Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/-cQKYz4zgA7U_FU2kU5qFhNebbU.roa
File: -cQKYz4zgA7U_FU2kU5qFhNebbU.roa (raw, json)
Hash identifier: OqMEsf32ibo8nI3mVYY6Zh3JWsodx1+rEzJ/mHvdSoI=
Subject key identifier: F9:C4:0A:63:3E:33:80:0E:D4:FC:55:36:91:4E:6A:16:13:5E:6D:B5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1254
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-cQKYz4zgA7U_FU2kU5qFhNebbU.roa
Signing time: Fri 01 Sep 2023 08:04:20 +0000
ROA not before: Fri 01 Sep 2023 08:04:20 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 203.79.251.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4692 (0x1254)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:20 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F9C40A633E33800ED4FC5536914E6A16135E6DB5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:20:53:7a:5a:8e:6b:3d:b4:5e:4a:ef:36:e3:
87:1a:92:e5:48:08:47:25:a8:73:20:0a:7f:0d:67:
91:d5:73:6b:8b:37:19:0d:6a:9a:e7:ca:e1:dd:7c:
74:77:a3:6c:0c:af:a6:f5:9c:5f:36:73:5c:bf:0d:
72:37:46:0f:f6:b8:c5:b6:29:37:fc:bb:cd:c1:e5:
5d:4b:75:10:ed:c2:6e:2f:62:21:37:18:76:eb:46:
a2:2f:06:cf:2a:3c:50:a0:08:13:bc:63:0f:7a:4b:
4b:5b:0b:78:a3:49:6d:e2:be:ef:99:38:3a:cf:47:
53:4c:3e:96:f3:8e:98:5e:bc:d7:e2:4f:e0:a7:4d:
8f:cc:0c:28:aa:3c:c3:21:de:9f:87:26:5c:42:3c:
1a:d1:56:5b:9e:2c:f8:20:a0:44:d5:49:69:8d:91:
8f:1b:ce:e0:67:df:46:5e:7a:7c:6e:8f:d2:e3:7c:
32:ee:0c:2d:3d:fb:a1:bf:d5:53:d4:e2:2c:be:98:
b9:6e:bf:75:40:bf:68:b5:e2:fb:8d:ab:5e:13:63:
be:0c:6f:c5:5f:7d:a2:3d:92:3c:37:56:0d:4e:70:
b0:b7:5f:76:a0:b6:fd:38:6d:12:52:bb:dc:62:0c:
ae:af:e9:a0:ea:e7:50:60:84:97:77:e4:2d:83:53:
77:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:C4:0A:63:3E:33:80:0E:D4:FC:55:36:91:4E:6A:16:13:5E:6D:B5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-cQKYz4zgA7U_FU2kU5qFhNebbU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.251.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:a4:79:04:25:8a:1b:03:ca:35:ed:b9:5a:50:1d:eb:46:2f:
b1:3b:0f:06:c0:40:6c:a5:e0:51:16:21:b1:d5:77:b9:37:40:
29:48:5c:ce:4a:b6:d1:09:57:2f:5b:6f:f9:c0:e8:80:c8:41:
c9:7b:67:63:65:b5:fd:70:47:25:cd:0b:21:cb:04:05:73:48:
f1:a0:81:17:a1:15:ae:7e:a0:fb:eb:0b:c8:1d:8c:fc:bd:23:
11:69:27:20:0f:ed:8c:b8:7e:87:ba:76:6e:3f:8e:f8:d5:f0:
8b:b9:f4:4a:54:ff:d8:a1:2f:f6:ca:5d:04:1e:1d:59:ba:f5:
ff:ab:cf:0b:93:88:68:72:70:60:2a:62:76:48:60:43:a4:16:
0d:78:ea:29:3f:29:b7:f1:ea:4e:98:2e:ad:17:27:58:10:f9:
cd:b1:ca:ad:21:68:5e:f1:e2:0a:d8:7f:b4:9a:86:62:a4:14:
15:ff:2e:7e:6e:ed:f5:51:c7:a0:3a:5c:9e:99:7d:31:f8:d7:
fa:eb:60:36:4c:62:ca:73:47:98:29:c6:c0:3a:f4:68:5d:d5:
b1:35:70:72:7f:4e:be:40:46:85:93:57:4b:b2:ab:08:89:7e:
e7:f0:e5:20:40:39:2c:f4:64:d2:63:9c:28:2a:57:2e:f9:4f:
9e:18:5a:d6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICElQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEY5QzQwQTYzM0UzMzgw
MEVENEZDNTUzNjkxNEU2QTE2MTM1RTZEQjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0IFN6Wo5rPbReSu8244cakuVICEclqHMgCn8NZ5HVc2uLNxkN
aprnyuHdfHR3o2wMr6b1nF82c1y/DXI3Rg/2uMW2KTf8u83B5V1LdRDtwm4vYiE3
GHbrRqIvBs8qPFCgCBO8Yw96S0tbC3ijSW3ivu+ZODrPR1NMPpbzjphevNfiT+Cn
TY/MDCiqPMMh3p+HJlxCPBrRVlueLPggoETVSWmNkY8bzuBn30Zeenxuj9LjfDLu
DC09+6G/1VPU4iy+mLluv3VAv2i14vuNq14TY74Mb8VffaI9kjw3Vg1OcLC3X3ag
tv04bRJSu9xiDK6v6aDq51BghJd35C2DU3fBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU+cQKYz4zgA7U/FU2kU5qFhNebbUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvLWNRS1l6NHpnQTdVX0ZVMmtVNXFG
aE5lYmJVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMtP+zAN
BgkqhkiG9w0BAQsFAAOCAQEAb6R5BCWKGwPKNe25WlAd60YvsTsPBsBAbKXgURYh
sdV3uTdAKUhczkq20QlXL1tv+cDogMhByXtnY2W1/XBHJc0LIcsEBXNI8aCBF6EV
rn6g++sLyB2M/L0jEWknIA/tjLh+h7p2bj+O+NXwi7n0SlT/2KEv9spdBB4dWbr1
/6vPC5OIaHJwYCpidkhgQ6QWDXjqKT8pt/HqTpgurRcnWBD5zbHKrSFoXvHiCth/
tJqGYqQUFf8ufm7t9VHHoDpcnpl9MfjX+utgNkxiynNHmCnGwDr0aF3VsTVwcn9O
vkBGhZNXS7KrCIl+5/DlIEA5LPRk0mOcKCpXLvlPnhha1g==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org