Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/G9ly6ju72ypvArYI2t5IFZknsXM.roa
File: G9ly6ju72ypvArYI2t5IFZknsXM.roa (raw, json)
Hash identifier: BDZs30a4kFZLJX1Zhz1m+7M1E0H08UHjF2HXt8XugD4=
Subject key identifier: 1B:D9:72:EA:3B:BB:DB:2A:6F:02:B6:08:DA:DE:48:15:99:27:B1:73
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12FD
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/G9ly6ju72ypvArYI2t5IFZknsXM.roa
Signing time: Fri 01 Sep 2023 08:05:15 +0000
ROA not before: Fri 01 Sep 2023 08:05:15 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 2001:f10::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4861 (0x12fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:15 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1BD972EA3BBBDB2A6F02B608DADE48159927B173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:77:ef:b8:21:c8:d5:3c:f5:65:4b:45:e6:8e:
6f:fb:7b:7a:24:14:6a:cf:b0:f1:01:8a:6d:53:2d:
df:ab:10:f6:12:a3:a5:86:e7:ed:9e:e0:af:c6:c0:
83:95:c7:42:53:98:ec:9a:f4:a6:7b:2e:b5:23:15:
ab:72:7a:6e:21:d5:eb:5f:45:28:76:74:b2:47:0a:
65:9b:4f:08:23:1f:40:bf:31:e6:78:7f:bc:91:63:
27:1c:fe:d9:23:d8:6f:06:26:a2:de:b7:d8:8e:0b:
d2:38:ab:dc:bb:d1:28:d7:33:e9:01:39:09:f1:6c:
13:1c:07:35:78:02:70:d5:f4:d0:9d:f5:67:77:f4:
87:36:90:df:64:40:87:1b:6a:85:5d:c2:02:28:d9:
32:21:24:85:15:e0:e2:c9:8f:51:68:17:10:f7:ac:
5a:97:0e:ec:e7:52:5a:2d:f4:c5:d0:a4:3b:da:95:
37:89:1e:d0:16:d9:d1:69:10:a4:9f:c3:8b:fe:39:
bd:a1:88:9c:92:90:a7:0f:e0:5d:32:2a:d7:45:4e:
20:c9:07:20:95:34:e8:33:5e:1f:3d:57:17:35:42:
19:2e:f6:01:a4:61:45:b3:3a:aa:4a:67:c5:d4:13:
15:04:4c:c7:07:b2:31:d3:bb:77:05:cd:c2:d5:dd:
07:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D9:72:EA:3B:BB:DB:2A:6F:02:B6:08:DA:DE:48:15:99:27:B1:73
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/G9ly6ju72ypvArYI2t5IFZknsXM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:f10::/32
Signature Algorithm: sha256WithRSAEncryption
63:f5:7a:f4:20:04:c0:6e:e6:12:0b:b6:32:3b:bf:8d:e4:78:
48:f1:d1:03:f0:47:e1:2e:0b:0d:3e:5c:67:ad:35:db:c0:3e:
b1:0e:92:2e:11:dd:35:78:55:60:a6:67:f8:4d:62:ad:ba:62:
b0:f8:1f:62:cd:45:6c:38:37:11:8f:40:fe:d1:73:be:e8:6b:
26:72:06:b5:ce:52:33:9f:14:52:53:49:73:48:c3:3b:af:01:
db:55:76:e3:ce:f7:dc:d2:ad:4c:55:72:9c:ce:b7:9f:22:ff:
00:b4:df:89:36:77:92:60:50:d6:8f:63:1b:d3:04:8e:98:5e:
05:da:00:26:f6:ba:0d:a5:61:70:20:fc:2f:10:c4:30:60:21:
f3:a5:78:3d:fa:5c:78:c2:42:48:b3:82:c6:e0:5c:41:5f:89:
50:f3:22:7a:6d:a1:1e:22:d1:c5:35:e7:61:e0:40:4d:0e:0d:
48:a2:60:d9:72:54:b2:59:97:f0:99:3b:27:10:9a:a3:81:7e:
7d:59:0b:e8:c4:d4:99:78:a5:ed:9c:dc:ae:24:75:75:0b:d3:
f6:23:e5:f4:74:03:19:76:bf:00:f4:04:a7:d1:57:52:84:ac:
b6:66:9a:9a:53:9c:49:89:87:6d:4c:74:9f:a2:b8:ea:1e:3d:
41:44:d0:c4
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICEv0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFCRDk3MkVBM0JCQkRC
MkE2RjAyQjYwOERBREU0ODE1OTkyN0IxNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzd++4IcjVPPVlS0Xmjm/7e3okFGrPsPEBim1TLd+rEPYSo6WG
5+2e4K/GwIOVx0JTmOya9KZ7LrUjFatyem4h1etfRSh2dLJHCmWbTwgjH0C/MeZ4
f7yRYycc/tkj2G8GJqLet9iOC9I4q9y70SjXM+kBOQnxbBMcBzV4AnDV9NCd9Wd3
9Ic2kN9kQIcbaoVdwgIo2TIhJIUV4OLJj1FoFxD3rFqXDuznUlot9MXQpDvalTeJ
HtAW2dFpEKSfw4v+Ob2hiJySkKcP4F0yKtdFTiDJByCVNOgzXh89Vxc1Qhku9gGk
YUWzOqpKZ8XUExUETMcHsjHTu3cFzcLV3QelAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUG9ly6ju72ypvArYI2t5IFZknsXMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvRzlseTZqdTcyeXB2QXJZSTJ0NUlG
Wmtuc1hNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABDxAw
DQYJKoZIhvcNAQELBQADggEBAGP1evQgBMBu5hILtjI7v43keEjx0QPwR+EuCw0+
XGetNdvAPrEOki4R3TV4VWCmZ/hNYq26YrD4H2LNRWw4NxGPQP7Rc77oayZyBrXO
UjOfFFJTSXNIwzuvAdtVduPO99zSrUxVcpzOt58i/wC034k2d5JgUNaPYxvTBI6Y
XgXaACb2ug2lYXAg/C8QxDBgIfOleD36XHjCQkizgsbgXEFfiVDzInptoR4i0cU1
52HgQE0ODUiiYNlyVLJZl/CZOycQmqOBfn1ZC+jE1Jl4pe2c3K4kdXUL0/Yj5fR0
Axl2vwD0BKfRV1KErLZmmppTnEmJh21MdJ+iuOoePUFE0MQ=
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org