Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/3IDjZY9255n7bFesb9fnIevZ0XE.roa
File: 3IDjZY9255n7bFesb9fnIevZ0XE.roa (raw, json)
Hash identifier: 3jLA9qwZdGMh08HmoIFz4gTqWs48NdEoo4lrtW5CQDg=
Subject key identifier: DC:80:E3:65:8F:76:E7:99:FB:6C:57:AC:6F:D7:E7:21:EB:D9:D1:71
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3IDjZY9255n7bFesb9fnIevZ0XE.roa
Signing time: Thu 15 Sep 2022 02:40:02 +0000
ROA not before: Thu 15 Sep 2022 02:40:02 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 7482
IP address blocks: 124.219.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:40:02 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DC80E3658F76E799FB6C57AC6FD7E721EBD9D171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:98:83:6b:26:08:2c:81:48:17:0a:c7:40:31:
c3:bc:cc:5e:92:0d:f8:c6:e1:22:cd:9f:91:46:48:
ea:6a:f2:f5:3e:0a:14:9a:8c:22:1d:6b:63:bc:7e:
45:aa:92:f2:dc:b3:77:61:58:80:f5:92:60:30:06:
4f:4a:2e:1c:e3:23:e8:90:d2:53:4b:41:b8:0b:a5:
84:13:07:f2:4a:55:3c:76:ab:7b:60:9d:64:cd:45:
63:b2:9b:b6:d4:21:38:32:68:6e:6c:17:c1:09:46:
b7:15:9d:6a:33:dd:9d:88:e5:94:3d:a5:39:2a:5c:
a2:e1:99:25:5b:cc:02:c7:38:f9:0d:54:72:f1:2b:
89:b4:eb:6b:b9:04:e8:45:16:8b:5a:a2:17:92:5b:
83:fc:ad:21:94:c9:3b:4c:e3:73:a7:7b:be:43:a4:
85:c6:90:66:66:55:41:20:a0:74:f9:e5:f0:fe:39:
81:d8:ab:53:0b:ff:83:04:7a:b7:fc:53:d7:24:64:
d5:f2:f3:b3:ac:64:85:c6:60:00:b8:d3:b6:5f:f1:
df:f9:7d:33:68:c8:66:12:41:26:05:e6:48:b9:83:
64:a4:22:9d:02:3e:8d:a5:f4:7f:e7:72:e2:e5:40:
23:ac:63:66:40:5a:39:13:6e:90:54:12:59:73:a3:
ec:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:80:E3:65:8F:76:E7:99:FB:6C:57:AC:6F:D7:E7:21:EB:D9:D1:71
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3IDjZY9255n7bFesb9fnIevZ0XE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.219.0.0/17
Signature Algorithm: sha256WithRSAEncryption
7c:47:4f:86:47:e5:1d:0e:8b:b0:7f:a4:6a:75:6d:d0:e7:35:
ac:99:09:fd:3f:f4:53:b8:5d:92:d7:3a:1c:20:14:42:95:bf:
24:9c:53:2e:1c:28:3a:66:79:b5:03:2a:d4:dc:5a:4d:b5:87:
cc:98:bd:b6:2a:e8:c6:34:a5:31:d5:17:0c:00:e8:2c:dc:a5:
4b:6f:ef:6c:fc:5f:b6:2d:4c:29:c9:a1:56:5d:d5:1e:ed:50:
b8:a6:c4:69:29:1b:6f:a7:71:64:4d:e6:13:51:70:2d:6b:37:
f9:9d:48:30:46:28:cf:12:1f:5c:ad:fa:79:b5:cf:3e:ea:96:
9e:f4:f1:b6:c1:50:d5:a1:86:ef:66:cb:99:76:eb:5c:29:c1:
15:5c:95:24:9f:cc:8c:4b:67:1e:4c:16:f2:d1:5d:11:4a:01:
85:db:31:8f:4c:42:15:1b:38:75:1f:c6:6e:63:66:5a:6d:86:
b5:10:71:d5:81:c2:fa:a4:0a:4a:26:4f:90:e4:a2:6f:8a:c8:
4d:75:16:07:f8:41:01:1e:10:27:f3:5d:11:7c:88:95:e6:de:
8e:ee:c5:14:80:14:7a:b7:bc:00:b5:ff:ea:3d:45:b6:00:2d:
13:bb:62:7b:93:af:97:b3:15:18:d1:17:3c:f5:fd:a6:43:e6:
89:73:c5:e4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERDODBFMzY1OEY3NkU3
OTlGQjZDNTdBQzZGRDdFNzIxRUJEOUQxNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQComINrJggsgUgXCsdAMcO8zF6SDfjG4SLNn5FGSOpq8vU+ChSa
jCIda2O8fkWqkvLcs3dhWID1kmAwBk9KLhzjI+iQ0lNLQbgLpYQTB/JKVTx2q3tg
nWTNRWOym7bUITgyaG5sF8EJRrcVnWoz3Z2I5ZQ9pTkqXKLhmSVbzALHOPkNVHLx
K4m062u5BOhFFotaoheSW4P8rSGUyTtM43One75DpIXGkGZmVUEgoHT55fD+OYHY
q1ML/4MEerf8U9ckZNXy87OsZIXGYAC407Zf8d/5fTNoyGYSQSYF5ki5g2SkIp0C
Po2l9H/ncuLlQCOsY2ZAWjkTbpBUEllzo+wtAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3IDjZY9255n7bFesb9fnIevZ0XEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvM0lEalpZOTI1NW43YkZlc2I5Zm5J
ZXZaMFhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3zbADAN
BgkqhkiG9w0BAQsFAAOCAQEAfEdPhkflHQ6LsH+kanVt0Oc1rJkJ/T/0U7hdktc6
HCAUQpW/JJxTLhwoOmZ5tQMq1NxaTbWHzJi9tiroxjSlMdUXDADoLNylS2/vbPxf
ti1MKcmhVl3VHu1QuKbEaSkbb6dxZE3mE1FwLWs3+Z1IMEYozxIfXK36ebXPPuqW
nvTxtsFQ1aGG72bLmXbrXCnBFVyVJJ/MjEtnHkwW8tFdEUoBhdsxj0xCFRs4dR/G
bmNmWm2GtRBx1YHC+qQKSiZPkOSib4rITXUWB/hBAR4QJ/NdEXyIlebeju7FFIAU
ere8ALX/6j1FtgAtE7tie5Ovl7MVGNEXPPX9pkPmiXPF5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org