Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/5NSsGlhg5DZxpdsFn8HlUSIfumE.roa
File: 5NSsGlhg5DZxpdsFn8HlUSIfumE.roa (raw, json)
Hash identifier: nzc7GJeJcIn3oZWy0DnTzPRRbRJyH+Hb5LPmlquyoy8=
Subject key identifier: E4:D4:AC:1A:58:60:E4:36:71:A5:DB:05:9F:C1:E5:51:22:1F:BA:61
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12B8
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/5NSsGlhg5DZxpdsFn8HlUSIfumE.roa
Signing time: Fri 01 Sep 2023 08:04:54 +0000
ROA not before: Fri 01 Sep 2023 08:04:54 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 16625
IP address blocks: 210.203.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4792 (0x12b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:54 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=E4D4AC1A5860E43671A5DB059FC1E551221FBA61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:67:9b:0c:1f:c2:b7:ed:95:6a:8b:09:3f:53:
77:bf:1f:64:fc:29:38:55:85:bf:27:7f:a5:6a:b8:
6d:9e:ec:b5:77:26:81:15:e1:9d:c0:ed:d8:a1:34:
3b:12:88:d9:1e:b2:63:b2:e3:d7:5f:4c:f0:bb:46:
5d:83:72:81:38:4a:a5:7e:ca:36:27:3e:e1:a7:08:
ad:ac:a4:02:9e:7d:51:14:cc:1d:8b:de:86:6d:31:
30:52:13:4d:85:f4:14:3a:3a:08:e3:62:b8:c3:11:
1f:c1:7c:cb:9b:10:59:2d:0d:3a:2a:61:6c:ae:83:
c5:fb:9f:cf:46:19:39:59:3b:d3:44:7e:51:65:01:
2c:c8:b2:02:f5:6c:d8:c4:18:ba:4e:39:d7:c7:85:
af:12:1c:27:fc:31:38:d3:1a:51:9c:53:8a:3a:5d:
2a:ff:3b:f1:40:07:52:cf:c2:6d:3f:fe:97:7c:d6:
0b:33:e1:73:88:4d:c9:f9:71:a0:b0:9b:31:c6:a8:
5c:40:b0:e0:fb:4c:de:38:da:b1:4f:2c:3d:e2:94:
3d:23:69:58:34:39:be:03:ea:c7:e2:65:c0:8d:1d:
4c:e8:e7:1f:27:ac:3d:ce:c4:cf:0d:95:e0:cc:e2:
84:de:ed:d4:e1:ee:b1:9d:78:7f:09:9c:9c:d0:6f:
06:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:D4:AC:1A:58:60:E4:36:71:A5:DB:05:9F:C1:E5:51:22:1F:BA:61
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/5NSsGlhg5DZxpdsFn8HlUSIfumE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.8.0/21
Signature Algorithm: sha256WithRSAEncryption
b5:8a:85:8f:7f:49:57:d6:e3:64:98:b2:93:94:49:5a:d7:ab:
4b:14:fd:18:32:49:85:da:9f:8d:da:38:73:7d:9c:9f:14:bd:
38:ac:ea:e7:85:50:e5:08:05:15:36:87:15:f7:5c:8c:07:a4:
ac:85:95:05:25:e4:f7:10:f9:3e:ff:ee:ce:c3:b9:92:75:db:
3f:bc:55:3a:66:31:83:cb:09:18:d1:39:47:02:13:c8:8b:30:
54:68:ef:02:22:c7:ab:66:93:a2:66:00:f0:5b:6e:d5:11:b6:
6b:a1:7e:f9:49:ec:7a:10:78:19:3b:30:bd:81:4c:af:5d:08:
b0:60:1a:07:5a:f3:20:3d:f8:33:b5:a5:a9:d9:d4:f4:7b:c6:
84:57:aa:43:b2:19:b0:5b:54:3a:a4:09:6e:4d:71:9e:20:f0:
02:d7:75:4b:4c:53:bd:ec:4d:d0:d8:27:02:2b:8e:9d:d0:a5:
64:42:60:85:02:c0:2f:bb:c2:75:8b:9d:0b:a7:ad:d2:37:15:
f5:50:93:b7:77:0b:0b:a0:13:57:91:7c:e2:c6:d4:3b:42:2e:
79:a9:e0:5a:ca:01:66:c1:ea:b9:09:d1:c6:ad:69:0c:bb:73:
3f:ff:9a:8e:b1:a2:cb:58:be:d1:47:2d:99:ad:d4:e9:f4:11:
43:d9:d5:f2
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICErgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEU0RDRBQzFBNTg2MEU0
MzY3MUE1REIwNTlGQzFFNTUxMjIxRkJBNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiZ5sMH8K37ZVqiwk/U3e/H2T8KThVhb8nf6VquG2e7LV3JoEV
4Z3A7dihNDsSiNkesmOy49dfTPC7Rl2DcoE4SqV+yjYnPuGnCK2spAKefVEUzB2L
3oZtMTBSE02F9BQ6OgjjYrjDER/BfMubEFktDToqYWyug8X7n89GGTlZO9NEflFl
ASzIsgL1bNjEGLpOOdfHha8SHCf8MTjTGlGcU4o6XSr/O/FAB1LPwm0//pd81gsz
4XOITcn5caCwmzHGqFxAsOD7TN442rFPLD3ilD0jaVg0Ob4D6sfiZcCNHUzo5x8n
rD3OxM8NleDM4oTe7dTh7rGdeH8JnJzQbwYfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU5NSsGlhg5DZxpdsFn8HlUSIfumEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvNU5Tc0dsaGc1RFp4cGRzRm44SGxV
U0lmdW1FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9LLCDAN
BgkqhkiG9w0BAQsFAAOCAQEAtYqFj39JV9bjZJiyk5RJWterSxT9GDJJhdqfjdo4
c32cnxS9OKzq54VQ5QgFFTaHFfdcjAekrIWVBSXk9xD5Pv/uzsO5knXbP7xVOmYx
g8sJGNE5RwITyIswVGjvAiLHq2aTomYA8Ftu1RG2a6F++UnsehB4GTswvYFMr10I
sGAaB1rzID34M7WlqdnU9HvGhFeqQ7IZsFtUOqQJbk1xniDwAtd1S0xTvexN0Ngn
AiuOndClZEJghQLAL7vCdYudC6et0jcV9VCTt3cLC6ATV5F84sbUO0IueangWsoB
ZsHquQnRxq1pDLtzP/+ajrGiy1i+0Uctma3U6fQRQ9nV8g==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org