B1:7E:07:77
X509v3 Authority Key Identifier:
keyid:C2:52:8D:8C:5B:67:6F:D9:A2:4D:FD:A7:E9:21:74:57:B7:31:02:63
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/wlKNjFtnb9miTf2n6SF0V7cxAmM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wlKNjFtnb9miTf2n6SF0V7cxAmM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/8TAyWImqNHjzi4dFQ0T5lrF-B3c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.30.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:46:7d:6b:6e:e5:9c:6c:69:a9:b2:94:55:33:9c:47:b5:f2:
11:c6:31:b8:dd:db:bd:32:46:db:1f:4f:7e:82:ec:97:ae:24:
12:aa:0f:38:7c:ce:13:e8:a2:d8:b6:b1:bb:b5:c5:10:62:5b:
e8:bf:2e:b5:c9:94:7e:21:54:91:00:e5:29:6d:06:16:49:a5:
7d:ae:1f:2c:1b:90:14:9d:19:dc:a9:c3:52:42:21:4b:45:89:
59:75:5b:06:0f:a4:81:23:5c:05:46:64:00:3e:3c:4a:16:97:
0f:ed:89:50:1c:85:21:b4:d5:0e:35:c3:5f:7a:ad:cf:79:31:
bb:3a:cd:aa:c9:6f:41:18:14:f1:3e:44:f0:bf:13:77:ee:8c:
b3:d4:ca:63:d5:bc:4f:17:69:8d:cf:62:bf:e4:5e:59:79:40:
10:46:a5:bc:81:0a:6e:66:55:5c:8c:c7:0a:3c:47:60:3f:45:
da:04:ff:fa:15:a3:1f:2a:68:96:16:3e:15:fd:8a:4c:a7:d0:
98:68:6b:bf:2a:0d:1a:6a:12:15:bb:0d:f7:58:43:93:ee:e8:
5a:6f:88:f9:5a:21:79:db:60:04:5c:a9:b9:4c:34:77:a7:0e:
92:9d:6a:de:9e:2d:1b:e3:6e:3a:90:c3:a3:0c:f5:7c:90:6d:
8d:8c:dc:c6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzI1
MjhEOEM1QjY3NkZEOUEyNERGREE3RTkyMTc0NTdCNzMxMDI2MzAeFw0yMzA5MDEw
ODA0MDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEYxMzAzMjU4ODlBQTM0
NzhGMzhCODc0NTQzNDRGOTk2QjE3RTA3NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYWLHkNxskDitm+hwu/9ibfE6hVe2pNtke9OkizhmxlM4/9X4D
/QmhjqEeHPQSRyG6w8NuvcwO23ka7ueT6yyJVhd8F0HkuluxE/EbbiIHX0FOhK8c
rFuqmpcnaOAEPxO3RWKOowFBLGd21KHvwKt9IAoh/dIztL4bJinpM5ef7Z2TIla9
JbIL4tEywomKFGv6Xd0ap56dN2flv9BFNterlrfF3AGZlnk2MwsaV/hJDXd8PPlP
8/YuhSmmvhIvZ2bmLWXhk4f7viO/mDk8I/tYKfID0vwqAIvdTfhMYulVGCZo95B0
Eqn1A1HVsqmYhMYAAXzaUKuz1zVACZOUCwNJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU8TAyWImqNHjzi4dFQ0T5lrF+B3cwHwYDVR0jBBgwFoAUwlKNjFtnb9miTf2n
6SF0V7cxAmMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBOVC93
bEtOakZ0bmI5bWlUZjJuNlNGMFY3Y3hBbU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dsS05qRnRuYjltaVRmMm42U0YwVjdjeEFtTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQTlQvOFRBeVdJbXFOSGp6aTRkRlEwVDVs
ckYtQjNjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeCHjAN
BgkqhkiG9w0BAQsFAAOCAQEAT0Z9a27lnGxpqbKUVTOcR7XyEcYxuN3bvTJG2x9P
foLsl64kEqoPOHzOE+ii2Laxu7XFEGJb6L8utcmUfiFUkQDlKW0GFkmlfa4fLBuQ
FJ0Z3KnDUkIhS0WJWXVbBg+kgSNcBUZkAD48ShaXD+2JUByFIbTVDjXDX3qtz3kx
uzrNqslvQRgU8T5E8L8Td+6Ms9TKY9W8Txdpjc9iv+ReWXlAEEalvIEKbmZVXIzH
CjxHYD9F2gT/+hWjHypolhY+Ff2KTKfQmGhrvyoNGmoSFbsN91hDk+7oWm+I+Voh
edtgBFypuUw0d6cOkp1q3p4tG+NuOpDDowz1fJBtjYzcxg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:57:02 2025 by rpki-client