Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/HeoVX7a6QDh_o8tOFcIDpC02Ma4.roa
File: HeoVX7a6QDh_o8tOFcIDpC02Ma4.roa (raw, json)
Hash identifier: 49JzD1RTmqwMdmWaPAeDO3oY0arT1AxBEWTuDUU5CQA=
Subject key identifier: 1D:EA:15:5F:B6:BA:40:38:7F:A3:CB:4E:15:C2:03:A4:2D:36:31:AE
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0CA1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HeoVX7a6QDh_o8tOFcIDpC02Ma4.roa
Signing time: Sun 07 Feb 2021 11:47:13 +0000
ROA not before: Sun 07 Feb 2021 11:47:13 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 223.23.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3233 (0xca1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:47:13 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1DEA155FB6BA40387FA3CB4E15C203A42D3631AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:91:32:fe:ad:5b:e1:55:0d:51:65:b1:b4:5e:
89:91:4f:c5:64:a0:a0:80:7c:4e:17:17:ea:1c:f3:
7b:7c:08:2b:f3:8d:98:1c:3c:8a:18:46:07:fa:7a:
94:e3:98:6f:0e:59:19:b4:67:bc:01:3f:85:0c:a7:
ea:bc:49:b0:12:07:fd:7a:1e:bf:1b:36:b5:d5:46:
37:ed:31:65:83:6a:6f:d9:4c:0a:b1:14:be:d9:cd:
e0:e5:84:65:ed:49:9e:27:44:c9:1b:9d:72:97:0e:
2c:2e:16:f8:ee:68:76:56:24:ff:8c:1e:8b:01:78:
ed:0b:0f:e1:74:0f:ec:c9:7e:85:3b:cf:c6:54:ed:
d5:78:99:f7:d7:5a:cc:05:36:2b:b6:21:97:6a:8a:
f6:ab:39:7a:72:19:f3:73:0e:73:9d:35:cf:15:da:
05:62:80:2d:39:54:c1:25:f3:ea:4b:cd:90:86:31:
fc:ab:53:7d:cf:cc:85:63:b7:3f:54:aa:3c:14:f2:
bb:52:0e:c1:28:dc:12:d7:47:9d:27:ab:e1:21:f5:
a6:ce:ce:45:12:2f:6c:99:00:3f:27:98:a7:6a:3d:
74:d7:d3:9e:fd:57:cd:30:6e:63:d5:af:1a:74:89:
04:ac:9f:9f:f8:48:14:16:46:22:b9:a4:71:d3:67:
10:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EA:15:5F:B6:BA:40:38:7F:A3:CB:4E:15:C2:03:A4:2D:36:31:AE
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/HeoVX7a6QDh_o8tOFcIDpC02Ma4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.23.63.0/24
Signature Algorithm: sha256WithRSAEncryption
60:95:ad:aa:9f:43:cf:f6:8b:f1:3f:31:b0:1d:5c:38:18:68:
7b:e4:b3:94:34:5a:a8:4a:22:dd:f0:5f:6e:43:96:4c:f8:c1:
47:cf:4b:25:76:8e:51:23:ce:02:9f:43:08:23:e0:5b:66:46:
b4:43:23:c4:83:fe:77:cb:50:b3:a8:2e:88:bb:cd:87:a0:2f:
f9:94:3c:a9:c9:94:5a:f0:75:3b:42:d4:c0:c6:d1:5f:d8:f6:
d8:5e:70:ff:08:b2:23:19:68:55:2e:7a:23:f6:7f:97:87:ff:
b9:88:46:c4:7e:06:dc:9c:80:ce:87:f5:01:a4:4f:58:3e:6e:
70:9f:c1:58:87:26:32:dc:5e:d3:22:3f:66:6d:a7:64:55:94:
3c:d2:42:12:79:d2:b0:f8:71:99:d0:5d:95:c2:56:de:78:1e:
89:ae:3a:42:7f:41:5c:ab:aa:da:d8:79:29:f8:05:cf:31:2a:
93:a5:58:6e:be:73:2b:eb:16:eb:cd:fe:e8:82:6f:21:e5:6d:
7d:6d:b6:bb:c4:4a:31:53:49:f5:6b:b9:f0:d0:7e:f8:dc:32:
00:c4:46:09:3a:02:fa:3a:5d:a3:b9:50:27:e6:fe:13:19:69:
53:36:1a:6a:85:f3:9a:73:d9:1f:8e:4a:df:d4:5e:cf:53:ba:
51:4e:69:f3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDKEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTQ3MTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFERUExNTVGQjZCQTQw
Mzg3RkEzQ0I0RTE1QzIwM0E0MkQzNjMxQUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD3kTL+rVvhVQ1RZbG0XomRT8VkoKCAfE4XF+oc83t8CCvzjZgc
PIoYRgf6epTjmG8OWRm0Z7wBP4UMp+q8SbASB/16Hr8bNrXVRjftMWWDam/ZTAqx
FL7ZzeDlhGXtSZ4nRMkbnXKXDiwuFvjuaHZWJP+MHosBeO0LD+F0D+zJfoU7z8ZU
7dV4mffXWswFNiu2IZdqivarOXpyGfNzDnOdNc8V2gVigC05VMEl8+pLzZCGMfyr
U33PzIVjtz9UqjwU8rtSDsEo3BLXR50nq+Eh9abOzkUSL2yZAD8nmKdqPXTX0579
V80wbmPVrxp0iQSsn5/4SBQWRiK5pHHTZxBLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHeoVX7a6QDh/o8tOFcIDpC02Ma4wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSGVvVlg3YTZRRGhfbzh0T0ZjSURw
QzAyTWE0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8XPzAN
BgkqhkiG9w0BAQsFAAOCAQEAYJWtqp9Dz/aL8T8xsB1cOBhoe+SzlDRaqEoi3fBf
bkOWTPjBR89LJXaOUSPOAp9DCCPgW2ZGtEMjxIP+d8tQs6guiLvNh6Av+ZQ8qcmU
WvB1O0LUwMbRX9j22F5w/wiyIxloVS56I/Z/l4f/uYhGxH4G3JyAzof1AaRPWD5u
cJ/BWIcmMtxe0yI/Zm2nZFWUPNJCEnnSsPhxmdBdlcJW3ngeia46Qn9BXKuq2th5
KfgFzzEqk6VYbr5zK+sW683+6IJvIeVtfW22u8RKMVNJ9Wu58NB++NwyAMRGCToC
+jpdo7lQJ+b+ExlpUzYaaoXzmnPZH45K39Rez1O6UU5p8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org