Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/3xCcHybPwEiJyeZQ9hEAA43UdZA.roa
File: 3xCcHybPwEiJyeZQ9hEAA43UdZA.roa (raw, json)
Hash identifier: HhFePHV3D2m/3dvM23sdhGy4iNaS/1QTcQnF1muL+QI=
Subject key identifier: DF:10:9C:1F:26:CF:C0:48:89:C9:E6:50:F6:11:00:03:8D:D4:75:90
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12F2
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3xCcHybPwEiJyeZQ9hEAA43UdZA.roa
Signing time: Fri 01 Sep 2023 08:05:12 +0000
ROA not before: Fri 01 Sep 2023 08:05:12 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 210.203.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4850 (0x12f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:12 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=DF109C1F26CFC04889C9E650F61100038DD47590
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:91:8f:f7:40:a8:0f:39:88:78:b8:7d:8b:3a:
c9:4c:96:8f:f1:23:dd:10:50:ec:70:f9:a0:19:d6:
c7:a1:0f:c2:47:ea:c2:fc:ae:03:3f:9c:a3:7b:77:
d4:19:6a:d1:da:97:35:97:74:07:04:ba:a1:38:d2:
cf:99:a7:ad:68:fe:2f:0b:ef:36:74:42:f2:1e:16:
09:f7:e1:ab:37:86:07:92:fc:a9:60:1a:8d:be:83:
49:ef:7b:3b:d9:82:48:8c:9f:a6:3e:d5:35:c6:81:
14:e0:0d:ca:a1:88:cc:e8:0f:cc:d4:73:f1:7f:87:
8d:ab:4d:b5:dc:6d:e4:fb:fc:3e:72:ce:f7:61:7a:
ca:2d:1f:fb:1b:56:9c:da:9a:f6:4c:9b:3e:d7:f9:
54:22:e4:30:16:da:7a:9c:ab:69:e9:84:9a:75:d3:
14:70:4d:e2:28:76:b8:a6:44:38:95:d7:7d:f7:ea:
cb:07:8d:9e:8f:05:30:33:69:4e:c4:cd:3e:5a:fd:
d9:1b:46:76:bb:99:ce:da:d4:b8:0d:e1:52:b6:7c:
1b:24:58:e5:ec:02:a4:e0:47:4e:0e:d2:a4:7c:f4:
1b:be:85:70:b7:ee:88:ad:96:12:1e:1e:2d:6b:89:
f3:85:41:1f:6c:b5:ef:a5:ec:3d:aa:b1:9b:b7:f5:
19:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:10:9C:1F:26:CF:C0:48:89:C9:E6:50:F6:11:00:03:8D:D4:75:90
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/3xCcHybPwEiJyeZQ9hEAA43UdZA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/17
Signature Algorithm: sha256WithRSAEncryption
54:91:e9:91:ca:8e:f4:b2:a2:d6:4b:ef:88:44:60:20:42:85:
a9:b1:cf:43:6b:f4:01:78:8c:20:cb:ee:41:68:76:28:00:37:
88:de:28:8f:a2:15:42:f5:56:b4:7e:ae:b5:e4:8c:d1:74:02:
fc:ff:c8:76:f9:a6:fd:81:b2:92:72:b2:c2:42:59:bb:ac:1d:
e7:31:b0:b2:0a:eb:4e:4a:ec:f9:38:af:86:73:f5:7e:67:83:
b2:f7:f9:6b:8f:76:b4:98:d3:46:1a:ca:dd:7a:39:c4:a7:49:
97:0a:bd:bd:a5:ae:bb:4e:b0:45:c8:4d:d4:aa:a4:86:68:0f:
13:eb:0d:66:46:2e:3d:54:cb:0c:bd:0b:36:45:d8:5f:3e:17:
4a:38:1b:f9:94:c8:2d:be:d4:30:45:d6:c2:1d:a2:d6:29:03:
1e:bf:14:56:4f:3d:04:65:2d:12:1c:0e:5e:e4:28:8c:62:3e:
ff:e9:98:47:a9:dd:25:c3:3f:47:c0:76:0c:c4:cb:e0:7e:e1:
60:8b:82:04:17:27:a4:3a:df:5e:fc:0f:72:2f:2d:dc:e5:ca:
ad:00:1b:2d:2b:46:a5:ab:9b:41:65:e4:59:f0:47:3f:3c:f9:
fb:df:f8:1c:53:fa:34:5c:69:55:71:a3:5c:a2:67:fc:82:79:
a6:29:fc:d5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEvIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKERGMTA5QzFGMjZDRkMw
NDg4OUM5RTY1MEY2MTEwMDAzOERENDc1OTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbkY/3QKgPOYh4uH2LOslMlo/xI90QUOxw+aAZ1sehD8JH6sL8
rgM/nKN7d9QZatHalzWXdAcEuqE40s+Zp61o/i8L7zZ0QvIeFgn34as3hgeS/Klg
Go2+g0nvezvZgkiMn6Y+1TXGgRTgDcqhiMzoD8zUc/F/h42rTbXcbeT7/D5yzvdh
esotH/sbVpzamvZMmz7X+VQi5DAW2nqcq2nphJp10xRwTeIodrimRDiV13336ssH
jZ6PBTAzaU7EzT5a/dkbRna7mc7a1LgN4VK2fBskWOXsAqTgR04O0qR89Bu+hXC3
7oitlhIeHi1rifOFQR9ste+l7D2qsZu39RmrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU3xCcHybPwEiJyeZQ9hEAA43UdZAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvM3hDY0h5YlB3RWlKeWVaUTloRUFB
NDNVZFpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LLADAN
BgkqhkiG9w0BAQsFAAOCAQEAVJHpkcqO9LKi1kvviERgIEKFqbHPQ2v0AXiMIMvu
QWh2KAA3iN4oj6IVQvVWtH6uteSM0XQC/P/Idvmm/YGyknKywkJZu6wd5zGwsgrr
Tkrs+TivhnP1fmeDsvf5a492tJjTRhrK3Xo5xKdJlwq9vaWuu06wRchN1KqkhmgP
E+sNZkYuPVTLDL0LNkXYXz4XSjgb+ZTILb7UMEXWwh2i1ikDHr8UVk89BGUtEhwO
XuQojGI+/+mYR6ndJcM/R8B2DMTL4H7hYIuCBBcnpDrfXvwPci8t3OXKrQAbLStG
paubQWXkWfBHPzz5+9/4HFP6NFxpVXGjXKJn/IJ5pin81Q==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org