Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/3Yg2QJPM5c1pnMllIfhR_c1yV0I.roa
File: 3Yg2QJPM5c1pnMllIfhR_c1yV0I.roa (raw, json)
Hash identifier: 3bMBul+X3eAHttkZj+BsyV5P1rLneGUYaN1fI1fyLa8=
Subject key identifier: DD:88:36:40:93:CC:E5:CD:69:9C:C9:65:21:F8:51:FD:CD:72:57:42
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1257
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3Yg2QJPM5c1pnMllIfhR_c1yV0I.roa
Signing time: Fri 01 Sep 2023 08:04:20 +0000
ROA not before: Fri 01 Sep 2023 08:04:20 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 203.79.208.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4695 (0x1257)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:20 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=DD88364093CCE5CD699CC96521F851FDCD725742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:95:1f:7c:dd:fb:b7:82:c1:67:6f:c8:14:4b:
72:07:0d:3e:6c:b6:5c:7c:bd:b8:36:88:8d:d5:6f:
74:9b:9b:b1:40:c8:44:33:2c:4f:ab:c0:25:ef:98:
c7:dd:a8:59:4d:46:b1:e0:d9:88:18:27:a7:b9:39:
01:b3:51:7b:20:64:25:f1:3a:05:30:80:55:22:bf:
ea:d9:35:39:14:86:c5:96:82:d0:0d:3f:39:91:1e:
db:5b:9d:84:7c:14:7b:05:30:a6:e2:cd:38:24:36:
bd:3e:f8:b4:4b:0e:83:34:1c:b2:e2:6d:50:96:81:
d1:28:69:91:d0:7b:f7:a5:e0:4d:b1:f3:fb:fa:23:
be:c7:43:c2:a9:1f:85:be:64:05:b8:75:0a:17:6a:
cb:3b:72:fc:06:40:7a:22:c2:76:a1:4e:ae:4d:bc:
2b:00:87:54:a9:3b:ca:35:22:fd:16:27:aa:68:9f:
64:22:50:db:e3:61:9c:69:57:03:52:87:5a:7a:c1:
e0:6a:8e:85:f7:fc:d9:c9:fe:4f:fc:eb:2f:db:f8:
f3:38:2c:4f:ba:88:da:1c:44:a3:e3:9a:b6:92:a4:
09:bf:c3:ed:bd:9f:00:47:d4:50:d2:5b:f1:36:c0:
18:cc:b3:2f:97:c5:02:32:f0:1d:34:b1:51:77:3d:
41:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:88:36:40:93:CC:E5:CD:69:9C:C9:65:21:F8:51:FD:CD:72:57:42
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3Yg2QJPM5c1pnMllIfhR_c1yV0I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.208.0/21
Signature Algorithm: sha256WithRSAEncryption
46:37:b0:05:0f:88:62:3f:5c:d3:a0:15:c1:b9:7f:d1:a9:90:
4f:49:ba:73:dc:bd:dc:ac:a0:53:e7:aa:24:8b:93:6e:03:53:
de:b4:a7:ec:34:8a:a2:0c:e2:42:ec:1c:7d:90:c0:72:40:83:
07:99:b4:34:d2:ba:78:2e:cf:ce:5c:1a:11:ed:81:f2:58:c3:
ce:38:a1:41:fa:ea:25:e7:37:f0:74:82:6f:20:c6:ff:bc:91:
57:c1:45:a1:a0:c0:e2:c3:be:c0:3d:a6:66:cd:5a:2c:ab:81:
19:0b:31:fa:bb:8a:2a:29:e5:30:cc:d0:ef:ca:4d:10:f1:8c:
b3:01:9a:0d:c5:b6:0d:c1:6b:26:b2:07:60:3f:4b:8d:7f:c9:
36:8a:58:a2:61:1c:8f:e9:e2:c4:eb:9a:20:e8:60:bb:57:8b:
d3:61:ca:2b:50:d5:31:e3:e7:05:f3:b9:19:c6:11:2c:58:ab:
18:35:3d:00:83:5f:8c:39:a0:85:0e:ea:2e:e9:61:07:a4:de:
1a:b6:f1:80:87:8b:0e:f0:de:73:a6:50:1e:b5:aa:70:24:93:
c7:7f:14:aa:2f:cb:f9:9f:39:90:cc:ad:ad:e3:9e:fc:40:64:
a2:63:43:d3:32:13:29:23:90:d5:a6:ba:0f:26:0b:e6:78:ad:
11:3a:6d:fe
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICElcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEREODgzNjQwOTNDQ0U1
Q0Q2OTlDQzk2NTIxRjg1MUZEQ0Q3MjU3NDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2lR983fu3gsFnb8gUS3IHDT5stlx8vbg2iI3Vb3Sbm7FAyEQz
LE+rwCXvmMfdqFlNRrHg2YgYJ6e5OQGzUXsgZCXxOgUwgFUiv+rZNTkUhsWWgtAN
PzmRHttbnYR8FHsFMKbizTgkNr0++LRLDoM0HLLibVCWgdEoaZHQe/el4E2x8/v6
I77HQ8KpH4W+ZAW4dQoXass7cvwGQHoiwnahTq5NvCsAh1SpO8o1Iv0WJ6pon2Qi
UNvjYZxpVwNSh1p6weBqjoX3/NnJ/k/86y/b+PM4LE+6iNocRKPjmraSpAm/w+29
nwBH1FDSW/E2wBjMsy+XxQIy8B00sVF3PUEVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3Yg2QJPM5c1pnMllIfhR/c1yV0IwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvM1lnMlFKUE01YzFwbk1sbElmaFJf
YzF5VjBJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8tP0DAN
BgkqhkiG9w0BAQsFAAOCAQEARjewBQ+IYj9c06AVwbl/0amQT0m6c9y93KygU+eq
JIuTbgNT3rSn7DSKogziQuwcfZDAckCDB5m0NNK6eC7PzlwaEe2B8ljDzjihQfrq
Jec38HSCbyDG/7yRV8FFoaDA4sO+wD2mZs1aLKuBGQsx+ruKKinlMMzQ78pNEPGM
swGaDcW2DcFrJrIHYD9LjX/JNopYomEcj+nixOuaIOhgu1eL02HKK1DVMePnBfO5
GcYRLFirGDU9AINfjDmghQ7qLulhB6TeGrbxgIeLDvDec6ZQHrWqcCSTx38Uqi/L
+Z85kMytreOe/EBkomND0zITKSOQ1aa6DyYL5nitETpt/g==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org