Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/DmBntno4AXPaSpMt4-YWglULEP4.roa
File: DmBntno4AXPaSpMt4-YWglULEP4.roa (raw, json)
Hash identifier: VBiPsr/E7C28H5dnR+86eB0IHfX5JXnobNYX6NDNeU0=
Subject key identifier: 0E:60:67:B6:7A:38:01:73:DA:4A:93:2D:E3:E6:16:82:55:0B:10:FE
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1261
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/DmBntno4AXPaSpMt4-YWglULEP4.roa
Signing time: Fri 01 Sep 2023 08:04:22 +0000
ROA not before: Fri 01 Sep 2023 08:04:22 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 202.178.180.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4705 (0x1261)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:22 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0E6067B67A380173DA4A932DE3E61682550B10FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:cf:76:6d:46:32:ea:c9:fd:70:bb:9c:38:f0:
94:cf:9b:32:9c:d8:c7:de:05:97:c8:34:21:d0:3c:
ae:ad:cd:c0:f5:5b:0e:9f:0f:57:7a:5a:00:ee:c5:
86:64:3f:24:63:f0:a6:b0:28:b1:5a:08:6b:ef:38:
1d:8e:a6:17:22:6c:da:03:41:44:c9:a2:25:e8:75:
58:f4:ab:1c:df:c0:df:15:18:dd:f0:06:fe:2f:8f:
79:42:bb:1a:c9:a8:08:38:c8:a6:c7:25:fd:76:f2:
1f:20:e5:36:ae:c0:22:05:f7:a1:de:55:b4:7c:e2:
e9:ea:ed:ca:b5:56:bb:13:dd:a8:44:9c:73:ad:5d:
72:1a:ff:0b:68:54:74:0f:1d:5b:c1:48:77:b3:b6:
99:79:f8:f4:0a:ae:66:e1:df:52:fc:c2:7d:23:10:
c8:d7:de:06:1c:ac:90:12:50:ec:7b:f6:ab:d6:78:
89:da:41:62:cf:f3:08:30:f8:0e:42:31:29:36:f0:
3d:0b:89:54:1f:80:3a:e4:db:df:f3:61:e7:74:9c:
92:30:44:cb:98:f5:2f:cf:e7:53:1d:e3:af:41:ce:
f1:2e:64:83:1c:bb:42:19:b6:62:94:80:d3:d2:f3:
1d:d8:d6:51:bf:dc:2a:b6:93:43:22:70:9c:53:fd:
93:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:60:67:B6:7A:38:01:73:DA:4A:93:2D:E3:E6:16:82:55:0B:10:FE
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/DmBntno4AXPaSpMt4-YWglULEP4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.178.180.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:b2:69:d4:ff:24:3b:a2:a0:fc:c9:9e:a1:4a:de:b0:a2:11:
09:6a:e5:99:6a:86:a7:88:70:cd:94:13:e8:5f:05:ff:c2:22:
77:43:f5:37:c3:af:16:51:43:b9:73:36:77:36:b3:bb:83:79:
a5:bd:49:c1:bd:36:b4:43:3e:01:95:12:4a:ea:cf:2c:bf:f3:
cd:f0:2f:38:3b:3e:fc:8e:fa:89:9b:36:e9:39:2f:f0:4a:06:
e9:28:5d:98:88:03:cb:09:fd:55:1d:52:0a:55:06:41:1e:68:
12:3a:c4:2b:fa:bc:eb:cf:a6:88:06:e3:86:e1:7c:2d:7c:54:
6a:42:da:40:8b:ad:08:59:3d:74:12:9b:16:77:c2:4b:3c:ed:
4f:1e:1d:0f:ac:15:9b:f3:03:0f:3b:dc:64:c2:0a:9f:93:ef:
79:ed:ae:6e:c6:55:fd:ad:24:91:40:48:a9:b9:bc:7b:2d:25:
45:00:e6:25:4b:28:d8:31:30:ac:77:a2:d8:fc:ba:47:42:1b:
c7:0c:c6:2d:18:2f:d4:a3:6a:1a:59:3a:ff:d4:59:6a:3f:8a:
32:ac:5e:86:99:cf:2a:db:b4:49:8e:c6:46:c7:fc:39:7d:46:
5d:48:92:6b:3f:01:38:b5:4f:96:21:59:16:c8:dd:e1:12:d4:
92:dd:5c:d3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEmEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBFNjA2N0I2N0EzODAx
NzNEQTRBOTMyREUzRTYxNjgyNTUwQjEwRkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTz3ZtRjLqyf1wu5w48JTPmzKc2MfeBZfINCHQPK6tzcD1Ww6f
D1d6WgDuxYZkPyRj8KawKLFaCGvvOB2OphcibNoDQUTJoiXodVj0qxzfwN8VGN3w
Bv4vj3lCuxrJqAg4yKbHJf128h8g5TauwCIF96HeVbR84unq7cq1VrsT3ahEnHOt
XXIa/wtoVHQPHVvBSHeztpl5+PQKrmbh31L8wn0jEMjX3gYcrJASUOx79qvWeIna
QWLP8wgw+A5CMSk28D0LiVQfgDrk29/zYed0nJIwRMuY9S/P51Md469BzvEuZIMc
u0IZtmKUgNPS8x3Y1lG/3Cq2k0MicJxT/ZNrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUDmBntno4AXPaSpMt4+YWglULEP4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvRG1CbnRubzRBWFBhU3BNdDQtWVdn
bFVMRVA0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsqytDAN
BgkqhkiG9w0BAQsFAAOCAQEAP7Jp1P8kO6Kg/MmeoUresKIRCWrlmWqGp4hwzZQT
6F8F/8Iid0P1N8OvFlFDuXM2dzazu4N5pb1Jwb02tEM+AZUSSurPLL/zzfAvODs+
/I76iZs26Tkv8EoG6ShdmIgDywn9VR1SClUGQR5oEjrEK/q868+miAbjhuF8LXxU
akLaQIutCFk9dBKbFnfCSzztTx4dD6wVm/MDDzvcZMIKn5Pvee2ubsZV/a0kkUBI
qbm8ey0lRQDmJUso2DEwrHei2Py6R0IbxwzGLRgv1KNqGlk6/9RZaj+KMqxehpnP
Ktu0SY7GRsf8OX1GXUiSaz8BOLVPliFZFsjd4RLUkt1c0w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org