Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Ksf9g9XxSh7QDbjkyBVz36DI_XE.roa
File: Ksf9g9XxSh7QDbjkyBVz36DI_XE.roa (raw, json)
Hash identifier: VmqXD0nAec47yOKtoGUuw/wfvB/aUTzpVfUewpl11uE=
Subject key identifier: 2A:C7:FD:83:D5:F1:4A:1E:D0:0D:B8:E4:C8:15:73:DF:A0:C8:FD:71
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12D7
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Ksf9g9XxSh7QDbjkyBVz36DI_XE.roa
Signing time: Fri 01 Sep 2023 08:05:04 +0000
ROA not before: Fri 01 Sep 2023 08:05:04 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9922
IP address blocks: 124.218.64.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4823 (0x12d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:04 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2AC7FD83D5F14A1ED00DB8E4C81573DFA0C8FD71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:22:46:89:f9:46:b1:52:15:8f:51:e4:0f:44:
c8:67:e3:0e:32:c7:d6:50:68:88:e9:cc:ca:af:f6:
52:e8:41:54:9c:1a:65:d0:6b:ce:19:c0:ca:1c:0f:
39:ac:34:00:92:af:ac:de:5c:c8:cb:47:e7:4e:bc:
50:a0:ea:4c:12:2d:c2:05:e5:e6:8b:db:7b:81:1f:
44:4d:88:40:d3:fd:d9:1f:9e:e6:b9:fb:31:5a:35:
dd:54:0b:be:89:f4:08:4e:e4:06:c2:dc:c1:e3:48:
25:7b:76:f0:26:b3:72:96:6e:64:f0:59:67:93:1c:
3e:96:30:c7:20:bf:90:ea:7d:57:9b:47:7a:89:4d:
4e:c4:fe:d8:e4:06:04:0e:f9:88:40:f9:24:dd:3b:
9e:1c:a3:10:b7:b6:b5:82:f6:34:08:94:66:42:56:
a5:ce:e5:f5:d6:5b:30:c3:7b:c0:83:ab:fa:a2:b4:
3c:59:77:a0:a8:75:58:2b:f4:4b:4a:5d:5f:df:74:
36:ee:7d:03:25:3b:e0:fd:21:05:9b:f5:62:6c:98:
75:70:14:28:ca:e8:33:3d:4a:25:8c:05:1d:89:b7:
30:e4:f2:1b:61:ac:b5:ef:13:4a:c8:ca:00:80:d3:
61:7d:62:dd:36:1a:0c:57:07:9a:65:63:d8:41:ad:
f8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:C7:FD:83:D5:F1:4A:1E:D0:0D:B8:E4:C8:15:73:DF:A0:C8:FD:71
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Ksf9g9XxSh7QDbjkyBVz36DI_XE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.64.0/22
Signature Algorithm: sha256WithRSAEncryption
39:dc:8d:9e:0d:9a:a6:7e:c0:24:f8:ab:8d:26:22:81:dc:e1:
b6:3b:a2:85:4b:c8:22:dd:71:b8:36:2f:80:c5:15:50:0c:f8:
80:40:22:80:79:ad:3d:f3:34:9b:98:19:65:b8:cc:3c:79:80:
40:00:3e:f1:e2:e8:77:9e:50:3f:35:f2:d5:ce:99:38:2c:a8:
89:dc:2b:94:0f:fa:ce:18:52:a9:79:45:a0:16:cc:a5:74:cc:
ee:df:cf:15:b7:bb:ee:ad:51:45:22:85:af:ca:15:b2:07:d2:
b8:a8:30:61:0b:cd:fe:07:74:48:b0:70:64:3f:a7:27:e3:6d:
07:9e:57:e9:12:a0:36:d2:0f:0f:16:1b:a8:59:44:09:51:af:
d4:eb:2d:ee:12:a3:35:e7:bd:28:d4:9e:b4:75:20:a9:22:e7:
90:cd:ee:09:48:c4:92:54:5d:a6:fd:41:1c:99:39:aa:8b:b5:
04:48:7d:26:b8:f9:9c:68:cd:61:83:c4:3d:f4:69:10:ad:38:
6c:b2:ea:b5:5a:d5:0b:2a:bf:d5:7c:7c:b6:39:91:a7:b7:5b:
23:13:06:cd:3f:9c:a2:71:12:ea:14:07:79:86:f0:2e:be:ed:
04:b6:80:b1:55:00:0a:0c:22:51:e2:04:1f:4a:a3:d1:55:be:
e9:c5:6e:d0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEtcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJBQzdGRDgzRDVGMTRB
MUVEMDBEQjhFNEM4MTU3M0RGQTBDOEZENzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1IkaJ+UaxUhWPUeQPRMhn4w4yx9ZQaIjpzMqv9lLoQVScGmXQ
a84ZwMocDzmsNACSr6zeXMjLR+dOvFCg6kwSLcIF5eaL23uBH0RNiEDT/dkfnua5
+zFaNd1UC76J9AhO5AbC3MHjSCV7dvAms3KWbmTwWWeTHD6WMMcgv5DqfVebR3qJ
TU7E/tjkBgQO+YhA+STdO54coxC3trWC9jQIlGZCVqXO5fXWWzDDe8CDq/qitDxZ
d6CodVgr9EtKXV/fdDbufQMlO+D9IQWb9WJsmHVwFCjK6DM9SiWMBR2JtzDk8hth
rLXvE0rIygCA02F9Yt02GgxXB5plY9hBrfjFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKsf9g9XxSh7QDbjkyBVz36DI/XEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvS3NmOWc5WHhTaDdRRGJqa3lCVnoz
NkRJX1hFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnzaQDAN
BgkqhkiG9w0BAQsFAAOCAQEAOdyNng2apn7AJPirjSYigdzhtjuihUvIIt1xuDYv
gMUVUAz4gEAigHmtPfM0m5gZZbjMPHmAQAA+8eLod55QPzXy1c6ZOCyoidwrlA/6
zhhSqXlFoBbMpXTM7t/PFbe77q1RRSKFr8oVsgfSuKgwYQvN/gd0SLBwZD+nJ+Nt
B55X6RKgNtIPDxYbqFlECVGv1Ost7hKjNee9KNSetHUgqSLnkM3uCUjEklRdpv1B
HJk5qou1BEh9Jrj5nGjNYYPEPfRpEK04bLLqtVrVCyq/1Xx8tjmRp7dbIxMGzT+c
onES6hQHeYbwLr7tBLaAsVUACgwiUeIEH0qj0VW+6cVu0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org