Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/-CDSTUagggkXRiLHytAOqLdKcps.roa
File: -CDSTUagggkXRiLHytAOqLdKcps.roa (raw, json)
Hash identifier: U8l0WutWUBLaK3ALUvMTsffTSSiUD6QTG92Vhz2wPho=
Subject key identifier: F8:20:D2:4D:46:A0:82:09:17:46:22:C7:CA:D0:0E:A8:B7:4A:72:9B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1057
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-CDSTUagggkXRiLHytAOqLdKcps.roa
Signing time: Tue 16 May 2023 08:36:04 +0000
ROA not before: Tue 16 May 2023 08:36:04 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 210.203.20.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4183 (0x1057)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:04 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=F820D24D46A08209174622C7CAD00EA8B74A729B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:79:ab:08:e1:d6:71:55:7b:e9:1d:38:45:85:
51:89:de:d3:98:72:7a:c1:0c:52:6f:a3:f0:d0:0d:
2e:5b:37:76:c8:1f:ab:e7:23:33:60:17:a1:c0:08:
3c:1a:61:c9:bc:9a:8f:6c:9b:0e:31:9f:f1:95:5c:
8d:80:73:75:82:fd:c3:e8:29:c5:7a:8c:09:7f:0b:
e3:8e:4e:d1:55:de:c7:ba:db:0f:53:d3:d5:18:2c:
2f:2f:bc:12:eb:8d:94:01:8f:2c:9f:3e:50:d1:be:
74:e2:4f:cd:70:39:52:00:88:ad:50:b7:73:6a:a2:
85:55:6b:ec:b5:85:e3:db:79:c9:7a:7b:ef:7d:08:
56:80:fe:4e:96:ac:25:f1:d3:f3:d1:dc:5b:32:f6:
8d:24:bd:62:e2:1f:21:54:37:b9:43:33:e3:a6:98:
b0:ce:01:be:9c:30:7a:5b:0d:6c:8a:d0:5f:e1:a5:
00:a0:c3:16:dc:e6:ce:7d:be:b6:58:2f:94:1d:71:
98:40:fe:6a:37:67:6b:d6:05:29:34:82:56:9d:95:
ac:9a:b1:18:17:e1:a3:26:3e:a0:43:cf:e7:4c:54:
60:ad:aa:b5:e0:4b:99:7c:87:58:4a:4c:be:e9:38:
4d:f5:68:2a:1f:81:cf:92:f8:b6:b9:87:f3:e5:d1:
c1:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:20:D2:4D:46:A0:82:09:17:46:22:C7:CA:D0:0E:A8:B7:4A:72:9B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-CDSTUagggkXRiLHytAOqLdKcps.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.20.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:00:1b:8d:35:9f:39:88:32:76:c1:cb:48:ab:c8:b0:5c:44:
4b:d1:dc:4f:16:bc:11:60:b7:ee:6d:a1:77:05:b7:38:52:d9:
c6:b4:ab:ea:75:53:6c:40:d1:32:2d:bf:11:c5:ca:fe:2a:41:
fa:5a:02:ea:20:a0:a1:4e:b4:96:b1:7b:a6:5b:88:16:55:ba:
c8:3c:dd:be:64:c7:5c:35:45:90:48:b6:c8:bf:22:0d:81:04:
87:43:30:33:78:e4:04:0e:73:61:29:ef:f9:e8:c8:ee:48:38:
c5:e5:33:5e:a3:13:82:69:03:70:18:69:f0:28:93:54:de:5e:
18:f5:6f:55:b2:fc:41:77:2c:46:91:75:3f:5a:cb:67:c9:f6:
d6:99:8e:96:41:b3:67:95:7f:54:1e:1c:95:ef:08:e4:9f:fd:
da:03:24:3a:ff:88:c5:75:f5:a2:47:d9:f2:b7:24:94:fc:b0:
b4:22:a6:7e:78:20:a2:9e:4d:7f:47:62:8f:cc:68:39:47:f3:
24:e3:99:2d:b3:2b:bc:3e:14:af:45:08:91:71:8d:f0:37:74:
73:3c:67:13:b6:f1:7b:bd:42:ba:e2:4f:b1:b7:5b:32:72:af:
e0:09:8b:32:e0:ff:0a:37:3e:b7:91:24:3b:a4:e5:01:8f:29:
b4:7b:7d:99
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEFcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MDRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY4MjBEMjRENDZBMDgy
MDkxNzQ2MjJDN0NBRDAwRUE4Qjc0QTcyOUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmeasI4dZxVXvpHThFhVGJ3tOYcnrBDFJvo/DQDS5bN3bIH6vn
IzNgF6HACDwaYcm8mo9smw4xn/GVXI2Ac3WC/cPoKcV6jAl/C+OOTtFV3se62w9T
09UYLC8vvBLrjZQBjyyfPlDRvnTiT81wOVIAiK1Qt3NqooVVa+y1hePbecl6e+99
CFaA/k6WrCXx0/PR3Fsy9o0kvWLiHyFUN7lDM+OmmLDOAb6cMHpbDWyK0F/hpQCg
wxbc5s59vrZYL5QdcZhA/mo3Z2vWBSk0gladlayasRgX4aMmPqBDz+dMVGCtqrXg
S5l8h1hKTL7pOE31aCofgc+S+La5h/Pl0cF1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU+CDSTUagggkXRiLHytAOqLdKcpswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvLUNEU1RVYWdnZ2tYUmlMSHl0QU9x
TGRLY3BzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLLFDAN
BgkqhkiG9w0BAQsFAAOCAQEAsgAbjTWfOYgydsHLSKvIsFxES9HcTxa8EWC37m2h
dwW3OFLZxrSr6nVTbEDRMi2/EcXK/ipB+loC6iCgoU60lrF7pluIFlW6yDzdvmTH
XDVFkEi2yL8iDYEEh0MwM3jkBA5zYSnv+ejI7kg4xeUzXqMTgmkDcBhp8CiTVN5e
GPVvVbL8QXcsRpF1P1rLZ8n21pmOlkGzZ5V/VB4cle8I5J/92gMkOv+IxXX1okfZ
8rcklPywtCKmfnggop5Nf0dij8xoOUfzJOOZLbMrvD4Ur0UIkXGN8Dd0czxnE7bx
e71CuuJPsbdbMnKv4AmLMuD/Cjc+t5EkO6TlAY8ptHt9mQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:30 2024 by rpki-client on console-fra.rpki-client.org