Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/8ziQE659Kj0D7r3q9EW9lLJfoDA.roa
File: 8ziQE659Kj0D7r3q9EW9lLJfoDA.roa (raw, json)
Hash identifier: rICMQtGKpfjDPmWO/z20SLXXZv/iKnD1JOmEuxM9Lg4=
Subject key identifier: F3:38:90:13:AE:7D:2A:3D:03:EE:BD:EA:F4:45:BD:94:B2:5F:A0:30
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1297
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/8ziQE659Kj0D7r3q9EW9lLJfoDA.roa
Signing time: Fri 01 Sep 2023 08:04:40 +0000
ROA not before: Fri 01 Sep 2023 08:04:40 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 210.200.16.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4759 (0x1297)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:40 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F3389013AE7D2A3D03EEBDEAF445BD94B25FA030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b0:3d:e5:bf:4c:9e:c1:e4:1d:04:9b:65:2a:
7a:40:df:33:ba:c5:ee:38:a3:53:91:61:75:79:6e:
fc:14:87:1e:5a:d7:56:54:e2:59:81:95:2c:9a:69:
00:b4:9e:6b:ed:d0:a2:35:e6:c7:54:ec:7c:87:b4:
9a:8f:d3:71:73:82:f7:82:a9:a6:35:41:a7:be:c2:
23:d6:4b:94:77:7d:5c:e7:34:34:a3:cc:8a:26:a1:
6a:7d:14:d8:a8:f5:87:e9:7b:17:b6:af:9e:df:17:
41:8c:e2:4d:6a:85:dd:46:1e:01:2e:31:a0:95:ce:
b9:6a:9b:38:e0:e8:e4:6d:3d:cf:b7:2b:ba:4f:df:
26:23:88:d3:eb:1c:4d:d3:aa:6f:04:f8:a8:1b:8a:
d9:0f:8b:e9:9f:40:83:07:58:0a:10:94:c7:2e:76:
2b:b9:73:7f:81:43:1b:de:59:75:ca:1b:ea:d5:7e:
a6:e7:5a:86:c3:42:26:9d:1d:af:ab:56:99:58:92:
06:67:7e:4a:64:13:90:f0:37:f2:ba:6d:f4:48:96:
8d:b2:76:ef:2e:eb:b6:ae:18:aa:3a:80:cc:ed:5c:
6e:6c:30:33:ea:23:b4:6f:48:3d:8f:44:43:81:69:
d5:4c:ee:65:b3:ba:6b:65:8a:da:07:4a:ac:26:c5:
ed:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:38:90:13:AE:7D:2A:3D:03:EE:BD:EA:F4:45:BD:94:B2:5F:A0:30
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/8ziQE659Kj0D7r3q9EW9lLJfoDA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.16.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:3f:e4:72:30:ea:e7:9d:5c:cf:78:bc:5d:e5:4b:90:ac:ce:
14:d4:2a:d0:c0:c8:25:5d:c6:13:34:33:21:e0:ba:73:87:ac:
4e:26:84:88:46:21:e7:e5:9a:8c:e0:d4:f5:0b:78:91:8b:ca:
51:ad:13:18:d0:32:f4:ca:7f:98:1e:fb:3b:58:c4:ae:90:ef:
4c:4b:ed:3a:09:df:e1:cf:27:4e:6c:7b:bd:9b:d8:41:97:94:
0a:da:4b:01:35:5c:8e:60:85:63:e0:83:d9:94:f2:9b:81:2c:
40:2c:62:cb:ce:68:22:ca:1f:ee:28:e5:2c:07:71:17:77:bc:
30:2e:05:18:f1:0c:74:da:47:a3:eb:0b:76:8d:af:2b:97:a9:
91:35:f4:11:70:0b:f8:49:aa:74:b7:bf:75:3a:cc:bf:24:b4:
c3:39:ef:4d:ac:fd:26:17:7d:ea:6d:37:d4:ea:15:b4:1e:e7:
cf:cb:ac:38:48:04:81:0c:6b:99:95:6f:52:f9:d0:aa:e8:8e:
98:ac:a2:45:c2:a0:24:99:9c:fa:4a:09:e7:f8:a6:49:3a:60:
7c:0a:59:c9:fa:d3:52:89:fb:11:21:6e:70:f4:35:4a:08:31:
ae:53:8f:b1:29:7f:75:f6:2a:6e:43:85:59:c9:0c:72:47:bb:
22:0c:72:28
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEpcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEYzMzg5MDEzQUU3RDJB
M0QwM0VFQkRFQUY0NDVCRDk0QjI1RkEwMzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvsD3lv0yeweQdBJtlKnpA3zO6xe44o1ORYXV5bvwUhx5a11ZU
4lmBlSyaaQC0nmvt0KI15sdU7HyHtJqP03FzgveCqaY1Qae+wiPWS5R3fVznNDSj
zIomoWp9FNio9Yfpexe2r57fF0GM4k1qhd1GHgEuMaCVzrlqmzjg6ORtPc+3K7pP
3yYjiNPrHE3Tqm8E+KgbitkPi+mfQIMHWAoQlMcudiu5c3+BQxveWXXKG+rVfqbn
WobDQiadHa+rVplYkgZnfkpkE5DwN/K6bfRIlo2ydu8u67auGKo6gMztXG5sMDPq
I7RvSD2PREOBadVM7mWzumtlitoHSqwmxe2hAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU8ziQE659Kj0D7r3q9EW9lLJfoDAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvOHppUUU2NTlLajBEN3IzcTlFVzls
TEpmb0RBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLIEDAN
BgkqhkiG9w0BAQsFAAOCAQEArT/kcjDq551cz3i8XeVLkKzOFNQq0MDIJV3GEzQz
IeC6c4esTiaEiEYh5+WajODU9Qt4kYvKUa0TGNAy9Mp/mB77O1jErpDvTEvtOgnf
4c8nTmx7vZvYQZeUCtpLATVcjmCFY+CD2ZTym4EsQCxiy85oIsof7ijlLAdxF3e8
MC4FGPEMdNpHo+sLdo2vK5epkTX0EXAL+EmqdLe/dTrMvyS0wznvTaz9Jhd96m03
1OoVtB7nz8usOEgEgQxrmZVvUvnQquiOmKyiRcKgJJmc+koJ5/imSTpgfApZyfrT
Uon7ESFucPQ1SggxrlOPsSl/dfYqbkOFWckMcke7IgxyKA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org