Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/7fw3K25cIy2Eb_8hulcmOhxm0pg.roa
File: 7fw3K25cIy2Eb_8hulcmOhxm0pg.roa (raw, json)
Hash identifier: /bceESq9TIErjV9x7EZImAR0hJZpDZ7BZ2HmInZfdWA=
Subject key identifier: ED:FC:37:2B:6E:5C:23:2D:84:6F:FF:21:BA:57:26:3A:1C:66:D2:98
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 129A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/7fw3K25cIy2Eb_8hulcmOhxm0pg.roa
Signing time: Fri 01 Sep 2023 08:04:41 +0000
ROA not before: Fri 01 Sep 2023 08:04:41 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 210.63.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4762 (0x129a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:41 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=EDFC372B6E5C232D846FFF21BA57263A1C66D298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:01:cd:a8:3d:66:28:93:35:c3:e8:e2:63:74:
dc:91:9a:c2:20:d7:e4:59:8e:5c:58:7e:73:29:d2:
92:c9:36:ca:0d:1d:c9:cc:f5:b0:de:ad:3e:25:5a:
f5:37:1c:b7:c6:fb:f8:00:fb:5a:ad:df:d8:ca:ab:
6c:3c:38:e3:00:32:f8:6f:0a:26:d4:c9:c7:37:5a:
2d:b9:de:80:ed:f2:c6:c2:78:66:2a:5e:ca:69:43:
c5:ca:e5:fe:98:7b:b7:f3:d6:72:8b:02:af:20:2e:
3d:7c:bf:23:1b:7a:ab:e9:73:fa:12:9b:85:08:af:
86:95:c1:34:d1:72:87:e1:30:26:7a:5b:3f:b7:12:
e8:3a:46:9a:f7:58:92:f8:61:c9:e1:4f:2d:0d:6d:
15:31:8b:0f:39:96:1e:58:69:55:0e:e9:61:cf:a5:
06:0a:8a:93:a3:50:2b:97:33:95:25:54:ae:aa:f0:
f8:19:92:49:4c:8a:61:69:4a:1e:00:5e:d9:11:87:
a5:1e:1c:f5:8b:2b:2d:ce:a9:c2:75:0e:d6:ef:74:
18:61:c4:59:ec:82:ca:80:d7:6a:12:88:22:13:38:
41:d6:ef:09:f3:0f:d4:a4:85:bc:69:0b:da:06:da:
cc:72:ea:1d:64:97:84:40:8f:9a:fd:ca:8f:c4:ba:
63:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:FC:37:2B:6E:5C:23:2D:84:6F:FF:21:BA:57:26:3A:1C:66:D2:98
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/7fw3K25cIy2Eb_8hulcmOhxm0pg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.220.0/22
Signature Algorithm: sha256WithRSAEncryption
38:fa:9d:c0:30:b3:36:87:65:11:9e:a6:16:d0:83:ad:39:68:
08:23:3e:2d:2e:57:28:c3:be:00:87:df:55:00:aa:20:aa:8d:
05:b0:3e:9a:91:cb:7f:b5:cb:5e:c0:36:6d:dc:96:4e:fb:88:
a0:56:30:62:52:dd:f2:76:de:39:cc:90:93:7f:03:9c:b0:e0:
4c:a7:ec:bd:b3:3d:bf:11:1a:fa:d4:0b:c8:e9:91:ff:97:63:
7b:bc:74:ad:57:88:e8:9f:fd:d8:20:1a:aa:a4:09:9a:ff:51:
0d:4a:b0:77:fe:74:28:27:0b:8a:60:ad:09:4c:94:3f:0b:a9:
88:62:c4:44:c6:94:1b:f7:5e:ba:8a:7f:a1:8c:33:33:9d:39:
d8:bf:78:78:ee:b7:cf:1b:89:bf:4f:6b:7f:92:87:a7:2e:85:
98:6b:dd:f8:4a:99:eb:60:cc:2d:3d:fd:70:44:ae:4a:a1:d6:
32:cf:bc:1b:92:01:70:45:2f:33:95:e7:ca:24:64:2d:2b:f3:
39:7d:50:39:a9:e6:59:45:17:27:08:a7:dc:59:64:6d:67:35:
c6:af:1e:88:25:43:25:28:f8:ea:a3:13:97:b0:63:2c:60:d1:
da:78:b5:4d:62:29:5c:02:d8:0a:43:67:ff:8b:29:34:97:a8:
f9:b5:e1:86
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEpowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEVERkMzNzJCNkU1QzIz
MkQ4NDZGRkYyMUJBNTcyNjNBMUM2NkQyOTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCwAc2oPWYokzXD6OJjdNyRmsIg1+RZjlxYfnMp0pLJNsoNHcnM
9bDerT4lWvU3HLfG+/gA+1qt39jKq2w8OOMAMvhvCibUycc3Wi253oDt8sbCeGYq
XsppQ8XK5f6Ye7fz1nKLAq8gLj18vyMbeqvpc/oSm4UIr4aVwTTRcofhMCZ6Wz+3
Eug6Rpr3WJL4YcnhTy0NbRUxiw85lh5YaVUO6WHPpQYKipOjUCuXM5UlVK6q8PgZ
kklMimFpSh4AXtkRh6UeHPWLKy3OqcJ1DtbvdBhhxFnsgsqA12oSiCITOEHW7wnz
D9SkhbxpC9oG2sxy6h1kl4RAj5r9yo/EumN/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU7fw3K25cIy2Eb/8hulcmOhxm0pgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvN2Z3M0syNWNJeTJFYl84aHVsY21P
aHhtMHBnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtI/3DAN
BgkqhkiG9w0BAQsFAAOCAQEAOPqdwDCzNodlEZ6mFtCDrTloCCM+LS5XKMO+AIff
VQCqIKqNBbA+mpHLf7XLXsA2bdyWTvuIoFYwYlLd8nbeOcyQk38DnLDgTKfsvbM9
vxEa+tQLyOmR/5dje7x0rVeI6J/92CAaqqQJmv9RDUqwd/50KCcLimCtCUyUPwup
iGLERMaUG/deuop/oYwzM5052L94eO63zxuJv09rf5KHpy6FmGvd+EqZ62DMLT39
cESuSqHWMs+8G5IBcEUvM5XnyiRkLSvzOX1QOanmWUUXJwin3FlkbWc1xq8eiCVD
JSj46qMTl7BjLGDR2ni1TWIpXALYCkNn/4spNJeo+bXhhg==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org