Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APNT/a0_3XJQ-DVGDYP32Y7PY2tB3edA.roa
File: a0_3XJQ-DVGDYP32Y7PY2tB3edA.roa (raw, json)
Hash identifier: Qul90x3FcdTQYsT0a6uIv78JCBZ/piSaBRth1xeqpQ0=
Subject key identifier: 6B:4F:F7:5C:94:3E:0D:51:83:60:FD:F6:63:B3:D8:DA:D0:77:79:D0
Certificate issuer: /CN=C2528D8C5B676FD9A24DFDA7E9217457B7310263
Certificate serial: 113D
Authority key identifier: C2:52:8D:8C:5B:67:6F:D9:A2:4D:FD:A7:E9:21:74:57:B7:31:02:63
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/wlKNjFtnb9miTf2n6SF0V7cxAmM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/a0_3XJQ-DVGDYP32Y7PY2tB3edA.roa
Signing time: Wed 10 May 2023 13:18:22 +0000
ROA not before: Wed 10 May 2023 13:18:22 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131630
IP address blocks: 103.130.28.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4413 (0x113d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C2528D8C5B676FD9A24DFDA7E9217457B7310263
Validity
Not Before: May 10 13:18:22 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=6B4FF75C943E0D518360FDF663B3D8DAD07779D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:59:08:93:6a:fa:41:76:19:3f:ee:dc:8e:db:
85:83:a2:c1:11:94:be:3f:3c:1a:62:3d:ae:b0:42:
03:e1:11:c1:c1:22:cf:3e:98:f7:2c:dc:e7:db:13:
1b:f0:98:8e:a2:a2:85:f9:bd:f8:89:c7:11:9f:37:
ac:02:29:10:b6:ab:35:ea:3f:5b:bc:0a:11:d8:ec:
49:6c:19:00:5d:05:37:01:23:10:ca:92:8c:a3:25:
6a:b8:42:51:e2:e4:68:ce:c6:b8:06:52:08:a3:1c:
8e:1c:7b:af:e2:5a:da:6e:78:07:ef:46:11:cd:79:
4d:30:6a:a3:3e:e9:21:bf:00:86:bd:8a:21:58:f1:
d1:be:43:6b:2e:62:76:10:41:64:1b:58:76:af:2a:
47:1a:be:bc:0d:fc:3b:8e:c3:b2:69:94:ed:a6:98:
b2:e5:65:3b:20:4a:0d:b4:b2:6e:9f:be:30:71:07:
fb:79:9a:ec:d9:ed:bc:06:4c:65:9c:37:95:c2:b2:
7a:48:4d:89:bf:a7:b0:a4:f3:b1:9f:f8:7e:f0:ac:
d5:92:0b:79:ce:de:59:dc:5b:a8:7f:57:9d:e6:5b:
d1:9b:ae:ae:fc:fd:93:42:da:17:70:a5:a8:80:eb:
a2:73:dc:0a:ce:4f:dd:b1:ae:8e:c2:5c:8d:51:01:
2b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:4F:F7:5C:94:3E:0D:51:83:60:FD:F6:63:B3:D8:DA:D0:77:79:D0
X509v3 Authority Key Identifier:
keyid:C2:52:8D:8C:5B:67:6F:D9:A2:4D:FD:A7:E9:21:74:57:B7:31:02:63
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/wlKNjFtnb9miTf2n6SF0V7cxAmM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/wlKNjFtnb9miTf2n6SF0V7cxAmM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APNT/a0_3XJQ-DVGDYP32Y7PY2tB3edA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.28.0/22
Signature Algorithm: sha256WithRSAEncryption
3b:52:6d:73:84:15:54:3f:71:8b:8a:70:1c:9c:50:73:34:d4:
c3:c9:eb:79:90:a0:d6:1a:81:dc:05:c5:73:9d:27:09:cc:09:
5e:6c:f9:52:ac:aa:86:97:ca:71:2a:ee:06:37:5d:7c:be:db:
8c:ad:c1:81:44:bd:0c:7a:97:d9:5c:b6:1e:ea:62:73:9d:d2:
55:a8:84:05:b8:e5:af:b8:31:71:2a:0c:78:f5:6f:0b:37:66:
6f:2c:a8:7c:e0:75:77:ec:eb:0d:26:3e:31:da:f5:a6:96:5c:
e0:4c:a1:7c:d5:38:0f:4b:31:be:7a:11:f1:78:5c:da:e0:c3:
af:df:73:52:c0:4e:41:49:72:4b:b0:36:da:a1:bf:4c:d9:86:
f5:8e:5c:c4:e0:f5:a5:b2:d2:93:d4:b6:19:9f:0a:59:c8:53:
09:f2:75:33:9a:c4:47:90:ee:43:9a:84:71:34:79:13:e5:90:
69:d0:72:a8:75:c0:8d:a0:e8:30:b6:a7:15:94:4a:d2:48:0e:
bd:66:3f:9f:39:30:c1:84:94:00:41:d1:34:9a:96:de:95:85:
28:16:6b:80:35:de:b3:83:a4:81:fa:ef:e6:c6:f7:b6:23:63:
2b:d2:3d:55:c8:7e:08:f5:94:46:10:9c:24:00:b7:ae:19:2a:
ba:c1:4c:f6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICET0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzI1
MjhEOEM1QjY3NkZEOUEyNERGREE3RTkyMTc0NTdCNzMxMDI2MzAeFw0yMzA1MTAx
MzE4MjJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDZCNEZGNzVDOTQzRTBE
NTE4MzYwRkRGNjYzQjNEOERBRDA3Nzc5RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpWQiTavpBdhk/7tyO24WDosERlL4/PBpiPa6wQgPhEcHBIs8+
mPcs3OfbExvwmI6iooX5vfiJxxGfN6wCKRC2qzXqP1u8ChHY7ElsGQBdBTcBIxDK
koyjJWq4QlHi5GjOxrgGUgijHI4ce6/iWtpueAfvRhHNeU0waqM+6SG/AIa9iiFY
8dG+Q2suYnYQQWQbWHavKkcavrwN/DuOw7JplO2mmLLlZTsgSg20sm6fvjBxB/t5
muzZ7bwGTGWcN5XCsnpITYm/p7Ck87Gf+H7wrNWSC3nO3lncW6h/V53mW9Gbrq78
/ZNC2hdwpaiA66Jz3ArOT92xro7CXI1RASsbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUa0/3XJQ+DVGDYP32Y7PY2tB3edAwHwYDVR0jBBgwFoAUwlKNjFtnb9miTf2n
6SF0V7cxAmMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBOVC93
bEtOakZ0bmI5bWlUZjJuNlNGMFY3Y3hBbU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L3dsS05qRnRuYjltaVRmMm42U0YwVjdjeEFtTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQTlQvYTBfM1hKUS1EVkdEWVAzMlk3UFky
dEIzZWRBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmeCHDAN
BgkqhkiG9w0BAQsFAAOCAQEAO1Jtc4QVVD9xi4pwHJxQczTUw8nreZCg1hqB3AXF
c50nCcwJXmz5UqyqhpfKcSruBjddfL7bjK3BgUS9DHqX2Vy2Hupic53SVaiEBbjl
r7gxcSoMePVvCzdmbyyofOB1d+zrDSY+Mdr1ppZc4EyhfNU4D0sxvnoR8Xhc2uDD
r99zUsBOQUlyS7A22qG/TNmG9Y5cxOD1pbLSk9S2GZ8KWchTCfJ1M5rER5DuQ5qE
cTR5E+WQadByqHXAjaDoMLanFZRK0kgOvWY/nzkwwYSUAEHRNJqW3pWFKBZrgDXe
s4Okgfrv5sb3tiNjK9I9Vch+CPWURhCcJAC3rhkqusFM9g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:59 2024 by rpki-client on console-ams.rpki-client.org