Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/F08WOWv_BO0uX_bO5iDb0xIkSB8.roa
File: F08WOWv_BO0uX_bO5iDb0xIkSB8.roa (raw, json)
Hash identifier: yGogzXS/+NNvSlcZWrcU3I3fV2DZspHxt0kyp/yvSao=
Subject key identifier: 17:4F:16:39:6B:FF:04:ED:2E:5F:F6:CE:E6:20:DB:D3:12:24:48:1F
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1314
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/F08WOWv_BO0uX_bO5iDb0xIkSB8.roa
Signing time: Fri 01 Sep 2023 08:05:21 +0000
ROA not before: Fri 01 Sep 2023 08:05:21 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 210.201.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4884 (0x1314)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:21 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=174F16396BFF04ED2E5FF6CEE620DBD31224481F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:58:8f:5f:93:86:83:c4:f7:88:d2:ba:fa:f3:
73:e6:59:c3:11:c8:18:de:8f:24:58:ee:9c:e1:9f:
97:1b:52:67:d0:c4:a6:4d:25:12:00:a5:aa:0e:98:
78:2d:c0:23:46:3d:93:20:df:e6:79:17:7d:e0:cb:
29:07:ec:be:6b:37:36:44:c2:aa:c6:66:e6:ed:b6:
7e:63:c6:54:0f:ef:02:dc:c0:80:81:0c:7f:98:20:
f7:3a:7e:a6:ad:ee:4b:d7:93:94:af:01:a9:d8:6f:
c3:25:e8:3c:a9:7c:52:4e:0f:e7:89:31:69:70:42:
3f:de:c5:e3:a0:34:29:2c:de:a7:e0:66:b7:cb:67:
43:59:78:f5:07:5d:c6:00:a6:a3:b2:e5:28:0a:73:
93:7c:43:ae:b2:78:93:cc:2f:19:14:d6:c6:54:69:
5b:53:bb:1a:88:e9:1a:80:e3:f4:28:74:e5:71:b4:
f5:16:8a:b7:aa:1d:cf:fe:22:77:0f:04:b1:fc:a1:
ac:d9:c2:67:ae:48:47:e2:73:83:46:82:a9:cf:95:
b2:5e:67:d5:87:31:73:13:99:11:19:ff:7d:3c:dc:
3b:af:de:2e:f0:7f:68:13:02:fc:46:b9:1b:b1:a2:
0e:af:11:52:59:c7:2c:4e:df:5a:54:b3:5c:db:3d:
32:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4F:16:39:6B:FF:04:ED:2E:5F:F6:CE:E6:20:DB:D3:12:24:48:1F
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/F08WOWv_BO0uX_bO5iDb0xIkSB8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.128.0/18
Signature Algorithm: sha256WithRSAEncryption
0d:99:8b:d4:7c:b6:98:83:3f:d8:a5:e3:86:72:ae:70:e4:86:
fa:54:cb:b6:a5:81:f7:ba:71:14:cd:0a:54:e6:a4:cb:50:18:
f7:03:e5:68:7d:c0:a5:f6:4e:d1:d3:c7:d8:86:15:16:1e:71:
69:c6:78:43:a5:df:51:02:7b:f6:84:f7:02:e9:9e:90:03:2d:
f9:a1:e3:93:32:ed:d8:60:82:a0:83:e3:f9:0b:13:50:20:19:
39:7b:24:c1:f0:4a:e7:0f:96:fd:b9:94:df:86:1c:c0:87:7f:
1a:d0:97:56:eb:4e:81:8d:2f:1b:2f:66:3c:f7:8e:5a:44:15:
d0:db:e4:9c:30:71:22:3a:72:09:90:f7:da:79:84:47:56:a7:
ad:52:7c:94:ff:5d:e1:e8:75:39:30:b4:07:c6:3b:b7:96:10:
b2:53:f1:ab:59:17:78:fb:b3:85:e6:d7:57:e8:26:db:b2:37:
57:b0:98:12:0c:17:a5:1e:df:79:1b:31:c7:d1:57:9e:d0:82:
cb:7f:bd:74:53:75:2a:26:26:f8:1a:eb:c3:0c:36:db:fd:6c:
0c:2c:a5:13:3a:2e:e7:43:ad:3b:e9:7a:c4:c4:85:27:9b:a4:
79:24:06:96:2f:80:8d:7e:f4:2e:4e:55:6e:f9:ae:0f:79:41:
79:40:08:78
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICExQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDE3NEYxNjM5NkJGRjA0
RUQyRTVGRjZDRUU2MjBEQkQzMTIyNDQ4MUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJWI9fk4aDxPeI0rr683PmWcMRyBjejyRY7pzhn5cbUmfQxKZN
JRIApaoOmHgtwCNGPZMg3+Z5F33gyykH7L5rNzZEwqrGZubttn5jxlQP7wLcwICB
DH+YIPc6fqat7kvXk5SvAanYb8Ml6DypfFJOD+eJMWlwQj/exeOgNCks3qfgZrfL
Z0NZePUHXcYApqOy5SgKc5N8Q66yeJPMLxkU1sZUaVtTuxqI6RqA4/QodOVxtPUW
ireqHc/+IncPBLH8oazZwmeuSEfic4NGgqnPlbJeZ9WHMXMTmREZ/3083Duv3i7w
f2gTAvxGuRuxog6vEVJZxyxO31pUs1zbPTJvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUF08WOWv/BO0uX/bO5iDb0xIkSB8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvRjA4V09Xdl9CTzB1WF9iTzVpRGIw
eElrU0I4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLJgDAN
BgkqhkiG9w0BAQsFAAOCAQEADZmL1Hy2mIM/2KXjhnKucOSG+lTLtqWB97pxFM0K
VOaky1AY9wPlaH3ApfZO0dPH2IYVFh5xacZ4Q6XfUQJ79oT3AumekAMt+aHjkzLt
2GCCoIPj+QsTUCAZOXskwfBK5w+W/bmU34YcwId/GtCXVutOgY0vGy9mPPeOWkQV
0NvknDBxIjpyCZD32nmER1anrVJ8lP9d4eh1OTC0B8Y7t5YQslPxq1kXePuzhebX
V+gm27I3V7CYEgwXpR7feRsxx9FXntCCy3+9dFN1KiYm+Brrwww22/1sDCylEzou
50OtO+l6xMSFJ5ukeSQGli+AjX70Lk5VbvmuD3lBeUAIeA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org