Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/09e7oRfQypK8VQpZNIj27pPMJx4.roa
File: 09e7oRfQypK8VQpZNIj27pPMJx4.roa (raw, json)
Hash identifier: DM7O79UrYsrVqL2lMIhexfskiKK9qbNOejCuvjIAi3Q=
Subject key identifier: D3:D7:BB:A1:17:D0:CA:92:BC:55:0A:59:34:88:F6:EE:93:CC:27:1E
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1293
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/09e7oRfQypK8VQpZNIj27pPMJx4.roa
Signing time: Fri 01 Sep 2023 08:04:39 +0000
ROA not before: Fri 01 Sep 2023 08:04:39 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 124.218.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4755 (0x1293)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:39 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D3D7BBA117D0CA92BC550A593488F6EE93CC271E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c1:39:3c:4b:3e:f4:46:5d:cf:57:3c:17:db:
db:61:54:b9:b6:41:05:1a:1f:fc:13:a1:50:83:2d:
c9:0f:8c:86:d4:b5:2f:21:24:3e:db:5a:e7:ef:98:
47:2c:ac:c8:64:16:47:39:93:da:ac:35:08:47:a7:
66:de:9b:c6:f8:98:98:3f:e5:28:1e:a6:21:00:f8:
4d:17:03:b1:b1:30:14:61:ae:83:df:97:6a:e0:8b:
a2:a0:38:9b:01:a3:45:66:c5:29:5c:34:db:ac:af:
3b:cc:98:cd:3e:24:8a:3d:55:5f:20:fd:fa:a9:8f:
6c:28:2f:e4:e3:ab:23:e9:df:f7:32:72:e9:6b:5a:
54:d4:74:3b:c5:ab:de:12:f5:c0:30:66:ac:fc:f9:
76:de:19:04:d0:34:3b:36:ae:4f:4a:1d:88:62:af:
01:c9:73:f7:5e:07:1d:20:c3:68:60:1c:c6:cd:99:
ea:da:52:12:f9:f0:09:e6:29:77:5c:19:08:24:15:
b0:43:35:32:ee:b5:3f:6f:12:6d:7d:11:c0:64:6b:
31:57:0a:f9:34:35:8e:21:ea:4c:6a:ae:16:fd:d3:
da:1b:7c:43:03:fc:a7:b7:b6:e4:34:75:2a:9a:a7:
7c:0a:b4:d4:bf:9d:89:d0:b5:9d:8e:cd:51:60:df:
a1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:D7:BB:A1:17:D0:CA:92:BC:55:0A:59:34:88:F6:EE:93:CC:27:1E
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/09e7oRfQypK8VQpZNIj27pPMJx4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.0.0/16
Signature Algorithm: sha256WithRSAEncryption
76:b0:04:3d:2a:62:76:d0:de:dc:9c:4b:7e:b8:64:8c:03:29:
02:ab:93:e3:d7:bc:c6:f8:77:7c:91:39:16:8c:2e:13:42:26:
b2:63:ac:1d:a7:e3:25:57:14:9c:d2:ea:ad:f3:98:17:46:f7:
3b:fd:af:ae:97:d0:e1:87:cc:41:f3:6e:94:a4:db:bc:19:0d:
79:e2:bb:63:02:92:ed:eb:82:4b:47:a0:34:3b:98:2c:ce:0c:
37:fb:9d:f9:d8:be:8c:7c:15:59:6a:be:86:40:fb:e6:a1:25:
6b:21:b1:db:ce:19:b1:18:09:fc:38:e3:63:8a:0c:a4:b6:dc:
4d:6a:a8:c9:95:46:2f:ba:6b:20:93:eb:9e:6e:01:5b:dc:cf:
e0:16:33:30:94:62:e8:df:73:50:74:5f:d1:50:87:0a:22:98:
f8:20:a8:2b:ee:6d:8d:53:80:43:6d:b4:2b:f0:ad:64:4b:5b:
6d:2b:ee:3c:fc:04:4b:20:4a:56:10:7c:19:ff:f2:e3:4f:8c:
cb:d7:a2:c1:5b:a7:6a:77:c1:7c:0b:c9:05:81:b6:01:1f:5b:
22:45:fd:39:a6:16:d5:ed:02:d6:fd:a3:eb:d1:2d:e3:c1:75:
85:b0:eb:a2:49:03:b6:2f:14:6a:ad:09:90:2d:66:12:d2:2c:
57:30:08:93
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEpMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQzRDdCQkExMTdEMENB
OTJCQzU1MEE1OTM0ODhGNkVFOTNDQzI3MUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcwTk8Sz70Rl3PVzwX29thVLm2QQUaH/wToVCDLckPjIbUtS8h
JD7bWufvmEcsrMhkFkc5k9qsNQhHp2bem8b4mJg/5SgepiEA+E0XA7GxMBRhroPf
l2rgi6KgOJsBo0VmxSlcNNusrzvMmM0+JIo9VV8g/fqpj2woL+TjqyPp3/cyculr
WlTUdDvFq94S9cAwZqz8+XbeGQTQNDs2rk9KHYhirwHJc/deBx0gw2hgHMbNmera
UhL58AnmKXdcGQgkFbBDNTLutT9vEm19EcBkazFXCvk0NY4h6kxqrhb909obfEMD
/Ke3tuQ0dSqap3wKtNS/nYnQtZ2OzVFg36GDAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQU09e7oRfQypK8VQpZNIj27pPMJx4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMDllN29SZlF5cEs4VlFwWk5JajI3
cFBNSng0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAHzaMA0G
CSqGSIb3DQEBCwUAA4IBAQB2sAQ9KmJ20N7cnEt+uGSMAykCq5Pj17zG+Hd8kTkW
jC4TQiayY6wdp+MlVxSc0uqt85gXRvc7/a+ul9Dhh8xB826UpNu8GQ154rtjApLt
64JLR6A0O5gszgw3+5352L6MfBVZar6GQPvmoSVrIbHbzhmxGAn8OONjigykttxN
aqjJlUYvumsgk+uebgFb3M/gFjMwlGLo33NQdF/RUIcKIpj4IKgr7m2NU4BDbbQr
8K1kS1ttK+48/ARLIEpWEHwZ//LjT4zL16LBW6dqd8F8C8kFgbYBH1siRf05phbV
7QLW/aPr0S3jwXWFsOuiSQO2LxRqrQmQLWYS0ixXMAiT
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org