Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/5DW939GgkSPhVfvx8TnoPQVvNbA.roa
File: 5DW939GgkSPhVfvx8TnoPQVvNbA.roa (raw, json)
Hash identifier: VOEhFZ5f5ltQ+uNm9qV0YoyTysdvL+lkIWkBXk5WUWE=
Subject key identifier: E4:35:BD:DF:D1:A0:91:23:E1:55:FB:F1:F1:39:E8:3D:05:6F:35:B0
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 10D4
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/5DW939GgkSPhVfvx8TnoPQVvNbA.roa
Signing time: Tue 16 May 2023 08:36:43 +0000
ROA not before: Tue 16 May 2023 08:36:43 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 210.58.128.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4308 (0x10d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:43 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=E435BDDFD1A09123E155FBF1F139E83D056F35B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c0:ff:19:b5:57:61:16:1e:dd:ef:3e:d5:d2:
a1:3a:2e:32:ad:0b:fd:88:e2:da:54:f4:1d:37:cc:
fb:e3:a1:9f:5b:5c:0e:18:d5:a6:be:8b:25:e1:42:
2b:95:72:bb:0a:0f:77:9e:ce:0b:c6:26:ec:4a:01:
53:3a:58:39:ed:02:1a:2b:8b:c7:20:f1:55:0a:29:
90:e8:48:52:4a:7f:66:0b:4e:ab:c4:ee:b7:77:15:
0b:d2:7d:58:0b:1b:33:f5:8e:00:82:01:04:32:3f:
97:a5:d9:f3:a0:9b:8b:7e:97:49:f7:61:ca:19:56:
39:85:77:43:35:19:cc:e8:58:93:66:7e:30:eb:56:
90:ab:c8:c8:2f:60:c5:44:f6:c3:b2:f1:f4:b6:8a:
e6:5e:a3:11:f2:c1:67:4b:08:d2:f0:98:07:55:99:
03:e6:22:8e:78:e9:86:f1:f0:b3:1a:69:ad:4b:f6:
c9:2b:1e:fc:6c:4e:6d:04:4c:f2:af:3f:4a:e5:27:
c7:b2:b0:af:55:ee:90:05:fb:ac:a1:62:3f:f7:e8:
c4:9a:10:01:73:5b:9b:26:f3:1c:84:63:d3:1d:ae:
10:fa:45:91:3d:1b:8f:0c:28:36:49:66:84:b8:22:
57:77:39:e5:03:a0:ed:0a:ef:fb:e9:de:91:85:a6:
28:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:35:BD:DF:D1:A0:91:23:E1:55:FB:F1:F1:39:E8:3D:05:6F:35:B0
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/5DW939GgkSPhVfvx8TnoPQVvNbA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.128.0/19
Signature Algorithm: sha256WithRSAEncryption
97:66:23:76:25:47:15:c5:5b:3f:cc:81:b7:c0:83:8c:3f:77:
b1:83:c3:af:9f:e7:e9:49:80:aa:61:68:d9:4b:74:6f:55:7f:
28:42:04:45:16:1f:99:78:31:11:9a:34:b9:29:30:4b:8f:af:
5c:b1:c7:7f:61:86:20:1d:3d:81:7a:72:d1:2d:e7:f5:25:a2:
79:0b:c3:6f:5b:64:5a:ff:42:24:b0:66:85:eb:84:62:5f:ca:
2a:a8:fe:e0:c8:a9:e9:3e:49:1d:92:ca:ff:f0:61:5e:85:19:
78:39:62:3f:d2:1e:03:b6:6f:9f:bc:20:c2:83:83:0c:8b:c2:
54:1b:7a:d4:4b:82:00:b1:9f:6a:0b:cd:2b:82:cd:5f:fd:20:
4a:03:62:2f:bb:64:54:00:3d:96:a3:5b:1d:3d:f8:05:2d:09:
d2:77:f4:01:83:a3:68:ca:4f:d8:9f:cd:61:b6:47:6c:61:06:
18:6f:be:59:91:df:09:f0:65:5c:68:3e:02:db:d8:cd:f6:be:
fc:62:08:bd:8a:fb:b1:e8:58:4a:b9:ed:26:82:35:35:94:b1:
d3:1f:56:89:2c:6f:24:46:6c:df:05:dc:0e:38:c4:cf:63:0c:
05:4b:e6:2c:e8:e5:aa:61:a7:c3:52:49:5e:4c:cc:a6:f5:88:
1d:ea:1a:a5
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICENQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2NDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEU0MzVCRERGRDFBMDkx
MjNFMTU1RkJGMUYxMzlFODNEMDU2RjM1QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHwP8ZtVdhFh7d7z7V0qE6LjKtC/2I4tpU9B03zPvjoZ9bXA4Y
1aa+iyXhQiuVcrsKD3eezgvGJuxKAVM6WDntAhori8cg8VUKKZDoSFJKf2YLTqvE
7rd3FQvSfVgLGzP1jgCCAQQyP5el2fOgm4t+l0n3YcoZVjmFd0M1GczoWJNmfjDr
VpCryMgvYMVE9sOy8fS2iuZeoxHywWdLCNLwmAdVmQPmIo546Ybx8LMaaa1L9skr
HvxsTm0ETPKvP0rlJ8eysK9V7pAF+6yhYj/36MSaEAFzW5sm8xyEY9MdrhD6RZE9
G48MKDZJZoS4Ild3OeUDoO0K7/vp3pGFpigpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU5DW939GgkSPhVfvx8TnoPQVvNbAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvNURXOTM5R2drU1BoVmZ2eDhUbm9Q
UVZ2TmJBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdI6gDAN
BgkqhkiG9w0BAQsFAAOCAQEAl2YjdiVHFcVbP8yBt8CDjD93sYPDr5/n6UmAqmFo
2Ut0b1V/KEIERRYfmXgxEZo0uSkwS4+vXLHHf2GGIB09gXpy0S3n9SWieQvDb1tk
Wv9CJLBmheuEYl/KKqj+4Mip6T5JHZLK//BhXoUZeDliP9IeA7Zvn7wgwoODDIvC
VBt61EuCALGfagvNK4LNX/0gSgNiL7tkVAA9lqNbHT34BS0J0nf0AYOjaMpP2J/N
YbZHbGEGGG++WZHfCfBlXGg+AtvYzfa+/GIIvYr7sehYSrntJoI1NZSx0x9WiSxv
JEZs3wXcDjjEz2MMBUvmLOjlqmGnw1JJXkzMpvWIHeoapQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org