Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/8PXpD9pRJscGdJhH43rz3U8wNes.roa
File: 8PXpD9pRJscGdJhH43rz3U8wNes.roa (raw, json)
Hash identifier: OzvBW/yDvXehT1EJvzBtHo0DL5a4yQF6WONWoBFW2Vk=
Subject key identifier: F0:F5:E9:0F:DA:51:26:C7:06:74:98:47:E3:7A:F3:DD:4F:30:35:EB
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12B4
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/8PXpD9pRJscGdJhH43rz3U8wNes.roa
Signing time: Fri 01 Sep 2023 08:04:53 +0000
ROA not before: Fri 01 Sep 2023 08:04:53 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131142
IP address blocks: 223.22.254.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4788 (0x12b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:53 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F0F5E90FDA5126C706749847E37AF3DD4F3035EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:10:c7:ed:01:8d:e6:6f:02:62:9c:25:5c:ba:
0a:97:4d:ad:e0:34:0c:40:5d:64:5d:6f:f4:b4:b4:
4f:56:6a:d7:d8:75:ea:9b:39:16:68:bf:4e:63:c3:
2e:39:b3:92:5a:2f:6a:d3:12:ca:70:37:66:8e:3c:
c1:e4:3e:98:1a:e7:29:ac:bb:b3:ea:5d:1b:50:8b:
29:09:18:c3:70:e5:b7:fb:f3:72:4d:bd:9f:6e:e5:
89:6b:3d:81:f7:7d:1a:8f:97:ba:c8:b3:b2:82:b2:
1f:18:36:b1:08:89:7c:80:48:33:73:6e:a6:d0:d2:
0a:16:0c:07:21:19:78:5c:49:3f:f9:5b:12:79:98:
42:2a:86:bf:05:15:08:ef:67:15:d0:a9:85:e4:b4:
d4:55:42:a8:76:00:3c:1b:00:31:02:dd:4b:b8:c5:
1e:46:50:74:e3:d0:00:07:52:0d:e4:83:75:da:c0:
c8:49:e2:ee:a8:31:92:12:63:0c:f2:5e:17:f9:ce:
a0:1d:7a:52:4f:93:e2:50:4e:63:50:23:8f:ec:b9:
2f:5e:4b:6e:04:08:c3:bc:6f:f2:d2:20:ad:c9:35:
65:b8:43:2a:95:ff:96:a8:d2:c7:1c:c8:c1:0a:87:
88:73:fd:7f:9f:87:9a:b7:30:f2:67:b4:bd:86:07:
39:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:F5:E9:0F:DA:51:26:C7:06:74:98:47:E3:7A:F3:DD:4F:30:35:EB
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/8PXpD9pRJscGdJhH43rz3U8wNes.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.254.0/24
Signature Algorithm: sha256WithRSAEncryption
75:a2:47:32:ee:6a:74:09:75:2a:b8:ed:b9:e6:6a:75:77:d7:
d3:65:9a:31:2b:18:d4:3d:24:18:18:aa:1f:76:76:03:f6:7f:
70:38:e7:34:c1:75:7b:9f:c3:35:f1:55:69:a3:98:cc:a8:eb:
de:dc:d2:b8:c0:35:0d:90:34:39:d4:ad:af:c2:e0:06:97:27:
6b:47:91:11:d1:51:c9:8f:1e:4f:27:6d:26:50:be:10:c2:9d:
ef:19:5e:cd:e1:61:a4:ba:ac:0b:2a:8e:d1:ae:aa:d8:d8:f3:
71:ed:70:4e:f3:1a:9f:9a:4e:69:47:28:47:33:a0:6e:53:b7:
2a:4d:5e:00:66:fa:c0:a4:1d:39:9d:0e:a1:5f:d0:ee:e1:e7:
2a:c8:c4:ff:91:01:8a:3a:ae:6e:8d:f7:da:86:d5:30:24:d5:
4e:36:a7:d4:7b:c1:51:0b:a1:e9:15:58:9a:a4:93:57:52:ce:
0d:ec:fa:79:0a:82:47:f3:ae:e8:61:3b:de:8f:29:24:b7:b8:
fb:5f:d2:ad:1b:4e:07:39:91:f9:50:a3:71:4d:94:24:6f:c2:
6a:8f:90:e5:33:b4:f6:2a:4b:14:8c:3c:9b:2a:5e:7e:04:49:
02:0b:33:17:20:73:b0:0e:82:4c:fa:76:d8:41:0a:e9:fb:3e:
18:a9:80:bb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICErQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEYwRjVFOTBGREE1MTI2
QzcwNjc0OTg0N0UzN0FGM0RENEYzMDM1RUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5EMftAY3mbwJinCVcugqXTa3gNAxAXWRdb/S0tE9WatfYdeqb
ORZov05jwy45s5JaL2rTEspwN2aOPMHkPpga5ymsu7PqXRtQiykJGMNw5bf783JN
vZ9u5YlrPYH3fRqPl7rIs7KCsh8YNrEIiXyASDNzbqbQ0goWDAchGXhcST/5WxJ5
mEIqhr8FFQjvZxXQqYXktNRVQqh2ADwbADEC3Uu4xR5GUHTj0AAHUg3kg3XawMhJ
4u6oMZISYwzyXhf5zqAdelJPk+JQTmNQI4/suS9eS24ECMO8b/LSIK3JNWW4QyqV
/5ao0sccyMEKh4hz/X+fh5q3MPJntL2GBzmvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU8PXpD9pRJscGdJhH43rz3U8wNeswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvOFBYcEQ5cFJKc2NHZEpoSDQzcnoz
VTh3TmVzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8W/jAN
BgkqhkiG9w0BAQsFAAOCAQEAdaJHMu5qdAl1KrjtueZqdXfX02WaMSsY1D0kGBiq
H3Z2A/Z/cDjnNMF1e5/DNfFVaaOYzKjr3tzSuMA1DZA0OdStr8LgBpcna0eREdFR
yY8eTydtJlC+EMKd7xlezeFhpLqsCyqO0a6q2Njzce1wTvMan5pOaUcoRzOgblO3
Kk1eAGb6wKQdOZ0OoV/Q7uHnKsjE/5EBijqubo332obVMCTVTjan1HvBUQuh6RVY
mqSTV1LODez6eQqCR/Ou6GE73o8pJLe4+1/SrRtOBzmR+VCjcU2UJG/Cao+Q5TO0
9ipLFIw8mypefgRJAgszFyBzsA6CTPp22EEK6fs+GKmAuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org