Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/JxLyeVWPw-9eIpYcqQKtdiNRDJA.roa
File: JxLyeVWPw-9eIpYcqQKtdiNRDJA.roa (raw, json)
Hash identifier: s6Eukxe5fhZZIx46ANxFcnOuvutycnzJRatW1lcoIdY=
Subject key identifier: 27:12:F2:79:55:8F:C3:EF:5E:22:96:1C:A9:02:AD:76:23:51:0C:90
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12DD
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/JxLyeVWPw-9eIpYcqQKtdiNRDJA.roa
Signing time: Fri 01 Sep 2023 08:05:05 +0000
ROA not before: Fri 01 Sep 2023 08:05:05 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131142
IP address blocks: 210.200.64.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4829 (0x12dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:05 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2712F279558FC3EF5E22961CA902AD7623510C90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:51:4e:46:69:05:b8:81:ac:4b:18:31:34:15:
88:08:41:74:8e:eb:38:01:16:73:40:63:8c:5e:6d:
5e:71:e5:bd:c2:0b:f2:83:9f:7c:dc:7e:73:2c:37:
97:3e:fd:e3:44:dc:4d:de:15:19:9c:cd:0f:a9:5f:
fe:53:db:13:a4:9d:8f:93:85:9f:55:13:38:1c:45:
51:6c:8f:45:db:e7:79:9d:3a:cb:27:33:bc:ae:9d:
8c:c7:09:6b:bd:e4:77:56:c3:b2:23:b7:cd:d0:16:
29:84:98:de:49:d6:27:84:22:74:2e:04:f0:94:de:
37:5c:0e:9b:1a:5f:56:da:3a:1c:44:42:72:18:7a:
3f:fd:23:30:09:e1:a0:9d:f3:69:33:e0:0f:bb:2a:
24:d7:4e:61:f9:0c:62:a9:fe:5c:92:bf:1d:9b:b7:
d0:b3:d1:dc:d5:57:f4:6c:42:53:ab:65:de:04:7b:
b7:52:2b:39:90:1d:19:3b:8c:96:d5:29:dc:0c:85:
97:48:42:78:84:77:ff:20:07:e1:2a:b0:97:fb:88:
b2:07:5a:a0:9f:13:ee:65:2c:0c:20:98:cf:9f:25:
3a:7c:f6:ea:03:90:0c:d8:f9:09:a6:e4:e3:cd:c0:
f9:e8:77:a3:e7:ab:76:23:34:c9:00:db:ae:ef:75:
9f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:12:F2:79:55:8F:C3:EF:5E:22:96:1C:A9:02:AD:76:23:51:0C:90
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/JxLyeVWPw-9eIpYcqQKtdiNRDJA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.64.0/20
Signature Algorithm: sha256WithRSAEncryption
53:71:b6:0e:00:cc:89:d2:c9:18:e0:75:ab:32:d7:10:2e:5f:
ea:a3:f3:54:f5:d3:52:2e:bb:30:dc:de:89:f2:59:e4:09:70:
64:15:10:1d:5e:e3:6d:e3:20:d1:6f:b7:74:7d:c7:38:73:60:
06:ca:d7:7a:12:e9:44:5d:4f:5b:12:49:02:f7:0e:91:9c:f5:
ad:6e:40:83:3a:52:f2:33:93:b4:68:db:e1:0f:35:30:72:41:
02:f6:d0:ee:03:af:64:ae:42:e1:4b:2d:94:a9:93:23:00:9d:
d4:d6:8f:5e:03:59:99:5d:72:6f:34:73:e4:58:44:c4:48:22:
c0:04:92:3f:0c:b9:23:a7:86:5a:c2:9d:51:c9:39:94:d8:1e:
8f:7d:41:3f:ec:37:d4:a4:f2:2d:a1:33:40:5e:12:6e:de:3a:
34:00:3e:ba:e4:eb:5d:54:a4:c5:b8:42:bf:02:d0:78:d6:bb:
70:d1:7c:d1:ef:17:ce:e9:73:15:02:87:ee:a2:19:ad:39:8c:
e1:75:30:a9:6a:4d:d9:06:b5:0c:09:9d:6f:69:f7:06:d8:3b:
df:a7:a0:7d:52:a0:b1:45:53:40:95:f2:5d:5f:e8:45:a1:b4:
32:5e:08:b1:ec:b3:dd:88:b9:e1:f9:f4:07:9d:f6:c5:49:98:
35:57:91:f4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEt0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI3MTJGMjc5NTU4RkMz
RUY1RTIyOTYxQ0E5MDJBRDc2MjM1MTBDOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxUU5GaQW4gaxLGDE0FYgIQXSO6zgBFnNAY4xebV5x5b3CC/KD
n3zcfnMsN5c+/eNE3E3eFRmczQ+pX/5T2xOknY+ThZ9VEzgcRVFsj0Xb53mdOssn
M7yunYzHCWu95HdWw7Ijt83QFimEmN5J1ieEInQuBPCU3jdcDpsaX1baOhxEQnIY
ej/9IzAJ4aCd82kz4A+7KiTXTmH5DGKp/lySvx2bt9Cz0dzVV/RsQlOrZd4Ee7dS
KzmQHRk7jJbVKdwMhZdIQniEd/8gB+EqsJf7iLIHWqCfE+5lLAwgmM+fJTp89uoD
kAzY+Qmm5OPNwPnod6Pnq3YjNMkA267vdZ8RAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUJxLyeVWPw+9eIpYcqQKtdiNRDJAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvSnhMeWVWV1B3LTllSXBZY3FRS3Rk
aU5SREpBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLIQDAN
BgkqhkiG9w0BAQsFAAOCAQEAU3G2DgDMidLJGOB1qzLXEC5f6qPzVPXTUi67MNze
ifJZ5AlwZBUQHV7jbeMg0W+3dH3HOHNgBsrXehLpRF1PWxJJAvcOkZz1rW5AgzpS
8jOTtGjb4Q81MHJBAvbQ7gOvZK5C4UstlKmTIwCd1NaPXgNZmV1ybzRz5FhExEgi
wASSPwy5I6eGWsKdUck5lNgej31BP+w31KTyLaEzQF4Sbt46NAA+uuTrXVSkxbhC
vwLQeNa7cNF80e8XzulzFQKH7qIZrTmM4XUwqWpN2Qa1DAmdb2n3Btg736egfVKg
sUVTQJXyXV/oRaG0Ml4Iseyz3Yi54fn0B532xUmYNVeR9A==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org