Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/AxDeOq9zs_A_8zZ2HCFPjA5kPkg.roa
File: AxDeOq9zs_A_8zZ2HCFPjA5kPkg.roa (raw, json)
Hash identifier: OHxIPV62HvdXnbY4YJrb9vRRvb/1lsYuEag8JNplg9w=
Subject key identifier: 03:10:DE:3A:AF:73:B3:F0:3F:F3:36:76:1C:21:4F:8C:0E:64:3E:48
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1283
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/AxDeOq9zs_A_8zZ2HCFPjA5kPkg.roa
Signing time: Fri 01 Sep 2023 08:04:34 +0000
ROA not before: Fri 01 Sep 2023 08:04:34 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9922
IP address blocks: 124.218.72.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4739 (0x1283)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:34 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0310DE3AAF73B3F03FF336761C214F8C0E643E48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b6:48:6e:07:b7:f7:ca:f1:c7:d3:e1:42:5e:
4e:3b:0a:c3:1e:56:bd:8d:c6:bb:5d:31:cf:8a:10:
83:75:2d:75:b0:19:d9:60:f9:75:87:ef:36:09:e8:
6b:24:30:a1:f9:d6:d6:9f:8c:86:c7:d8:d5:4b:ed:
f6:0e:1b:41:93:43:98:a1:0d:d8:33:1d:17:a1:7c:
9f:2c:4f:22:c4:1a:46:53:f8:4d:01:ae:6d:6d:1d:
e8:9b:40:cf:29:b9:be:76:9b:87:dd:d9:38:83:f4:
f3:87:11:9a:69:d3:e1:d7:b3:9f:c4:85:51:ae:c5:
35:ae:a4:04:e5:ae:aa:22:4a:36:cf:1e:c9:9b:fa:
b2:b1:d6:59:42:f3:c1:51:0f:a0:e3:0f:bf:56:5d:
de:c0:d6:79:3c:08:24:04:2d:5b:97:1e:71:de:63:
95:22:94:c6:6e:1c:e5:b8:70:7f:5e:00:97:bd:d5:
2c:f2:19:79:3f:0f:3a:64:4d:e3:eb:6e:f7:31:99:
a8:3e:64:10:92:40:16:fa:30:fc:58:1c:9a:91:bb:
26:0d:6e:d4:7a:0a:bb:32:19:89:24:84:b4:74:dc:
bc:03:7a:2a:fa:c2:61:e5:f0:41:fe:b7:95:e8:a8:
3e:b5:87:07:38:86:ca:df:2c:3a:53:40:79:78:e3:
f7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:10:DE:3A:AF:73:B3:F0:3F:F3:36:76:1C:21:4F:8C:0E:64:3E:48
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/AxDeOq9zs_A_8zZ2HCFPjA5kPkg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.72.0/21
Signature Algorithm: sha256WithRSAEncryption
41:cd:74:8d:4f:04:0d:df:3d:40:4c:12:cc:93:59:f1:a6:69:
7c:0f:0e:cd:05:9c:8f:0f:20:5e:8e:be:1d:f2:92:48:85:63:
c8:64:0a:57:50:23:95:f6:dd:e8:ab:f3:f3:18:94:e7:e3:4d:
6b:38:ee:30:2f:56:24:be:dd:42:74:2e:a0:b9:7a:3a:a4:ab:
87:b9:29:cb:f4:b4:fa:8b:c1:17:6d:f4:29:58:3d:4a:2b:fa:
3f:34:6c:f7:c9:cd:2e:2f:22:08:71:98:d6:39:43:04:11:73:
e1:3c:9a:00:e9:7c:e8:d3:5b:4a:fc:ed:1d:2d:4a:f3:9e:f6:
20:27:44:40:fc:7e:6c:5d:51:3a:b2:34:ba:ff:a3:aa:92:81:
97:ff:82:ca:7a:97:2d:4e:17:e3:76:66:ac:bf:8d:cc:de:00:
a2:44:6f:e7:e2:ef:ba:f8:b9:e9:98:0d:ae:63:a6:03:87:9e:
f8:89:db:fe:11:8c:e3:a9:59:c9:e2:92:9d:59:e0:46:cd:b7:
e2:04:f1:1b:8e:dd:e4:0d:a3:28:2a:5f:70:9c:cd:ca:46:1a:
ea:04:d8:ae:20:d5:2b:88:35:d1:94:8f:f9:39:2c:e8:5f:af:
47:13:16:b1:b3:67:ef:a3:ab:5a:50:c4:12:5e:9e:66:83:f8:
43:20:68:0c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEoMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDAzMTBERTNBQUY3M0Iz
RjAzRkYzMzY3NjFDMjE0RjhDMEU2NDNFNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/tkhuB7f3yvHH0+FCXk47CsMeVr2NxrtdMc+KEIN1LXWwGdlg
+XWH7zYJ6GskMKH51tafjIbH2NVL7fYOG0GTQ5ihDdgzHRehfJ8sTyLEGkZT+E0B
rm1tHeibQM8pub52m4fd2TiD9POHEZpp0+HXs5/EhVGuxTWupATlrqoiSjbPHsmb
+rKx1llC88FRD6DjD79WXd7A1nk8CCQELVuXHnHeY5UilMZuHOW4cH9eAJe91Szy
GXk/DzpkTePrbvcxmag+ZBCSQBb6MPxYHJqRuyYNbtR6CrsyGYkkhLR03LwDeir6
wmHl8EH+t5XoqD61hwc4hsrfLDpTQHl44/crAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUAxDeOq9zs/A/8zZ2HCFPjA5kPkgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQXhEZU9xOXpzX0FfOHpaMkhDRlBq
QTVrUGtnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3zaSDAN
BgkqhkiG9w0BAQsFAAOCAQEAQc10jU8EDd89QEwSzJNZ8aZpfA8OzQWcjw8gXo6+
HfKSSIVjyGQKV1Ajlfbd6Kvz8xiU5+NNazjuMC9WJL7dQnQuoLl6OqSrh7kpy/S0
+ovBF230KVg9Siv6PzRs98nNLi8iCHGY1jlDBBFz4TyaAOl86NNbSvztHS1K8572
ICdEQPx+bF1ROrI0uv+jqpKBl/+CynqXLU4X43ZmrL+NzN4AokRv5+Lvuvi56ZgN
rmOmA4ee+Inb/hGM46lZyeKSnVngRs234gTxG47d5A2jKCpfcJzNykYa6gTYriDV
K4g10ZSP+Tks6F+vRxMWsbNn76OrWlDEEl6eZoP4QyBoDA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org