Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Hxz6XC4ZUxZCTK7iLNG08pnr7Vo.roa
File: Hxz6XC4ZUxZCTK7iLNG08pnr7Vo.roa (raw, json)
Hash identifier: 5VCxJTXjC7k6VgOCs0X6+wWs2ylR1n+VeR5zEXThlR0=
Subject key identifier: 1F:1C:FA:5C:2E:19:53:16:42:4C:AE:E2:2C:D1:B4:F2:99:EB:ED:5A
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 08FA
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Hxz6XC4ZUxZCTK7iLNG08pnr7Vo.roa
Signing time: Tue 29 Sep 2020 10:01:18 +0000
ROA not before: Tue 29 Sep 2020 10:01:18 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 210.58.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2298 (0x8fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:18 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1F1CFA5C2E195316424CAEE22CD1B4F299EBED5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ed:d0:c5:19:9e:c8:68:1d:c0:50:b4:a4:b9:
6d:e0:1f:e9:e3:5d:84:76:97:93:b2:c1:65:58:db:
81:67:c3:a5:77:23:5b:06:d5:a0:3e:93:1c:05:6d:
f5:87:eb:89:b1:67:b5:4c:67:c6:c0:b8:27:9f:d1:
a1:42:4e:21:05:80:69:6a:bf:85:3b:85:4d:c7:d0:
43:60:cc:4a:c4:d7:7a:94:83:27:68:0a:d1:18:8f:
d5:9a:7a:9f:d3:dc:1b:03:fb:58:10:7d:ea:f2:cf:
51:a5:51:a9:02:1c:9f:0c:85:fe:7d:af:46:fd:85:
1d:75:6e:3a:0d:37:3d:1a:57:81:5f:33:39:62:6e:
e0:b5:98:75:f2:df:4a:3c:4b:97:5b:1a:94:74:28:
3f:18:e8:d7:76:e0:ff:76:85:3f:29:e6:47:9f:c8:
af:b9:ba:e1:2e:a3:5e:30:42:d9:83:4e:3c:02:3a:
f1:4c:59:b8:85:4e:b2:e8:73:92:87:ba:5e:2c:8d:
65:9c:c2:5f:f2:7e:0f:34:f6:9d:6a:2c:cd:a5:87:
d8:28:a5:fd:63:a2:a9:2b:c1:67:09:9f:01:21:48:
be:26:63:13:22:07:1d:88:68:ca:81:7a:c8:87:81:
55:86:f9:48:2b:b8:34:d8:81:7c:15:c7:07:9d:85:
3c:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:1C:FA:5C:2E:19:53:16:42:4C:AE:E2:2C:D1:B4:F2:99:EB:ED:5A
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Hxz6XC4ZUxZCTK7iLNG08pnr7Vo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.88.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:84:f1:f0:27:80:82:07:93:90:2b:dd:1f:55:6b:e2:6e:67:
76:4d:c5:93:aa:57:09:6e:27:93:9b:5b:f2:ba:f4:c8:06:d0:
f2:22:f3:ed:4c:10:52:7a:62:97:08:ed:c4:db:92:35:d7:1b:
f1:4a:54:2b:24:fa:5e:ac:17:2e:d5:ca:b6:40:e5:f3:86:d6:
15:85:7f:7a:2a:c0:b4:f9:47:e3:ad:cb:47:73:e6:e7:8a:3c:
de:80:07:6e:37:b5:9c:e3:fb:78:21:ae:38:07:6f:58:55:99:
a7:65:df:3f:36:2a:d1:b5:e0:fd:29:18:fc:6a:b6:96:f3:29:
f5:9b:01:79:59:19:0d:5c:17:09:99:a0:32:9c:c3:06:80:7b:
20:85:f6:73:ca:ca:f7:77:d7:6d:7b:5c:24:c3:d1:49:40:52:
6a:53:5a:80:4d:32:4c:df:ee:8d:61:87:c9:08:02:c9:a6:f2:
8d:96:8d:91:77:2e:07:6f:4e:f7:28:66:cc:13:a6:5c:44:76:
24:a3:88:26:0a:2d:c3:83:99:8a:97:a7:44:6a:0c:52:49:c9:
aa:a7:1e:e8:ea:e6:c3:b2:98:6a:c0:87:07:cc:22:e8:a6:6d:
da:e5:49:51:0b:4f:de:55:3c:81:4d:7e:15:b3:17:2d:cd:c7:
47:bb:9c:ab
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCPowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMThaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDFGMUNGQTVDMkUxOTUz
MTY0MjRDQUVFMjJDRDFCNEYyOTlFQkVENUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx7dDFGZ7IaB3AULSkuW3gH+njXYR2l5OywWVY24Fnw6V3I1sG
1aA+kxwFbfWH64mxZ7VMZ8bAuCef0aFCTiEFgGlqv4U7hU3H0ENgzErE13qUgydo
CtEYj9Waep/T3BsD+1gQferyz1GlUakCHJ8Mhf59r0b9hR11bjoNNz0aV4FfMzli
buC1mHXy30o8S5dbGpR0KD8Y6Nd24P92hT8p5kefyK+5uuEuo14wQtmDTjwCOvFM
WbiFTrLoc5KHul4sjWWcwl/yfg809p1qLM2lh9gopf1joqkrwWcJnwEhSL4mYxMi
Bx2IaMqBesiHgVWG+UgruDTYgXwVxwedhTzTAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUHxz6XC4ZUxZCTK7iLNG08pnr7VowHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSHh6NlhDNFpVeFpDVEs3aUxORzA4
cG5yN1ZvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6WDAN
BgkqhkiG9w0BAQsFAAOCAQEAP4Tx8CeAggeTkCvdH1Vr4m5ndk3Fk6pXCW4nk5tb
8rr0yAbQ8iLz7UwQUnpilwjtxNuSNdcb8UpUKyT6XqwXLtXKtkDl84bWFYV/eirA
tPlH463LR3Pm54o83oAHbje1nOP7eCGuOAdvWFWZp2XfPzYq0bXg/SkY/Gq2lvMp
9ZsBeVkZDVwXCZmgMpzDBoB7IIX2c8rK93fXbXtcJMPRSUBSalNagE0yTN/ujWGH
yQgCyabyjZaNkXcuB29O9yhmzBOmXER2JKOIJgotw4OZipenRGoMUknJqqce6Orm
w7KYasCHB8wi6KZt2uVJUQtP3lU8gU1+FbMXLc3HR7ucqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org