Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/BQg-6XLUy4Cly8DlM3mJIZ8tlfU.roa
File: BQg-6XLUy4Cly8DlM3mJIZ8tlfU.roa (raw, json)
Hash identifier: hNbG0eNQhQ4b5zmM9JrehKDkvOPcMymWHwaauMmIifU=
Subject key identifier: 05:08:3E:E9:72:D4:CB:80:A5:CB:C0:E5:33:79:89:21:9F:2D:95:F5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 128B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/BQg-6XLUy4Cly8DlM3mJIZ8tlfU.roa
Signing time: Fri 01 Sep 2023 08:04:36 +0000
ROA not before: Fri 01 Sep 2023 08:04:36 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131591
IP address blocks: 223.22.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4747 (0x128b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:36 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=05083EE972D4CB80A5CBC0E5337989219F2D95F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:21:9e:de:2f:19:75:5b:2b:9e:8b:7f:2b:73:
89:1e:f4:16:52:c2:54:f0:9e:c0:70:5f:8a:d6:73:
7d:36:28:21:d0:ac:44:3b:52:07:52:93:c7:bc:22:
06:54:c9:50:d2:39:6d:16:9c:b8:30:db:59:a3:a4:
18:66:e0:86:aa:81:da:81:fc:4b:38:2e:99:cf:4c:
b2:29:4f:a6:39:f3:32:c7:89:d4:b3:57:0c:d9:87:
3b:40:af:ba:ef:30:1b:db:24:01:34:74:56:63:76:
36:5f:03:66:21:3f:56:9c:bc:e1:98:d9:e0:76:ca:
ed:7f:6a:22:ea:e3:dc:a4:a8:4b:59:3b:42:78:5c:
6c:ec:b6:ad:c4:42:39:e4:6f:7d:99:2e:9b:19:97:
2b:89:8b:9e:6b:6e:b6:18:2f:99:24:76:93:17:91:
b1:fe:e3:2a:2f:f7:56:01:87:81:3f:0c:14:3a:10:
7f:d2:12:cf:82:47:0d:1f:9e:a7:4a:11:88:49:6d:
2b:5b:4c:19:19:b0:93:16:41:f8:14:98:03:76:a1:
fe:46:67:9d:c4:64:b4:9d:0f:c4:98:16:f8:8e:20:
bc:b7:b3:af:c8:93:c7:ea:fd:03:30:6a:fa:2a:e1:
17:54:e9:21:ab:dd:7b:07:db:5b:55:c7:b2:d0:b9:
ba:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:08:3E:E9:72:D4:CB:80:A5:CB:C0:E5:33:79:89:21:9F:2D:95:F5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/BQg-6XLUy4Cly8DlM3mJIZ8tlfU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.32.0/19
Signature Algorithm: sha256WithRSAEncryption
33:f7:40:4f:4a:9d:84:17:39:84:fc:20:72:37:ad:73:81:0a:
9f:7c:b7:c1:05:1a:21:80:86:b1:ca:c8:25:d6:5d:07:bb:f9:
90:2d:9f:1e:2e:fc:a9:95:ef:a5:df:29:bd:9b:36:26:78:50:
0a:2c:0e:d1:ed:b7:4c:e2:03:ca:ac:59:93:16:a3:4e:43:3a:
09:d0:38:64:6a:1e:17:2b:2b:30:d5:30:20:9f:c8:8c:6d:7e:
6b:c8:19:0b:73:d9:39:64:84:95:31:7d:54:58:6d:26:24:a0:
f7:8c:60:42:f1:4c:bd:e4:ed:c8:c2:bd:e9:ff:82:f4:18:69:
df:e7:83:58:1f:d3:27:eb:23:47:64:7b:0a:0d:e6:cb:82:99:
ad:47:05:b6:12:b6:1f:09:55:cd:fd:5a:cc:d0:9b:42:c0:59:
4a:5f:4f:a6:4f:1f:3e:6f:d4:3c:72:7b:a9:e2:2a:78:ef:13:
67:8e:a0:b4:0f:58:54:59:2d:2c:2a:f5:1d:c8:a2:83:c3:19:
b2:60:24:a8:9e:3f:f0:96:dd:2c:50:51:49:6f:5c:80:a4:d0:
06:db:22:2e:43:ab:85:f4:ff:86:fb:cc:45:99:a6:bd:6e:05:
35:ce:2d:ee:b6:17:37:4f:ef:cd:85:02:4c:55:df:57:e3:f5:
1d:67:66:13
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEoswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDA1MDgzRUU5NzJENENC
ODBBNUNCQzBFNTMzNzk4OTIxOUYyRDk1RjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLIZ7eLxl1Wyuei38rc4ke9BZSwlTwnsBwX4rWc302KCHQrEQ7
UgdSk8e8IgZUyVDSOW0WnLgw21mjpBhm4IaqgdqB/Es4LpnPTLIpT6Y58zLHidSz
VwzZhztAr7rvMBvbJAE0dFZjdjZfA2YhP1acvOGY2eB2yu1/aiLq49ykqEtZO0J4
XGzstq3EQjnkb32ZLpsZlyuJi55rbrYYL5kkdpMXkbH+4yov91YBh4E/DBQ6EH/S
Es+CRw0fnqdKEYhJbStbTBkZsJMWQfgUmAN2of5GZ53EZLSdD8SYFviOILy3s6/I
k8fq/QMwavoq4RdU6SGr3XsH21tVx7LQubolAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUBQg+6XLUy4Cly8DlM3mJIZ8tlfUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQlFnLTZYTFV5NENseThEbE0zbUpJ
Wjh0bGZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBd8WIDAN
BgkqhkiG9w0BAQsFAAOCAQEAM/dAT0qdhBc5hPwgcjetc4EKn3y3wQUaIYCGscrI
JdZdB7v5kC2fHi78qZXvpd8pvZs2JnhQCiwO0e23TOIDyqxZkxajTkM6CdA4ZGoe
FysrMNUwIJ/IjG1+a8gZC3PZOWSElTF9VFhtJiSg94xgQvFMveTtyMK96f+C9Bhp
3+eDWB/TJ+sjR2R7Cg3my4KZrUcFthK2HwlVzf1azNCbQsBZSl9Ppk8fPm/UPHJ7
qeIqeO8TZ46gtA9YVFktLCr1Hciig8MZsmAkqJ4/8JbdLFBRSW9cgKTQBtsiLkOr
hfT/hvvMRZmmvW4FNc4t7rYXN0/vzYUCTFXfV+P1HWdmEw==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:42 2024 by rpki-client on console-fra.rpki-client.org