Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/13BTMWzvUnCfMl1zmcSpwVDi9NA.roa
File: 13BTMWzvUnCfMl1zmcSpwVDi9NA.roa (raw, json)
Hash identifier: Q+9qjG7keRACJ4cqEKAql3BK6/TkjxlA/DcZCm4GBv0=
Subject key identifier: D7:70:53:31:6C:EF:52:70:9F:32:5D:73:99:C4:A9:C1:50:E2:F4:D0
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 129F
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/13BTMWzvUnCfMl1zmcSpwVDi9NA.roa
Signing time: Fri 01 Sep 2023 08:04:43 +0000
ROA not before: Fri 01 Sep 2023 08:04:43 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 210.63.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4767 (0x129f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:43 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D77053316CEF52709F325D7399C4A9C150E2F4D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ea:1f:39:6c:bd:ff:6b:53:12:74:14:d0:bb:
01:41:35:10:8d:62:38:41:aa:48:0f:a6:2b:0c:ed:
48:79:d6:be:c8:35:05:96:f0:90:72:1e:78:bc:c1:
26:b3:a6:08:f7:91:5a:28:3e:0e:54:7d:c7:b5:71:
e7:a4:df:5e:ce:80:70:69:f6:c7:d3:2e:24:49:11:
4e:a3:ad:52:36:a1:80:73:1f:fe:d4:8a:46:95:6d:
f0:e4:f0:d9:fc:29:4b:a8:20:a9:99:14:6e:bf:95:
38:7a:99:79:dd:5b:c1:51:dc:1c:14:a6:84:89:31:
c4:83:54:73:72:b4:a7:04:b8:47:c5:2a:1c:fa:4e:
08:18:1d:38:58:db:f7:e7:ed:b3:ec:f5:31:4f:21:
27:98:e7:f3:fe:49:ee:63:1b:b5:96:9c:01:b6:1c:
6f:3d:13:ce:3b:0c:83:d4:ea:70:ef:b9:73:38:36:
2d:07:a9:03:74:84:22:d8:59:52:bc:9a:81:da:dc:
3c:2e:b3:db:f9:bf:82:ac:4f:62:a4:29:33:7f:69:
04:2f:81:d6:32:df:4a:4f:46:73:e4:08:46:3e:28:
a4:55:3a:93:d2:bf:7e:7c:77:d4:05:87:7a:05:33:
e4:4e:af:25:2d:42:1b:99:19:6a:71:4a:ee:a6:09:
98:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:70:53:31:6C:EF:52:70:9F:32:5D:73:99:C4:A9:C1:50:E2:F4:D0
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/13BTMWzvUnCfMl1zmcSpwVDi9NA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
00:2b:60:69:d9:3d:ae:38:21:50:02:b6:a7:dd:e6:c5:65:14:
4e:1b:0b:ed:6f:54:7d:11:70:2d:be:d8:53:ad:f8:5f:08:f4:
a8:19:b9:c2:21:fa:c3:2a:8b:6b:64:8a:de:c1:88:60:6b:62:
4a:2b:78:a9:2f:1e:15:66:f0:89:3b:d9:11:8d:5b:ba:c6:79:
4d:5b:6c:bb:cc:2e:09:82:8e:d8:eb:bb:92:99:e1:52:fb:ad:
cf:68:38:6f:f5:ca:6b:68:e6:26:54:cd:08:82:b4:53:d7:b4:
60:e7:a5:fb:31:72:72:3a:9e:29:ba:9b:97:ac:85:43:a2:f7:
ed:62:2f:c7:f9:a5:4d:31:b2:42:8b:f2:d9:fd:2e:2f:7d:79:
e3:7d:91:0d:2f:fa:c6:c6:74:dc:74:37:8a:af:b6:bf:f3:e3:
3e:e0:e9:09:03:b0:04:31:a0:ef:57:28:37:f3:d7:ce:40:cb:
22:3a:d8:32:2b:5d:fe:a6:21:36:84:e4:39:ff:13:bc:e3:5c:
8f:63:0b:8a:0c:0b:64:10:65:45:3e:16:dd:d6:fd:77:8c:2a:
fe:20:0e:cd:9d:fd:da:66:de:06:32:91:77:a1:e2:5e:cf:da:
ec:79:eb:b7:ed:a9:38:70:24:4f:d9:5c:bf:a2:07:a4:2b:e8:
e9:6d:86:d0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEp8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ3NzA1MzMxNkNFRjUy
NzA5RjMyNUQ3Mzk5QzRBOUMxNTBFMkY0RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDP6h85bL3/a1MSdBTQuwFBNRCNYjhBqkgPpisM7Uh51r7INQWW
8JByHni8wSazpgj3kVooPg5Ufce1ceek317OgHBp9sfTLiRJEU6jrVI2oYBzH/7U
ikaVbfDk8Nn8KUuoIKmZFG6/lTh6mXndW8FR3BwUpoSJMcSDVHNytKcEuEfFKhz6
TggYHThY2/fn7bPs9TFPISeY5/P+Se5jG7WWnAG2HG89E847DIPU6nDvuXM4Ni0H
qQN0hCLYWVK8moHa3Dwus9v5v4KsT2KkKTN/aQQvgdYy30pPRnPkCEY+KKRVOpPS
v358d9QFh3oFM+ROryUtQhuZGWpxSu6mCZg9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU13BTMWzvUnCfMl1zmcSpwVDi9NAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMTNCVE1XenZVbkNmTWwxem1jU3B3
VkRpOU5BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtI/6DAN
BgkqhkiG9w0BAQsFAAOCAQEAACtgadk9rjghUAK2p93mxWUUThsL7W9UfRFwLb7Y
U634Xwj0qBm5wiH6wyqLa2SK3sGIYGtiSit4qS8eFWbwiTvZEY1busZ5TVtsu8wu
CYKO2Ou7kpnhUvutz2g4b/XKa2jmJlTNCIK0U9e0YOel+zFycjqeKbqbl6yFQ6L3
7WIvx/mlTTGyQovy2f0uL315432RDS/6xsZ03HQ3iq+2v/PjPuDpCQOwBDGg71co
N/PXzkDLIjrYMitd/qYhNoTkOf8TvONcj2MLigwLZBBlRT4W3db9d4wq/iAOzZ39
2mbeBjKRd6HiXs/a7Hnrt+2pOHAkT9lcv6IHpCvo6W2G0A==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org