Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/0icP-JQCNKrQ5W5NXzK0fcONigk.roa
File: 0icP-JQCNKrQ5W5NXzK0fcONigk.roa (raw, json)
Hash identifier: 0el2dGUi+N22miqfPMBPm4K+lmGg9khyc3u3zlg73hE=
Subject key identifier: D2:27:0F:F8:94:02:34:AA:D0:E5:6E:4D:5F:32:B4:7D:C3:8D:8A:09
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 126A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/0icP-JQCNKrQ5W5NXzK0fcONigk.roa
Signing time: Fri 01 Sep 2023 08:04:26 +0000
ROA not before: Fri 01 Sep 2023 08:04:26 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9311
IP address blocks: 210.200.79.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4714 (0x126a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:26 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D2270FF8940234AAD0E56E4D5F32B47DC38D8A09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6b:52:87:1c:66:0c:ac:ad:35:dd:77:89:0f:
3c:f1:ad:c4:89:5d:fe:bc:73:23:86:fe:de:09:26:
e2:4d:77:e2:f2:6b:09:f8:87:62:8f:b3:ed:84:98:
84:d9:9d:b2:46:98:f3:c0:9b:9c:d1:6e:48:85:97:
7a:23:fe:dc:fb:d1:70:ef:32:a9:ef:e2:4c:c8:99:
fd:d9:a8:d7:fd:9f:84:67:7f:d7:17:33:b3:be:61:
3a:24:2c:bf:76:95:d2:ff:8d:fd:15:92:3a:37:af:
82:a5:13:5a:21:50:77:bd:21:15:69:44:96:14:27:
c9:ba:53:fe:ff:6b:31:64:71:19:6a:37:e6:94:5a:
53:40:d5:f1:60:5a:f8:b5:4e:a0:aa:72:4c:cb:ad:
76:fc:4e:d5:66:8b:e0:c9:96:1e:6e:86:4d:86:2c:
43:3e:a3:7d:82:cf:75:50:b8:07:ef:9b:92:5b:43:
f1:ac:be:c6:41:54:8c:04:03:2e:c0:18:fa:8b:5f:
1e:34:32:cb:de:95:6e:67:6a:5f:47:ab:94:c8:6d:
d2:2c:20:b2:1a:2d:21:9c:33:64:29:cc:d7:50:6c:
76:6f:b0:a7:0c:31:31:fa:36:84:fd:b2:d1:1c:fa:
b6:97:01:d8:80:f9:77:5c:09:ed:d9:c1:95:ae:1b:
57:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:27:0F:F8:94:02:34:AA:D0:E5:6E:4D:5F:32:B4:7D:C3:8D:8A:09
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/0icP-JQCNKrQ5W5NXzK0fcONigk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.79.0/24
Signature Algorithm: sha256WithRSAEncryption
27:ad:fe:8f:4c:2e:e0:fc:6d:3a:05:b1:4a:13:65:58:73:32:
f3:05:b0:71:c9:41:30:95:49:ef:ac:0c:4e:14:59:1c:51:75:
22:01:d8:27:c3:a7:d7:25:9a:71:fa:1b:20:b1:17:a8:3a:f6:
c7:a9:f7:e1:14:83:03:e8:ac:80:a0:38:f5:26:f0:9a:ef:0c:
a0:fb:30:0a:3b:56:c1:81:09:3c:b4:a6:95:68:85:26:49:74:
2b:db:2f:2b:d7:ef:c2:4c:7f:3d:bd:5a:40:cd:db:e8:83:87:
40:78:fa:44:4c:a6:1a:e2:15:48:71:3b:a2:68:2b:57:12:e4:
b2:3c:e8:ae:8b:e3:d2:58:a7:2e:fc:3d:1a:07:e3:9d:b8:86:
1a:56:40:ec:44:fb:4b:ba:2a:88:c1:7f:2b:10:08:a1:1a:a8:
76:5a:4e:3b:36:d3:5b:49:89:ee:f1:4f:78:70:a4:8f:06:b6:
2b:4d:5b:61:50:da:ca:ca:11:7c:db:47:d9:96:47:40:28:3e:
54:cd:b1:c8:6c:8a:78:c7:0b:32:1e:3d:73:76:07:ca:15:80:
61:cf:7b:18:eb:56:0c:dc:e9:d3:dc:e6:ff:a4:a7:37:d3:f3:
99:02:cb:83:d6:3a:d1:d1:d8:b0:55:04:10:b4:35:8d:5e:be:
7e:cc:2f:87
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEmowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQyMjcwRkY4OTQwMjM0
QUFEMEU1NkU0RDVGMzJCNDdEQzM4RDhBMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4a1KHHGYMrK013XeJDzzxrcSJXf68cyOG/t4JJuJNd+Lyawn4
h2KPs+2EmITZnbJGmPPAm5zRbkiFl3oj/tz70XDvMqnv4kzImf3ZqNf9n4Rnf9cX
M7O+YTokLL92ldL/jf0Vkjo3r4KlE1ohUHe9IRVpRJYUJ8m6U/7/azFkcRlqN+aU
WlNA1fFgWvi1TqCqckzLrXb8TtVmi+DJlh5uhk2GLEM+o32Cz3VQuAfvm5JbQ/Gs
vsZBVIwEAy7AGPqLXx40MsvelW5nal9Hq5TIbdIsILIaLSGcM2QpzNdQbHZvsKcM
MTH6NoT9stEc+raXAdiA+XdcCe3ZwZWuG1fFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU0icP+JQCNKrQ5W5NXzK0fcONigkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMGljUC1KUUNOS3JRNVc1Tlh6SzBm
Y09OaWdrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANLITzAN
BgkqhkiG9w0BAQsFAAOCAQEAJ63+j0wu4PxtOgWxShNlWHMy8wWwcclBMJVJ76wM
ThRZHFF1IgHYJ8On1yWacfobILEXqDr2x6n34RSDA+isgKA49Sbwmu8MoPswCjtW
wYEJPLSmlWiFJkl0K9svK9fvwkx/Pb1aQM3b6IOHQHj6REymGuIVSHE7omgrVxLk
sjzorovj0linLvw9GgfjnbiGGlZA7ET7S7oqiMF/KxAIoRqodlpOOzbTW0mJ7vFP
eHCkjwa2K01bYVDaysoRfNtH2ZZHQCg+VM2xyGyKeMcLMh49c3YHyhWAYc97GOtW
DNzp09zm/6SnN9PzmQLLg9Y60dHYsFUEELQ1jV6+fswvhw==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org