Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/GxazThd5mxrWW0PVazZ37SYEXkw.roa
File: GxazThd5mxrWW0PVazZ37SYEXkw.roa (raw, json)
Hash identifier: EbgbmSjzwS3GNbaXO2KNL4uOJq7OMbTSZzWKDqa6TlE=
Subject key identifier: 1B:16:B3:4E:17:79:9B:1A:D6:5B:43:D5:6B:36:77:ED:26:04:5E:4C
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1319
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/GxazThd5mxrWW0PVazZ37SYEXkw.roa
Signing time: Fri 01 Sep 2023 08:05:22 +0000
ROA not before: Fri 01 Sep 2023 08:05:22 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 2404:0:1000::/40 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4889 (0x1319)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:22 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1B16B34E17799B1AD65B43D56B3677ED26045E4C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:be:57:2a:a7:0e:ae:20:fe:d9:15:8e:23:76:
30:08:40:b4:44:16:2e:72:a2:f4:2a:e8:b6:8c:85:
80:98:9a:72:a6:a3:29:24:85:09:cc:90:69:8c:bf:
7b:1f:f2:8d:d2:49:d0:f9:57:4f:14:58:ce:08:75:
54:92:2a:a3:fa:4e:fd:e5:ea:b3:b4:ce:b3:4e:b7:
4f:6d:de:d8:6c:5c:60:4a:a2:19:7b:5d:71:f1:06:
5e:d0:5f:be:cd:dd:05:58:e0:0e:29:de:5f:9f:c0:
00:0c:76:49:f2:cf:db:6d:a6:b3:63:1c:aa:67:ab:
62:a9:ab:33:56:f1:24:39:77:8d:4e:7d:40:6c:e4:
58:88:91:53:db:6b:05:3e:7b:b2:bb:7d:16:cc:01:
22:6d:ef:8f:cb:af:a4:c2:49:7c:1a:e9:50:24:a3:
fa:55:b9:81:02:44:85:e2:9b:99:9d:91:aa:65:17:
89:5e:0a:e9:b3:45:23:e6:44:f7:2f:ae:26:4b:f1:
ab:86:9a:4a:65:6f:55:28:a7:32:ff:0c:2d:0d:d6:
5d:68:36:b2:c8:39:bd:a8:eb:01:7f:b5:74:89:1b:
d5:4b:31:0b:70:5c:16:46:63:75:44:b6:57:c5:e0:
e1:04:b5:19:10:5f:c0:20:c3:6d:4c:e1:27:f4:6c:
03:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:16:B3:4E:17:79:9B:1A:D6:5B:43:D5:6B:36:77:ED:26:04:5E:4C
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/GxazThd5mxrWW0PVazZ37SYEXkw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:0:1000::/40
Signature Algorithm: sha256WithRSAEncryption
57:be:2a:c1:02:2d:fb:74:d5:4e:c3:1f:b6:da:9b:9b:75:8b:
93:d0:ba:04:02:9f:81:31:1a:30:25:0a:7a:ac:cf:18:00:98:
7e:e3:bd:d2:53:b1:fe:8b:03:b9:16:84:ba:9e:88:56:ba:08:
55:d4:0d:a4:cb:53:9e:2f:83:2a:4c:cc:00:dc:1c:96:d3:91:
8e:f4:c9:f4:ed:cd:4d:66:08:f2:f3:b8:4d:97:53:e5:9a:44:
31:e4:51:5d:26:d9:c8:3d:c0:8c:bd:7f:f8:ce:42:d1:2a:f4:
0a:cd:fd:47:c5:35:20:42:86:6e:34:b5:4e:7d:28:c3:2b:88:
9a:54:05:60:15:b6:77:a9:30:4c:97:ab:96:be:36:9c:cb:a9:
83:b6:82:e5:7d:76:8a:bb:80:99:05:36:76:3b:29:1d:cd:be:
45:29:15:1a:98:84:e7:00:27:d8:c0:ee:e4:8f:d7:90:5c:26:
f5:37:79:44:7c:15:5c:eb:b5:12:8b:07:c8:d7:68:21:01:3e:
a7:56:84:c2:7a:61:fe:ed:08:17:1b:83:fb:e0:35:d9:ec:74:
16:93:68:0c:75:5a:ec:a4:c3:0f:b8:d8:85:eb:51:14:61:d0:
6e:6b:b3:46:ed:cd:2a:52:59:a8:8b:ec:c3:19:35:2b:48:fe:
83:0b:78:be
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICExkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFCMTZCMzRFMTc3OTlC
MUFENjVCNDNENTZCMzY3N0VEMjYwNDVFNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFvlcqpw6uIP7ZFY4jdjAIQLREFi5yovQq6LaMhYCYmnKmoykk
hQnMkGmMv3sf8o3SSdD5V08UWM4IdVSSKqP6Tv3l6rO0zrNOt09t3thsXGBKohl7
XXHxBl7QX77N3QVY4A4p3l+fwAAMdknyz9ttprNjHKpnq2KpqzNW8SQ5d41OfUBs
5FiIkVPbawU+e7K7fRbMASJt74/Lr6TCSXwa6VAko/pVuYECRIXim5mdkaplF4le
CumzRSPmRPcvriZL8auGmkplb1UopzL/DC0N1l1oNrLIOb2o6wF/tXSJG9VLMQtw
XBZGY3VEtlfF4OEEtRkQX8Agw21M4Sf0bAMBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUGxazThd5mxrWW0PVazZ37SYEXkwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvR3hhelRoZDVteHJXVzBQVmF6WjM3
U1lFWGt3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACQEAAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBXvirBAi37dNVOwx+22pubdYuT0LoEAp+BMRow
JQp6rM8YAJh+473SU7H+iwO5FoS6nohWughV1A2ky1OeL4MqTMwA3ByW05GO9Mn0
7c1NZgjy87hNl1PlmkQx5FFdJtnIPcCMvX/4zkLRKvQKzf1HxTUgQoZuNLVOfSjD
K4iaVAVgFbZ3qTBMl6uWvjacy6mDtoLlfXaKu4CZBTZ2Oykdzb5FKRUamITnACfY
wO7kj9eQXCb1N3lEfBVc67USiwfI12ghAT6nVoTCemH+7QgXG4P74DXZ7HQWk2gM
dVrspMMPuNiF61EUYdBua7NG7c0qUlmoi+zDGTUrSP6DC3i+
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org