Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/3wQulWw_kpBV5rISwA_M4YWrtEM.roa
File: 3wQulWw_kpBV5rISwA_M4YWrtEM.roa (raw, json)
Hash identifier: Tzn6SFZsV7rHwaRDoCHQ+HGEuIC2h7r+46ZbmcjoZL8=
Subject key identifier: DF:04:2E:95:6C:3F:92:90:55:E6:B2:12:C0:0F:CC:E1:85:AB:B4:43
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3wQulWw_kpBV5rISwA_M4YWrtEM.roa
Signing time: Thu 15 Sep 2022 02:39:50 +0000
ROA not before: Thu 15 Sep 2022 02:39:50 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131142
IP address blocks: 223.22.16.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:39:50 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DF042E956C3F929055E6B212C00FCCE185ABB443
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e8:dc:f7:46:b9:f3:0d:01:28:4a:c6:db:69:
4e:f8:a6:52:50:6b:0e:83:0f:31:05:24:26:23:13:
f0:48:9d:6f:61:82:07:30:9e:1c:39:23:16:6a:77:
6e:51:a7:a8:49:5e:84:83:3e:75:53:75:ff:1c:b2:
b9:4c:ec:56:58:e9:d8:f3:62:49:2d:5d:d3:30:47:
f6:f1:e4:32:19:91:c2:ec:38:36:63:f8:24:52:b0:
0f:5c:bc:57:38:7c:dc:85:e0:4e:cd:e3:d9:e4:78:
7e:02:4d:7f:df:7a:3d:37:60:95:3b:36:52:74:95:
35:5b:1b:d9:62:8e:4b:bf:df:db:6e:55:56:65:a9:
c2:6a:32:7a:31:d5:87:50:92:b6:bf:48:12:00:1a:
2c:07:70:d0:cc:af:3c:c8:d6:d2:c4:2f:4a:f7:ee:
8d:99:43:02:34:b2:dc:60:42:72:c5:fc:71:93:ea:
f7:ce:ce:b8:9a:f2:8f:f6:09:d2:4a:55:29:e9:33:
0c:9b:f3:ea:49:cd:31:06:87:9e:c9:77:fe:87:1d:
e9:67:3d:52:71:e8:c9:c1:f8:f0:df:73:18:1e:e8:
b1:8c:1d:1b:ee:f4:77:50:83:4d:c0:1e:51:e0:37:
cb:1d:73:01:a4:ff:9c:63:be:a8:16:39:23:bf:52:
94:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:04:2E:95:6C:3F:92:90:55:E6:B2:12:C0:0F:CC:E1:85:AB:B4:43
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3wQulWw_kpBV5rISwA_M4YWrtEM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.16.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:50:e5:91:9c:67:31:9c:28:44:04:b9:54:67:5f:86:20:96:
27:5c:fd:72:2f:dc:08:f8:07:d3:fc:c0:04:6a:90:61:25:41:
8d:5c:05:46:26:43:6f:8c:a2:e5:45:b4:7c:78:bb:23:b5:a1:
ed:b1:8c:a7:41:7d:f3:0b:c1:13:e4:fd:cd:12:8b:17:92:63:
b1:51:6f:b7:27:66:72:8f:ea:86:dc:a4:cd:f3:b5:66:15:6c:
de:83:b6:22:b6:e1:6c:9d:29:9e:09:08:68:58:82:0f:0b:31:
3c:27:8b:0c:60:98:40:b4:ae:a8:9e:33:08:32:b5:db:c4:89:
13:d9:9c:29:ec:a0:98:a5:d1:b6:37:68:3e:97:81:4f:76:00:
2c:80:04:d4:76:ab:16:b6:58:95:1c:61:4e:9c:1f:db:97:b8:
74:14:84:7a:53:1a:d0:29:e7:65:a8:32:f4:a9:f7:62:3b:92:
05:ca:2c:94:18:7f:d3:60:52:d3:a8:a3:76:51:bc:43:28:a9:
16:70:94:dc:5f:9e:f5:91:62:dd:1c:3b:38:75:89:2d:c5:8d:
01:3f:18:ab:84:fd:f1:84:93:16:f2:b9:a0:ef:22:2b:51:cb:
96:6c:51:b6:62:6f:3b:53:8e:dc:03:ab:12:5c:56:04:1a:31:
65:83:5a:6f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERGMDQyRTk1NkMzRjky
OTA1NUU2QjIxMkMwMEZDQ0UxODVBQkI0NDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDA6Nz3RrnzDQEoSsbbaU74plJQaw6DDzEFJCYjE/BInW9hggcw
nhw5IxZqd25Rp6hJXoSDPnVTdf8csrlM7FZY6djzYkktXdMwR/bx5DIZkcLsODZj
+CRSsA9cvFc4fNyF4E7N49nkeH4CTX/fej03YJU7NlJ0lTVbG9lijku/39tuVVZl
qcJqMnox1YdQkra/SBIAGiwHcNDMrzzI1tLEL0r37o2ZQwI0stxgQnLF/HGT6vfO
zria8o/2CdJKVSnpMwyb8+pJzTEGh57Jd/6HHelnPVJx6MnB+PDfcxge6LGMHRvu
9HdQg03AHlHgN8sdcwGk/5xjvqgWOSO/UpR5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3wQulWw/kpBV5rISwA/M4YWrtEMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvM3dRdWxXd19rcEJWNXJJU3dBX000
WVdydEVNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8WEDAN
BgkqhkiG9w0BAQsFAAOCAQEAoVDlkZxnMZwoRAS5VGdfhiCWJ1z9ci/cCPgH0/zA
BGqQYSVBjVwFRiZDb4yi5UW0fHi7I7Wh7bGMp0F98wvBE+T9zRKLF5JjsVFvtydm
co/qhtykzfO1ZhVs3oO2IrbhbJ0pngkIaFiCDwsxPCeLDGCYQLSuqJ4zCDK128SJ
E9mcKeygmKXRtjdoPpeBT3YALIAE1HarFrZYlRxhTpwf25e4dBSEelMa0CnnZagy
9Kn3YjuSBcoslBh/02BS06ijdlG8QyipFnCU3F+e9ZFi3Rw7OHWJLcWNAT8Yq4T9
8YSTFvK5oO8iK1HLlmxRtmJvO1OO3AOrElxWBBoxZYNabw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org