Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/2eObE5ySxuxDUTDWTedSJOQc974.roa
File: 2eObE5ySxuxDUTDWTedSJOQc974.roa (raw, json)
Hash identifier: j2imath4LINQAU4oXCjq+b8yR+eMYSboDGPA2NzKm3s=
Subject key identifier: D9:E3:9B:13:9C:92:C6:EC:43:51:30:D6:4D:E7:52:24:E4:1C:F7:BE
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12F6
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2eObE5ySxuxDUTDWTedSJOQc974.roa
Signing time: Fri 01 Sep 2023 08:05:13 +0000
ROA not before: Fri 01 Sep 2023 08:05:13 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131142
IP address blocks: 203.79.204.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4854 (0x12f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:13 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D9E39B139C92C6EC435130D64DE75224E41CF7BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:aa:40:71:08:0f:4b:dd:8c:c2:34:80:98:82:
cd:1d:97:23:fe:3d:a9:92:5c:26:86:e6:46:6c:ec:
b6:33:54:b5:e7:9c:df:73:23:65:68:55:e5:e5:2f:
d3:70:fa:30:95:40:e2:9a:a7:c8:63:d7:b6:13:ed:
5f:1f:e2:f2:07:9a:f1:e6:c7:c6:11:00:f2:80:ca:
8a:d8:4c:45:84:9c:59:63:12:80:75:72:16:ce:a5:
c6:19:28:a4:24:37:56:16:eb:7c:4e:48:03:0c:82:
b1:f8:a9:44:b6:26:61:41:05:8d:14:b0:08:17:3e:
31:dc:c7:a1:2d:57:68:3b:d2:5c:20:70:04:33:de:
04:58:a8:ac:f2:bb:44:23:30:a4:ac:68:d9:24:f4:
2c:ba:0b:93:2a:0a:c4:5a:ef:aa:b7:57:e4:1c:43:
ae:83:5d:14:0c:93:cc:2f:94:79:0c:c7:10:0a:9a:
8d:1a:e6:79:7d:94:55:ec:91:27:8a:7d:fd:91:0a:
d9:13:66:90:7f:0c:80:2d:15:67:61:2f:cf:55:9e:
7a:af:b0:79:99:0a:e5:47:e0:eb:a3:08:20:49:f9:
80:85:17:9b:e4:9f:d4:ca:56:09:39:84:67:a9:8f:
ca:3a:a4:ec:34:e2:cb:b1:83:f5:e4:45:3a:86:fb:
0e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E3:9B:13:9C:92:C6:EC:43:51:30:D6:4D:E7:52:24:E4:1C:F7:BE
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/2eObE5ySxuxDUTDWTedSJOQc974.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.204.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:e7:da:4f:ab:05:ee:3a:3e:be:f0:ad:22:24:83:c5:25:60:
01:c2:a4:3e:24:5d:70:06:3f:a8:23:e6:c7:f6:32:17:55:70:
29:fd:69:f3:42:aa:dd:74:89:25:43:2d:ee:83:f0:70:a3:55:
8a:f6:d6:34:6f:15:8a:bf:99:0e:89:28:00:4c:fa:e5:ee:fd:
97:21:e2:9b:fe:ac:2e:b1:50:c9:03:a2:1b:cb:7c:76:3d:9d:
7f:31:da:94:51:ef:eb:8d:d3:c8:39:49:aa:b5:2b:db:79:d6:
db:38:1a:2b:9f:05:60:63:d5:70:71:a9:9b:73:4a:af:03:ad:
70:f8:5b:4e:da:c3:31:31:9d:46:f3:4f:4c:1e:35:32:9d:68:
a9:8f:f1:aa:51:1f:3b:95:ac:5b:e1:f1:87:ad:2b:49:c3:ae:
fd:3a:63:03:77:f9:9f:70:ee:11:9a:23:47:8c:90:ae:8b:2f:
e4:b0:69:6b:70:c1:5e:96:bb:d5:b4:c0:dd:30:7a:72:65:c5:
22:75:0f:53:68:72:16:e8:bb:8d:75:dc:eb:17:68:bb:28:c4:
b3:d6:55:b9:fe:e5:c3:1f:3d:13:02:fd:0e:5b:17:60:cb:9d:
eb:08:0f:49:54:11:16:7e:ad:08:c1:50:dc:f7:c8:84:50:da:
65:54:85:49
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEvYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ5RTM5QjEzOUM5MkM2
RUM0MzUxMzBENjRERTc1MjI0RTQxQ0Y3QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0qkBxCA9L3YzCNICYgs0dlyP+PamSXCaG5kZs7LYzVLXnnN9z
I2VoVeXlL9Nw+jCVQOKap8hj17YT7V8f4vIHmvHmx8YRAPKAyorYTEWEnFljEoB1
chbOpcYZKKQkN1YW63xOSAMMgrH4qUS2JmFBBY0UsAgXPjHcx6EtV2g70lwgcAQz
3gRYqKzyu0QjMKSsaNkk9Cy6C5MqCsRa76q3V+QcQ66DXRQMk8wvlHkMxxAKmo0a
5nl9lFXskSeKff2RCtkTZpB/DIAtFWdhL89VnnqvsHmZCuVH4OujCCBJ+YCFF5vk
n9TKVgk5hGepj8o6pOw04suxg/XkRTqG+w71AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU2eObE5ySxuxDUTDWTedSJOQc974wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMmVPYkU1eVN4dXhEVVREV1RlZFNK
T1FjOTc0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEActPzDAN
BgkqhkiG9w0BAQsFAAOCAQEAX+faT6sF7jo+vvCtIiSDxSVgAcKkPiRdcAY/qCPm
x/YyF1VwKf1p80Kq3XSJJUMt7oPwcKNVivbWNG8Vir+ZDokoAEz65e79lyHim/6s
LrFQyQOiG8t8dj2dfzHalFHv643TyDlJqrUr23nW2zgaK58FYGPVcHGpm3NKrwOt
cPhbTtrDMTGdRvNPTB41Mp1oqY/xqlEfO5WsW+Hxh60rScOu/TpjA3f5n3DuEZoj
R4yQrosv5LBpa3DBXpa71bTA3TB6cmXFInUPU2hyFui7jXXc6xdouyjEs9ZVuf7l
wx89EwL9DlsXYMud6wgPSVQRFn6tCMFQ3PfIhFDaZVSFSQ==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org