Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/37JHTU6p9tmKVcf-NRs92WyirTQ.roa
File: 37JHTU6p9tmKVcf-NRs92WyirTQ.roa (raw, json)
Hash identifier: XUQ4OckwY7H9cVP7FC3U8uFLkxcv2JraCJUx7d58szo=
Subject key identifier: DF:B2:47:4D:4E:A9:F6:D9:8A:55:C7:FE:35:1B:3D:D9:6C:A2:AD:34
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12A7
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/37JHTU6p9tmKVcf-NRs92WyirTQ.roa
Signing time: Fri 01 Sep 2023 08:04:46 +0000
ROA not before: Fri 01 Sep 2023 08:04:46 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 222.156.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4775 (0x12a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:46 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=DFB2474D4EA9F6D98A55C7FE351B3DD96CA2AD34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:36:fd:f3:ed:c3:d4:15:5d:be:5b:13:8d:de:
2d:6d:f3:03:28:f2:e4:e6:11:03:74:37:68:d6:2d:
5e:37:3c:8c:94:63:65:36:1e:49:fd:c2:71:69:c0:
38:33:d0:09:c8:0e:1f:80:ce:ab:30:1d:d1:f6:49:
3a:31:ef:2c:b9:ec:97:a8:a6:3f:82:c1:e6:f0:a6:
56:8a:5f:6b:f3:f4:ce:5f:53:c3:38:4f:2c:38:ca:
27:d5:22:41:b0:ca:0c:e6:99:8a:06:bc:04:b4:ef:
77:87:cc:1e:66:d8:81:32:d6:48:7f:59:ee:75:e6:
75:3b:b4:75:29:da:81:8f:d0:29:53:94:da:30:cc:
ec:8c:90:e5:53:88:e6:45:89:b9:5e:8a:9c:87:c8:
6b:08:cd:76:ab:41:5c:61:bc:d7:ca:03:4a:99:35:
fb:71:bc:4b:b1:d1:70:3d:47:c5:6e:3f:21:66:82:
98:91:e8:6a:7c:40:b4:52:c9:b0:fe:9c:bc:cf:83:
79:f7:f4:05:69:5a:c8:07:1d:7a:3d:93:cc:16:da:
46:80:ba:d2:6c:ca:28:be:e1:9d:bd:af:9b:93:bf:
70:f1:3b:99:91:03:39:31:10:cf:4f:19:1c:77:4e:
8c:e4:e4:d1:8a:f7:01:5e:b5:3e:56:95:b8:a0:c6:
b7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B2:47:4D:4E:A9:F6:D9:8A:55:C7:FE:35:1B:3D:D9:6C:A2:AD:34
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/37JHTU6p9tmKVcf-NRs92WyirTQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.156.254.0/24
Signature Algorithm: sha256WithRSAEncryption
43:f7:75:3e:10:58:9a:77:ae:4c:65:b0:a3:6a:28:e0:74:89:
d8:73:a3:ea:8a:82:94:8b:8a:81:c6:c3:87:7d:af:30:ce:65:
a8:98:45:fd:4f:87:83:04:a1:f0:f3:f0:cc:3a:ae:c1:8f:80:
e1:15:8a:d3:7d:05:dd:34:56:ea:73:9a:aa:c7:05:6f:38:e2:
11:b3:fd:97:f6:2b:c9:70:ce:2f:9f:7f:ca:1c:98:1f:3e:36:
69:fd:b2:b5:7e:c1:3e:c2:e4:61:08:54:f1:0d:7a:a2:5f:2d:
38:95:78:98:89:ba:ca:20:76:f6:f2:b9:c7:35:18:9a:57:96:
10:2b:f3:a5:8b:94:2c:48:a0:f4:38:ad:53:07:0f:4d:25:f3:
43:6a:32:56:79:4e:5e:a1:a2:60:6b:8a:b8:f8:14:bb:4a:46:
a5:90:3b:8b:27:4e:90:c9:bd:35:a6:1a:5d:80:85:4c:1f:a2:
37:02:42:d7:c9:84:a9:a5:f0:4e:b0:21:88:66:d1:32:0f:ca:
bf:80:d5:ac:fd:5f:db:9d:78:d1:3a:8a:e4:f0:98:ed:73:ed:
6f:18:d6:d4:6b:0d:77:1b:4a:e7:35:92:8a:2b:33:23:d9:83:
d5:5c:9d:df:b2:9d:32:b6:04:cb:93:75:39:5b:aa:af:36:38:
4e:ce:0b:6f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEqcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKERGQjI0NzRENEVBOUY2
RDk4QTU1QzdGRTM1MUIzREQ5NkNBMkFEMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsNv3z7cPUFV2+WxON3i1t8wMo8uTmEQN0N2jWLV43PIyUY2U2
Hkn9wnFpwDgz0AnIDh+AzqswHdH2STox7yy57Jeopj+CwebwplaKX2vz9M5fU8M4
Tyw4yifVIkGwygzmmYoGvAS073eHzB5m2IEy1kh/We515nU7tHUp2oGP0ClTlNow
zOyMkOVTiOZFibleipyHyGsIzXarQVxhvNfKA0qZNftxvEux0XA9R8VuPyFmgpiR
6Gp8QLRSybD+nLzPg3n39AVpWsgHHXo9k8wW2kaAutJsyii+4Z29r5uTv3DxO5mR
AzkxEM9PGRx3Tozk5NGK9wFetT5WlbigxrevAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU37JHTU6p9tmKVcf+NRs92WyirTQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvMzdKSFRVNnA5dG1LVmNmLU5Sczky
V3lpclRRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN6c/jAN
BgkqhkiG9w0BAQsFAAOCAQEAQ/d1PhBYmneuTGWwo2oo4HSJ2HOj6oqClIuKgcbD
h32vMM5lqJhF/U+HgwSh8PPwzDquwY+A4RWK030F3TRW6nOaqscFbzjiEbP9l/Yr
yXDOL59/yhyYHz42af2ytX7BPsLkYQhU8Q16ol8tOJV4mIm6yiB29vK5xzUYmleW
ECvzpYuULEig9DitUwcPTSXzQ2oyVnlOXqGiYGuKuPgUu0pGpZA7iydOkMm9NaYa
XYCFTB+iNwJC18mEqaXwTrAhiGbRMg/Kv4DVrP1f25140TqK5PCY7XPtbxjW1GsN
dxtK5zWSiiszI9mD1Vyd37KdMrYEy5N1OVuqrzY4Ts4Lbw==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org