Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/0LOYJfoQVwb3hQdO4GkbdHwXpRg.roa
File: 0LOYJfoQVwb3hQdO4GkbdHwXpRg.roa (raw, json)
Hash identifier: m96Q/Sin5rzKkrbfbSVSqadTrri2PUVgprTHJamwCyU=
Subject key identifier: D0:B3:98:25:FA:10:57:06:F7:85:07:4E:E0:69:1B:74:7C:17:A5:18
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1250
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/0LOYJfoQVwb3hQdO4GkbdHwXpRg.roa
Signing time: Fri 01 Sep 2023 08:04:19 +0000
ROA not before: Fri 01 Sep 2023 08:04:19 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 222.156.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4688 (0x1250)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:19 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D0B39825FA105706F785074EE0691B747C17A518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:54:4e:cc:73:12:90:38:9b:ef:b3:d1:1e:f9:
b0:a1:7a:f5:ad:9b:26:48:40:f4:bd:fd:6e:5c:37:
7f:ff:68:82:a1:27:27:68:13:08:c0:23:29:7e:c6:
b7:57:47:d2:fd:37:5e:ed:09:dd:9f:23:f3:f8:91:
a0:f6:eb:45:7d:b7:08:73:a6:2c:b6:ca:26:5d:d2:
be:41:21:bc:8e:89:ff:30:ac:4c:77:41:07:3c:86:
ef:7e:15:dd:2c:73:2d:51:28:7a:bd:74:49:0a:b1:
48:e3:99:5f:21:bf:23:c8:b8:5d:05:69:4d:c6:00:
0b:48:8d:8f:9f:52:97:02:18:1f:cf:5d:89:75:ba:
d7:a8:a0:cf:97:37:29:5b:7d:ce:d7:f9:f1:f2:90:
11:a2:89:f6:e8:bb:58:12:6e:6a:22:bf:51:df:13:
89:e3:94:e0:47:bc:c8:97:a8:3c:69:a6:0c:a1:54:
29:cd:c1:75:f4:d4:77:ba:67:16:98:e6:df:8b:09:
74:6a:1b:d5:25:8b:6a:5a:7b:ec:85:2d:75:93:6d:
ea:ec:4e:84:76:6c:bc:f7:11:da:cd:a9:84:b0:f3:
3e:b3:f4:24:69:48:a5:6a:7e:61:6a:58:00:cb:bb:
23:a3:f1:23:30:2c:99:f6:a8:e5:07:b2:12:e2:29:
7a:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B3:98:25:FA:10:57:06:F7:85:07:4E:E0:69:1B:74:7C:17:A5:18
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/0LOYJfoQVwb3hQdO4GkbdHwXpRg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.156.246.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:17:04:4e:34:c8:a0:7b:84:7e:d8:d0:c2:81:47:2b:7c:8e:
5a:56:b0:35:45:44:b9:4b:a1:12:e8:bf:a6:2c:57:65:21:45:
90:d0:0e:c0:a5:dd:63:2e:16:f9:01:82:10:5d:8e:07:be:4e:
59:2c:9d:a9:f4:84:a2:a3:a9:19:bf:f2:24:7b:c8:e1:ca:53:
4e:77:b1:46:76:d4:29:8c:10:43:a9:1a:22:47:98:0c:78:e1:
85:90:82:f5:c7:54:5d:36:cb:1f:f5:18:22:0f:ae:a4:c0:8c:
fc:0f:d4:a1:b1:94:bf:d4:b3:41:da:da:2c:3b:9e:11:8b:cc:
82:c9:a7:b2:8b:30:83:4a:dc:62:dc:6d:d4:30:6a:85:cd:62:
42:be:64:e5:9f:d5:b9:9d:1b:c4:ab:9f:1b:ce:77:1b:11:f8:
a4:8f:12:05:43:b5:94:9d:4b:93:c9:30:8c:c3:b5:19:c3:f2:
29:b4:fb:50:a5:0c:63:c8:e6:e6:5a:06:12:5d:8a:5f:fe:96:
f2:a1:12:e5:e2:d4:8c:62:ba:64:b4:23:31:c2:67:95:75:04:
8e:2f:00:8a:34:10:e4:41:ab:9e:15:ce:4e:94:99:22:48:93:
ad:a7:b5:0e:91:cc:7c:23:ff:65:44:f2:aa:1c:a7:17:a4:11:
df:9d:14:d2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICElAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MTlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQwQjM5ODI1RkExMDU3
MDZGNzg1MDc0RUUwNjkxQjc0N0MxN0E1MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCZVE7McxKQOJvvs9Ee+bChevWtmyZIQPS9/W5cN3//aIKhJydo
EwjAIyl+xrdXR9L9N17tCd2fI/P4kaD260V9twhzpiy2yiZd0r5BIbyOif8wrEx3
QQc8hu9+Fd0scy1RKHq9dEkKsUjjmV8hvyPIuF0FaU3GAAtIjY+fUpcCGB/PXYl1
uteooM+XNylbfc7X+fHykBGiifbou1gSbmoiv1HfE4njlOBHvMiXqDxppgyhVCnN
wXX01He6ZxaY5t+LCXRqG9Uli2pae+yFLXWTbersToR2bLz3EdrNqYSw8z6z9CRp
SKVqfmFqWADLuyOj8SMwLJn2qOUHshLiKXqrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU0LOYJfoQVwb3hQdO4GkbdHwXpRgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMExPWUpmb1FWd2IzaFFkTzRHa2Jk
SHdYcFJnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN6c9jAN
BgkqhkiG9w0BAQsFAAOCAQEAqhcETjTIoHuEftjQwoFHK3yOWlawNUVEuUuhEui/
pixXZSFFkNAOwKXdYy4W+QGCEF2OB75OWSydqfSEoqOpGb/yJHvI4cpTTnexRnbU
KYwQQ6kaIkeYDHjhhZCC9cdUXTbLH/UYIg+upMCM/A/UobGUv9SzQdraLDueEYvM
gsmnsoswg0rcYtxt1DBqhc1iQr5k5Z/VuZ0bxKufG853GxH4pI8SBUO1lJ1Lk8kw
jMO1GcPyKbT7UKUMY8jm5loGEl2KX/6W8qES5eLUjGK6ZLQjMcJnlXUEji8AijQQ
5EGrnhXOTpSZIkiTrae1DpHMfCP/ZUTyqhynF6QR350U0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org