Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Ic_CiL0f1O6OFFj2OX9OsfVEjyc.roa
File: Ic_CiL0f1O6OFFj2OX9OsfVEjyc.roa (raw, json)
Hash identifier: zgoHXVZ78Xq6w6wjvUZjApg166drF8Hl8ljnv5hBp6s=
Subject key identifier: 21:CF:C2:88:BD:1F:D4:EE:8E:14:58:F6:39:7F:4E:B1:F5:44:8F:27
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12EA
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Ic_CiL0f1O6OFFj2OX9OsfVEjyc.roa
Signing time: Fri 01 Sep 2023 08:05:09 +0000
ROA not before: Fri 01 Sep 2023 08:05:09 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 60.244.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4842 (0x12ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:09 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=21CFC288BD1FD4EE8E1458F6397F4EB1F5448F27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:3a:5b:cc:08:5d:56:2d:f2:ac:ec:f9:59:b5:
c9:33:13:03:98:dd:28:0d:4b:c3:0f:7d:78:65:dd:
8e:14:2e:55:a7:e4:3a:78:e3:fe:8a:0e:f1:11:99:
dc:a1:ed:04:c3:6b:a3:f1:c7:ae:58:03:f6:88:30:
8a:ff:fb:e7:f5:b3:eb:be:18:82:42:df:24:52:dd:
2f:82:7c:56:81:3c:92:4b:de:d2:8a:15:ed:38:69:
78:4b:88:7f:09:e4:93:fe:dc:2e:33:6e:ed:0d:a7:
da:9c:df:78:15:9e:58:77:cd:b0:28:a2:75:31:4b:
63:ff:78:3b:42:a4:c2:3e:6f:d8:7c:a4:7e:72:cd:
85:62:ee:c2:f4:7c:bc:6a:95:3c:24:ac:4b:b5:30:
56:6c:7a:7b:9c:5e:ce:aa:f8:77:2d:a7:ff:5d:e7:
ba:d5:83:0d:97:3c:3c:7a:f6:03:61:0a:2f:68:92:
4e:14:0a:35:8c:e2:08:95:4a:45:39:04:2c:09:d1:
c9:dd:93:d4:87:be:4e:02:58:ad:5b:eb:8c:34:cf:
d2:ce:0e:d7:00:9a:ac:b5:82:e3:23:ae:8b:e6:60:
da:64:f9:c6:eb:48:21:cb:dd:36:87:62:5b:01:cd:
90:c9:f0:55:66:d1:13:2e:4f:af:a7:2d:85:ea:08:
74:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CF:C2:88:BD:1F:D4:EE:8E:14:58:F6:39:7F:4E:B1:F5:44:8F:27
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Ic_CiL0f1O6OFFj2OX9OsfVEjyc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.128.0/17
Signature Algorithm: sha256WithRSAEncryption
7e:a0:ad:7a:82:98:d3:f3:bb:6c:41:11:0e:cf:9a:9b:66:09:
e0:15:00:c1:56:6d:d9:f2:dd:c5:7d:a8:da:82:53:db:c2:8b:
e4:05:ec:8c:46:86:bf:76:95:d6:10:6d:48:23:14:6b:6f:52:
89:1f:d7:87:7e:13:aa:30:f5:df:7d:a2:f7:97:f9:8d:38:ee:
5d:48:81:3f:af:f3:b1:af:ff:d1:97:60:3f:8a:da:6b:4a:58:
e3:e2:b6:22:90:6e:90:51:a1:36:08:a6:41:8a:78:95:22:76:
8f:84:a7:6d:7e:93:ab:2c:69:e8:05:9a:b8:8c:5e:9f:8e:3c:
3c:31:7a:e2:bd:43:6d:8b:1e:c5:cd:10:c3:40:c2:c7:ae:65:
32:65:89:cd:23:71:24:ac:66:50:72:e8:d5:bb:18:7a:b9:ff:
b3:af:d3:27:a1:7a:59:38:7d:3a:31:f6:ba:30:75:6d:bd:5a:
0f:7c:22:51:25:f8:29:6a:2b:10:0a:a6:c1:38:0d:2b:de:94:
70:25:33:61:16:f4:8b:23:23:33:6b:a8:cd:7e:19:b0:8c:ac:
c2:94:6e:53:3c:b8:ef:ca:a8:d0:88:da:70:4d:32:7f:82:9d:
1a:78:4f:06:d6:f7:07:40:aa:f1:a6:20:44:10:d5:d3:8a:61:
02:a5:30:9e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEuowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIxQ0ZDMjg4QkQxRkQ0
RUU4RTE0NThGNjM5N0Y0RUIxRjU0NDhGMjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaOlvMCF1WLfKs7PlZtckzEwOY3SgNS8MPfXhl3Y4ULlWn5Dp4
4/6KDvERmdyh7QTDa6Pxx65YA/aIMIr/++f1s+u+GIJC3yRS3S+CfFaBPJJL3tKK
Fe04aXhLiH8J5JP+3C4zbu0Np9qc33gVnlh3zbAoonUxS2P/eDtCpMI+b9h8pH5y
zYVi7sL0fLxqlTwkrEu1MFZsenucXs6q+Hctp/9d57rVgw2XPDx69gNhCi9okk4U
CjWM4giVSkU5BCwJ0cndk9SHvk4CWK1b64w0z9LODtcAmqy1guMjrovmYNpk+cbr
SCHL3TaHYlsBzZDJ8FVm0RMuT6+nLYXqCHRjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUIc/CiL0f1O6OFFj2OX9OsfVEjycwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSWNfQ2lMMGYxTzZPRkZqMk9YOU9z
ZlZFanljLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzz0gDAN
BgkqhkiG9w0BAQsFAAOCAQEAfqCteoKY0/O7bEERDs+am2YJ4BUAwVZt2fLdxX2o
2oJT28KL5AXsjEaGv3aV1hBtSCMUa29SiR/Xh34TqjD1332i95f5jTjuXUiBP6/z
sa//0ZdgP4raa0pY4+K2IpBukFGhNgimQYp4lSJ2j4SnbX6Tqyxp6AWauIxen448
PDF64r1DbYsexc0Qw0DCx65lMmWJzSNxJKxmUHLo1bsYern/s6/TJ6F6WTh9OjH2
ujB1bb1aD3wiUSX4KWorEAqmwTgNK96UcCUzYRb0iyMjM2uozX4ZsIyswpRuUzy4
78qo0IjacE0yf4KdGnhPBtb3B0Cq8aYgRBDV04phAqUwng==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org