Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/AF3xaqhR4UTbzkfZd1Yxpz8Ep28.roa
File: AF3xaqhR4UTbzkfZd1Yxpz8Ep28.roa (raw, json)
Hash identifier: TYwf+nOt9m6ms/3ADE6H29548+9KhlgjotOwXhUiKZM=
Subject key identifier: 00:5D:F1:6A:A8:51:E1:44:DB:CE:47:D9:77:56:31:A7:3F:04:A7:6F
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0B87
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/AF3xaqhR4UTbzkfZd1Yxpz8Ep28.roa
Signing time: Sun 07 Feb 2021 11:33:07 +0000
ROA not before: Sun 07 Feb 2021 11:33:07 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 43.240.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2951 (0xb87)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:33:07 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=005DF16AA851E144DBCE47D9775631A73F04A76F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:47:93:c8:c5:f1:bb:e9:e3:3c:88:d6:be:1e:
86:db:fc:9c:f6:88:a0:54:99:f7:91:7c:38:46:fb:
e2:d6:54:4a:9e:2f:85:fe:8e:d5:66:f9:ce:d2:f3:
03:b1:ed:03:da:7a:88:11:b9:53:d9:fc:a1:8f:99:
24:7d:98:fb:bd:d1:14:6e:f8:56:65:96:82:20:e4:
cc:5e:ef:80:b3:f6:e5:a5:53:16:97:4c:2e:44:ab:
de:bd:dd:62:56:91:3d:45:87:a2:5d:ac:19:de:35:
6e:d2:01:e4:f9:7e:c0:94:51:51:ee:c5:ac:66:d9:
e9:cf:d0:24:e2:58:10:87:ec:b9:27:5a:84:33:9c:
12:dd:e6:ee:fe:c8:04:42:33:59:0e:9b:d9:7b:cf:
0b:b7:7a:be:f3:75:94:42:3e:66:01:86:3a:e9:f9:
16:a5:6f:ec:f6:dc:65:9f:37:88:61:47:ae:0e:0f:
12:5a:25:55:de:e6:2a:ee:5e:8d:80:64:31:86:2c:
94:80:b5:a3:d3:61:81:0f:ab:ce:d0:ad:fd:6d:0d:
b1:d3:35:72:a8:e9:0a:8a:da:16:f1:31:02:13:77:
fa:44:9e:97:ab:5b:82:cc:48:67:d0:db:e9:0c:c4:
e8:29:32:af:9d:23:d2:22:d8:3b:27:e9:c3:cf:b4:
37:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:5D:F1:6A:A8:51:E1:44:DB:CE:47:D9:77:56:31:A7:3F:04:A7:6F
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/AF3xaqhR4UTbzkfZd1Yxpz8Ep28.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.104.0/22
Signature Algorithm: sha256WithRSAEncryption
40:0f:78:ce:54:2f:1b:bc:61:32:98:43:2d:99:d3:4d:6c:37:
3e:4d:7c:a6:37:5d:0e:69:2b:ba:36:95:f9:33:11:38:7d:98:
93:26:b7:e1:a8:aa:59:43:42:ff:6f:14:27:27:be:4f:bb:69:
bf:a3:43:e4:36:69:00:00:c5:48:36:ce:ce:77:2a:38:ac:af:
5e:e0:fe:5d:11:ff:98:cb:1b:4f:49:29:64:5b:b2:08:53:db:
32:fc:3b:43:84:fb:99:d0:96:e1:cc:83:fc:7c:28:58:de:3d:
a4:bc:c8:b6:3b:b6:23:0b:3a:d6:1b:0a:26:d0:10:1e:9c:74:
05:81:50:7a:0d:f4:b0:ea:1a:db:f7:33:3b:6f:ee:8c:24:43:
a1:1d:8e:65:dd:7f:53:2b:b0:c3:0d:9a:72:dc:8f:79:12:82:
4d:aa:28:a1:c1:5a:26:1a:b0:cd:c1:a3:ea:34:b7:0e:ff:49:
27:66:93:a5:3d:d4:18:fb:6d:07:48:14:4d:d8:4e:cf:7d:57:
3b:ac:7e:37:bd:6c:1d:7e:94:b5:f8:85:8c:54:4b:3e:d7:6a:
1c:65:68:03:30:ff:e5:da:b6:3c:7d:a4:a9:18:73:b5:11:e3:
d5:96:51:0a:28:d5:c8:69:b9:48:d4:a4:a9:0e:cc:a2:24:e6:
f7:f5:27:20
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTMzMDdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDAwNURGMTZBQTg1MUUx
NDREQkNFNDdEOTc3NTYzMUE3M0YwNEE3NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJR5PIxfG76eM8iNa+Hobb/Jz2iKBUmfeRfDhG++LWVEqeL4X+
jtVm+c7S8wOx7QPaeogRuVPZ/KGPmSR9mPu90RRu+FZlloIg5Mxe74Cz9uWlUxaX
TC5Eq9693WJWkT1Fh6JdrBneNW7SAeT5fsCUUVHuxaxm2enP0CTiWBCH7LknWoQz
nBLd5u7+yARCM1kOm9l7zwu3er7zdZRCPmYBhjrp+Ralb+z23GWfN4hhR64ODxJa
JVXe5iruXo2AZDGGLJSAtaPTYYEPq87Qrf1tDbHTNXKo6QqK2hbxMQITd/pEnper
W4LMSGfQ2+kMxOgpMq+dI9Ii2Dsn6cPPtDeVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUAF3xaqhR4UTbzkfZd1Yxpz8Ep28wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQUYzeGFxaFI0VVRiemtmWmQxWXhw
ejhFcDI4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAivwaDAN
BgkqhkiG9w0BAQsFAAOCAQEAQA94zlQvG7xhMphDLZnTTWw3Pk18pjddDmkrujaV
+TMROH2Ykya34aiqWUNC/28UJye+T7tpv6ND5DZpAADFSDbOzncqOKyvXuD+XRH/
mMsbT0kpZFuyCFPbMvw7Q4T7mdCW4cyD/HwoWN49pLzItju2Iws61hsKJtAQHpx0
BYFQeg30sOoa2/czO2/ujCRDoR2OZd1/Uyuwww2actyPeRKCTaooocFaJhqwzcGj
6jS3Dv9JJ2aTpT3UGPttB0gUTdhOz31XO6x+N71sHX6UtfiFjFRLPtdqHGVoAzD/
5dq2PH2kqRhztRHj1ZZRCijVyGm5SNSkqQ7MoiTm9/UnIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org