Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/KAL2Jr0NXUIH6TsQLltot_JIFuY.roa
File: KAL2Jr0NXUIH6TsQLltot_JIFuY.roa (raw, json)
Hash identifier: VzNDg5MJrrHraVbxt8w3e2q6Q8y9TIaVgjvPzQQTmmU=
Subject key identifier: 28:02:F6:26:BD:0D:5D:42:07:E9:3B:10:2E:5B:68:B7:F2:48:16:E6
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1259
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/KAL2Jr0NXUIH6TsQLltot_JIFuY.roa
Signing time: Fri 01 Sep 2023 08:04:21 +0000
ROA not before: Fri 01 Sep 2023 08:04:21 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 210.203.0.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4697 (0x1259)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:21 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2802F626BD0D5D4207E93B102E5B68B7F24816E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:58:14:82:a4:07:12:21:89:d4:0a:28:c8:82:
dc:1e:24:e7:0d:f3:fd:08:ae:99:65:f8:24:4e:5e:
f2:5d:26:8f:0c:db:2a:1b:fe:47:85:e5:0d:38:cb:
d1:c0:c3:54:91:d1:9e:1b:40:86:3d:21:e2:12:11:
04:d6:0e:ad:75:4c:72:72:ad:1a:10:f3:c8:aa:4b:
97:1e:33:7a:6c:36:b9:07:c7:b6:09:97:45:bc:77:
ca:e3:f5:ab:01:73:8f:5d:97:6b:34:86:c4:0a:7e:
38:1e:e5:a1:51:b6:4f:21:c8:fc:ed:b4:e1:50:93:
63:f9:7b:27:be:92:08:8d:18:1a:46:9a:02:40:5b:
39:95:03:02:2f:06:c7:b4:c5:cb:01:7a:bd:8e:d8:
d3:c5:30:a0:8e:95:b9:ae:af:9f:9c:3e:7f:3a:20:
8f:a1:d4:12:d9:89:2a:00:91:4c:d5:b6:20:d7:9c:
2d:00:5b:8d:d0:9e:ae:4b:09:62:1a:76:b7:e0:6a:
76:36:4b:cc:3b:66:e8:a6:e3:37:b0:c0:3e:1b:b3:
8c:d8:26:85:13:6e:f9:73:41:cc:33:a1:71:52:69:
1a:0e:77:09:41:c6:ef:8c:01:24:d2:87:0b:77:77:
c7:de:d8:46:28:de:b7:c7:ec:6c:a2:1b:7a:df:84:
37:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:02:F6:26:BD:0D:5D:42:07:E9:3B:10:2E:5B:68:B7:F2:48:16:E6
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/KAL2Jr0NXUIH6TsQLltot_JIFuY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:8c:6c:46:2b:e2:b6:a8:12:a0:95:9b:af:8e:f3:a0:60:f7:
35:cc:ea:c8:07:07:30:57:9b:42:4b:4f:40:4d:dd:45:40:c5:
de:69:95:6c:e7:ba:54:d0:e2:b4:dd:35:35:3a:1c:57:e6:86:
06:9d:a1:e7:5a:c5:83:7e:b8:d1:f6:3b:37:64:93:6c:36:11:
60:ba:f3:3a:24:79:5f:0f:f9:e3:fd:3d:10:f3:9e:d3:01:4e:
3b:14:d5:ae:f3:b0:63:a3:71:1e:49:cb:ff:ed:f5:b7:3c:37:
03:dc:82:4a:5f:b3:e5:b8:18:7b:8b:ad:45:39:5a:c9:d7:47:
de:dd:30:4b:c9:74:f5:a5:5e:80:03:74:a7:0d:6c:c2:df:56:
06:da:ef:80:03:48:d3:3e:ea:f5:1d:4b:56:b9:0a:2d:59:81:
9f:51:b0:bc:a9:71:b5:32:0f:53:b9:62:e4:69:e7:8e:76:91:
1e:4b:4c:1e:68:82:80:1a:8b:7d:ae:e9:9a:34:ab:02:b1:11:
1b:f5:43:bb:21:a2:5d:4e:4e:b3:47:56:ca:85:24:aa:4e:4e:
1d:5c:98:10:c4:14:5d:2b:59:b1:fa:fa:01:f5:ea:6c:b9:63:
3a:3f:f7:6a:1c:e4:60:62:27:86:12:b3:b7:1e:4f:34:17:f3:
38:8a:16:2c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICElkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI4MDJGNjI2QkQwRDVE
NDIwN0U5M0IxMDJFNUI2OEI3RjI0ODE2RTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgWBSCpAcSIYnUCijIgtweJOcN8/0Irpll+CROXvJdJo8M2yob
/keF5Q04y9HAw1SR0Z4bQIY9IeISEQTWDq11THJyrRoQ88iqS5ceM3psNrkHx7YJ
l0W8d8rj9asBc49dl2s0hsQKfjge5aFRtk8hyPzttOFQk2P5eye+kgiNGBpGmgJA
WzmVAwIvBse0xcsBer2O2NPFMKCOlbmur5+cPn86II+h1BLZiSoAkUzVtiDXnC0A
W43Qnq5LCWIadrfganY2S8w7Zuim4zewwD4bs4zYJoUTbvlzQcwzoXFSaRoOdwlB
xu+MASTShwt3d8fe2EYo3rfH7GyiG3rfhDcBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKAL2Jr0NXUIH6TsQLltot/JIFuYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvS0FMMkpyME5YVUlINlRzUUxsdG90
X0pJRnVZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANLLADAN
BgkqhkiG9w0BAQsFAAOCAQEAvYxsRivitqgSoJWbr47zoGD3NczqyAcHMFebQktP
QE3dRUDF3mmVbOe6VNDitN01NTocV+aGBp2h51rFg3640fY7N2STbDYRYLrzOiR5
Xw/54/09EPOe0wFOOxTVrvOwY6NxHknL/+31tzw3A9yCSl+z5bgYe4utRTlayddH
3t0wS8l09aVegAN0pw1swt9WBtrvgANI0z7q9R1LVrkKLVmBn1GwvKlxtTIPU7li
5GnnjnaRHktMHmiCgBqLfa7pmjSrArERG/VDuyGiXU5Os0dWyoUkqk5OHVyYEMQU
XStZsfr6AfXqbLljOj/3ahzkYGInhhKztx5PNBfzOIoWLA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org