Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/B2yiRhn4dbrNYApT5PfZXbqMxEc.roa
File: B2yiRhn4dbrNYApT5PfZXbqMxEc.roa (raw, json)
Hash identifier: UCIxpx3yQmKrHeOexZIG0lIy4Gc4rZejROPZBi7jpXk=
Subject key identifier: 07:6C:A2:46:19:F8:75:BA:CD:60:0A:53:E4:F7:D9:5D:BA:8C:C4:47
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 127B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/B2yiRhn4dbrNYApT5PfZXbqMxEc.roa
Signing time: Fri 01 Sep 2023 08:04:31 +0000
ROA not before: Fri 01 Sep 2023 08:04:31 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 60.244.2.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4731 (0x127b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:31 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=076CA24619F875BACD600A53E4F7D95DBA8CC447
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:90:eb:80:af:f1:3f:48:32:b3:14:ea:2b:3d:
f5:73:65:1d:3d:23:27:0d:34:7b:f1:4a:58:3e:65:
50:90:e4:6f:33:63:5a:e9:bf:1b:52:96:54:fb:2d:
f2:5f:a5:84:e3:18:26:bf:d2:13:1f:a6:06:e8:39:
b0:ae:7e:46:a8:69:fe:bc:4d:99:fe:41:ca:a3:65:
88:b3:dd:d7:8d:89:e0:80:23:54:34:e3:a6:94:c7:
49:4e:a7:75:43:67:4f:fc:ea:de:d8:36:f8:8d:e7:
8d:1c:26:93:90:c1:e1:a5:d9:48:61:e3:71:d0:92:
45:42:73:c9:f0:1f:ac:e1:fa:11:5c:e8:38:bd:7e:
e0:1c:b9:dc:bd:01:f9:bd:6d:72:1e:22:12:1e:d7:
d3:a2:2d:6b:fe:f3:42:e5:86:18:ff:92:05:f4:dd:
61:bc:42:f5:e5:80:23:5e:82:66:7b:f9:6c:82:3e:
c1:be:b9:65:8a:eb:b4:04:23:b3:28:7e:ef:7b:53:
45:2e:57:c2:cd:bb:2f:0e:e1:c3:b2:00:39:f4:3a:
bc:90:de:da:65:46:4f:47:5e:4a:66:23:4d:ab:0a:
2a:0f:ac:76:8f:c1:4c:58:42:13:7a:91:cb:f5:65:
ba:15:43:a8:c9:46:fa:11:b6:e5:d4:75:6e:7a:f6:
f4:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:6C:A2:46:19:F8:75:BA:CD:60:0A:53:E4:F7:D9:5D:BA:8C:C4:47
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/B2yiRhn4dbrNYApT5PfZXbqMxEc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.2.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:7c:3e:a3:08:81:44:b2:49:5b:bd:f3:95:a6:6f:b5:d4:7f:
e0:b5:00:f0:ba:c1:8c:90:e1:d4:5a:f5:40:e6:6d:e9:a2:58:
11:27:24:db:df:aa:1b:76:67:b0:08:34:83:ef:40:17:b6:56:
b1:bf:1a:da:8e:b6:02:d9:73:ab:70:22:8d:f2:eb:39:6a:a0:
f5:9d:5a:75:12:1f:1d:ab:e7:24:1f:71:cb:c8:f0:a6:9a:6f:
90:1d:12:ab:cf:41:96:b8:2c:e9:a9:0f:4b:36:54:26:09:16:
8f:55:9a:12:2b:8a:de:e4:ad:cd:64:2a:28:c9:17:10:53:5e:
aa:b8:f9:f0:cd:19:a5:9f:25:92:36:e1:60:8c:39:3e:0a:2e:
f9:f2:c3:26:e0:5d:af:bd:7c:82:ca:24:a2:2a:97:32:4e:6c:
02:ee:5d:81:88:49:59:02:b8:a0:93:09:c0:97:6f:98:bc:9a:
cf:61:05:b8:d6:a3:ff:f2:c4:88:76:e4:fd:2d:98:a0:1e:b5:
a7:e2:1e:07:e3:0f:69:48:54:d7:1d:2b:23:ee:cf:12:58:6f:
97:2c:e8:94:f9:9c:68:1e:75:1f:19:ea:e9:bb:8b:a3:75:89:
fd:2e:dd:41:b6:09:b1:2c:f5:b2:b0:95:f6:94:f2:83:4d:ed:
95:2f:4e:7c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEnswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDA3NkNBMjQ2MTlGODc1
QkFDRDYwMEE1M0U0RjdEOTVEQkE4Q0M0NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAkOuAr/E/SDKzFOorPfVzZR09IycNNHvxSlg+ZVCQ5G8zY1rp
vxtSllT7LfJfpYTjGCa/0hMfpgboObCufkaoaf68TZn+QcqjZYiz3deNieCAI1Q0
46aUx0lOp3VDZ0/86t7YNviN540cJpOQweGl2Uhh43HQkkVCc8nwH6zh+hFc6Di9
fuAcudy9Afm9bXIeIhIe19OiLWv+80Llhhj/kgX03WG8QvXlgCNegmZ7+WyCPsG+
uWWK67QEI7Mofu97U0UuV8LNuy8O4cOyADn0OryQ3tplRk9HXkpmI02rCioPrHaP
wUxYQhN6kcv1ZboVQ6jJRvoRtuXUdW569vS7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUB2yiRhn4dbrNYApT5PfZXbqMxEcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQjJ5aVJobjRkYnJOWUFwVDVQZlpY
YnFNeEVjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADz0AjAN
BgkqhkiG9w0BAQsFAAOCAQEAOnw+owiBRLJJW73zlaZvtdR/4LUA8LrBjJDh1Fr1
QOZt6aJYESck29+qG3ZnsAg0g+9AF7ZWsb8a2o62Atlzq3AijfLrOWqg9Z1adRIf
HavnJB9xy8jwpppvkB0Sq89Blrgs6akPSzZUJgkWj1WaEiuK3uStzWQqKMkXEFNe
qrj58M0ZpZ8lkjbhYIw5Pgou+fLDJuBdr718gsokoiqXMk5sAu5dgYhJWQK4oJMJ
wJdvmLyaz2EFuNaj//LEiHbk/S2YoB61p+IeB+MPaUhU1x0rI+7PElhvlyzolPmc
aB51Hxnq6buLo3WJ/S7dQbYJsSz1srCV9pTyg03tlS9OfA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org