Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/CGORIcxt4aXP6PI47XvrHnj7poY.roa
File: CGORIcxt4aXP6PI47XvrHnj7poY.roa (raw, json)
Hash identifier: I2mBXWUs0lhPtWrfL5RDbEo33l/TutNUt7/u2rW6Awc=
Subject key identifier: 08:63:91:21:CC:6D:E1:A5:CF:E8:F2:38:ED:7B:EB:1E:78:FB:A6:86
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 105B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CGORIcxt4aXP6PI47XvrHnj7poY.roa
Signing time: Tue 16 May 2023 08:36:05 +0000
ROA not before: Tue 16 May 2023 08:36:05 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131597
IP address blocks: 218.35.32.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4187 (0x105b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:05 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=08639121CC6DE1A5CFE8F238ED7BEB1E78FBA686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:74:dd:69:6c:27:27:0e:60:cf:37:fb:ae:ed:
fd:65:06:1f:0a:ec:ae:72:c9:60:b1:dd:d3:7b:b3:
da:1d:49:ec:b7:2a:93:bb:42:db:b2:31:45:48:92:
a2:4e:c2:2f:86:67:ed:f7:c4:31:02:6d:85:8d:20:
d0:dc:1c:7b:7f:1f:01:7d:23:4e:1c:f7:8d:15:21:
17:8a:e3:e6:d9:fb:97:b6:ba:c8:10:94:b3:d2:e1:
91:76:2c:26:3c:b6:e3:3b:c8:d8:c5:0c:87:1c:f5:
ff:e4:cd:91:bc:43:c8:cc:8f:7c:61:d0:c3:e5:e2:
45:21:7d:ce:4c:47:9d:b7:59:e6:95:b3:23:f3:0d:
da:1b:f6:58:56:cc:90:84:77:a0:8d:eb:b1:32:8f:
25:4f:e4:6b:92:2b:e6:4c:39:13:cd:66:67:b7:cc:
76:14:41:c8:3f:69:25:8c:b9:5c:a5:33:c3:4a:df:
2d:18:86:3c:51:70:5e:61:47:57:03:4f:85:dc:fd:
10:4d:d2:68:3d:7e:1f:ae:c1:e2:e5:74:2e:49:c0:
5b:29:6b:3e:b8:27:cd:91:d2:70:5a:8e:b8:3e:72:
bd:2f:cf:85:97:02:18:5b:58:f3:b9:44:69:b7:91:
97:d2:69:e8:ab:21:c0:f1:5c:67:22:0a:45:3f:b9:
83:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:63:91:21:CC:6D:E1:A5:CF:E8:F2:38:ED:7B:EB:1E:78:FB:A6:86
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/CGORIcxt4aXP6PI47XvrHnj7poY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.32.0/19
Signature Algorithm: sha256WithRSAEncryption
a9:dd:a1:dd:ef:02:1c:ab:a9:ed:80:11:88:87:5a:43:01:f4:
5f:45:b3:fd:54:c5:0b:da:d1:56:2e:22:03:9e:50:bd:c6:61:
ca:a6:8e:65:02:d8:c5:c1:2b:8c:39:22:e5:63:76:57:1e:a5:
4d:41:67:99:3b:a1:6b:20:fc:3d:68:07:c6:03:97:5a:89:87:
c0:53:b5:65:63:e2:1e:f5:97:0d:54:6d:ae:df:07:08:ea:b2:
3e:ed:b1:e8:44:ab:f8:69:b8:18:65:7f:08:3d:75:94:b5:c7:
09:6f:f7:0c:88:22:0e:3b:47:d1:da:5b:c5:d4:18:23:bc:ed:
fd:f3:ed:29:95:10:4d:16:40:07:18:50:e5:27:95:00:2d:81:
ca:07:2c:28:9e:4b:30:37:61:99:c8:1d:5b:fc:33:d5:f8:e7:
ce:2c:a7:43:31:b8:38:c3:14:bb:38:92:af:0b:c0:8b:de:8f:
de:e5:c9:c3:de:6e:7e:0a:2a:89:a8:aa:eb:87:95:cf:cf:b6:
35:62:24:25:31:ab:05:36:5c:8d:0c:3b:16:44:8b:52:00:62:
e3:43:63:12:c4:d3:d5:50:a8:5c:16:93:db:6a:b7:b5:08:2b:
af:16:b3:15:aa:8c:08:e1:95:ce:02:22:87:f1:ab:23:9f:7e:
52:dd:93:2c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEFswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA4NjM5MTIxQ0M2REUx
QTVDRkU4RjIzOEVEN0JFQjFFNzhGQkE2ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1dN1pbCcnDmDPN/uu7f1lBh8K7K5yyWCx3dN7s9odSey3KpO7
QtuyMUVIkqJOwi+GZ+33xDECbYWNINDcHHt/HwF9I04c940VIReK4+bZ+5e2usgQ
lLPS4ZF2LCY8tuM7yNjFDIcc9f/kzZG8Q8jMj3xh0MPl4kUhfc5MR523WeaVsyPz
Ddob9lhWzJCEd6CN67EyjyVP5GuSK+ZMORPNZme3zHYUQcg/aSWMuVylM8NK3y0Y
hjxRcF5hR1cDT4Xc/RBN0mg9fh+uweLldC5JwFspaz64J82R0nBajrg+cr0vz4WX
AhhbWPO5RGm3kZfSaeirIcDxXGciCkU/uYPBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCGORIcxt4aXP6PI47XvrHnj7poYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvQ0dPUkljeHQ0YVhQNlBJNDdYdnJI
bmo3cG9ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojIDAN
BgkqhkiG9w0BAQsFAAOCAQEAqd2h3e8CHKup7YARiIdaQwH0X0Wz/VTFC9rRVi4i
A55QvcZhyqaOZQLYxcErjDki5WN2Vx6lTUFnmTuhayD8PWgHxgOXWomHwFO1ZWPi
HvWXDVRtrt8HCOqyPu2x6ESr+Gm4GGV/CD11lLXHCW/3DIgiDjtH0dpbxdQYI7zt
/fPtKZUQTRZABxhQ5SeVAC2BygcsKJ5LMDdhmcgdW/wz1fjnziynQzG4OMMUuziS
rwvAi96P3uXJw95ufgoqiaiq64eVz8+2NWIkJTGrBTZcjQw7FkSLUgBi40NjEsTT
1VCoXBaT22q3tQgrrxazFaqMCOGVzgIih/GrI59+Ut2TLA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:44:59 2025 by rpki-client