Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/L4wDzL3qqB5a118IiBHMKsya14A.roa
File: L4wDzL3qqB5a118IiBHMKsya14A.roa (raw, json)
Hash identifier: PJ3/aKn/RWPe8314qQ1bxu1wvmG/DMlIwS9y3zquK3A=
Subject key identifier: 2F:8C:03:CC:BD:EA:A8:1E:5A:D7:5F:08:88:11:CC:2A:CC:9A:D7:80
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12BC
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/L4wDzL3qqB5a118IiBHMKsya14A.roa
Signing time: Fri 01 Sep 2023 08:04:55 +0000
ROA not before: Fri 01 Sep 2023 08:04:55 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131597
IP address blocks: 218.35.32.0/19 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4796 (0x12bc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:55 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2F8C03CCBDEAA81E5AD75F088811CC2ACC9AD780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:88:b8:6c:87:ae:b4:79:d9:ca:b1:3e:7f:81:
3c:7f:4a:08:36:68:64:7f:3b:59:17:53:85:40:ca:
dc:d8:0d:c3:2d:78:e5:13:d2:26:83:2b:ad:f7:f4:
47:94:c4:e0:36:cd:56:54:34:43:f5:96:ee:ea:bd:
c4:71:e8:5b:d0:eb:f9:66:8a:a3:6c:77:24:22:dc:
b7:32:31:53:97:19:9f:82:b0:70:ed:24:0a:2e:48:
c9:90:12:b3:bc:d9:bd:dd:1e:82:c1:d5:aa:aa:a5:
c2:1e:3a:a8:32:47:54:60:4d:54:54:5f:3b:4f:e6:
83:5c:da:e4:f6:ba:c0:65:0c:09:1b:dd:c9:0a:13:
96:f4:48:39:3e:3a:5c:2f:85:f6:ce:b3:39:82:96:
6c:6c:9b:c1:a4:ae:7b:4f:8d:dd:d3:2c:19:4d:f9:
02:97:ca:1f:64:3e:26:f0:09:7a:39:42:63:9c:18:
1a:5c:29:a1:dd:39:7d:78:d5:7f:66:90:25:fa:44:
f5:f2:ee:dc:08:82:0f:3c:90:aa:56:c3:2c:57:08:
35:2b:ef:4f:b4:2c:2d:ae:e8:00:33:c6:07:ef:91:
16:ef:20:77:62:e3:38:41:3a:83:ea:0b:e8:24:0d:
85:01:96:6b:da:1c:4e:56:27:42:8a:fc:6e:b5:72:
23:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:8C:03:CC:BD:EA:A8:1E:5A:D7:5F:08:88:11:CC:2A:CC:9A:D7:80
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/L4wDzL3qqB5a118IiBHMKsya14A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.32.0/19
Signature Algorithm: sha256WithRSAEncryption
b4:37:33:d4:ca:bb:de:9d:7a:b0:04:42:e7:82:d3:e5:ca:8d:
b7:da:11:94:8d:f8:5c:8d:2f:b0:ad:30:3a:11:01:14:b5:a2:
a1:c5:9d:37:6d:3d:1c:c3:f9:01:25:5e:02:5a:6f:02:6c:e5:
46:b4:37:f0:86:61:74:7c:6a:b9:40:f5:24:1f:85:b7:57:cb:
3d:8a:0c:2c:13:56:24:91:2b:10:2c:97:c3:3d:eb:87:3f:08:
8e:5c:eb:05:72:32:29:a7:f5:5c:f3:44:34:f7:52:de:30:36:
aa:2c:dc:48:ce:04:1c:e2:24:69:09:24:ba:b9:05:6e:5d:8b:
3b:89:4d:cd:58:11:33:4a:6d:85:f2:09:83:85:94:26:b0:f3:
5d:54:0b:6f:61:0b:1e:38:46:10:ca:ef:83:21:d4:5b:0a:62:
a7:cc:e0:80:01:28:d3:20:7f:a9:ed:b8:17:8a:9f:02:e8:ce:
46:ad:9c:e7:2c:0c:f0:57:4a:03:6d:2d:75:f5:93:08:3b:4b:
c1:83:0c:62:93:9a:f0:ef:1f:31:b0:bd:ed:9e:8f:c9:40:d6:
42:b9:2b:46:c9:32:bd:b5:f3:06:b6:13:55:28:bf:38:8a:d6:
c6:a8:5c:d5:a8:3d:fc:dc:3d:33:4a:80:19:52:88:e4:2f:e2:
fb:c3:ba:40
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICErwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJGOEMwM0NDQkRFQUE4
MUU1QUQ3NUYwODg4MTFDQzJBQ0M5QUQ3ODAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHiLhsh660ednKsT5/gTx/Sgg2aGR/O1kXU4VAytzYDcMteOUT
0iaDK6339EeUxOA2zVZUNEP1lu7qvcRx6FvQ6/lmiqNsdyQi3LcyMVOXGZ+CsHDt
JAouSMmQErO82b3dHoLB1aqqpcIeOqgyR1RgTVRUXztP5oNc2uT2usBlDAkb3ckK
E5b0SDk+OlwvhfbOszmClmxsm8GkrntPjd3TLBlN+QKXyh9kPibwCXo5QmOcGBpc
KaHdOX141X9mkCX6RPXy7twIgg88kKpWwyxXCDUr70+0LC2u6AAzxgfvkRbvIHdi
4zhBOoPqC+gkDYUBlmvaHE5WJ0KK/G61ciMRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUL4wDzL3qqB5a118IiBHMKsya14AwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTDR3RHpMM3FxQjVhMTE4SWlCSE1L
c3lhMTRBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojIDAN
BgkqhkiG9w0BAQsFAAOCAQEAtDcz1Mq73p16sARC54LT5cqNt9oRlI34XI0vsK0w
OhEBFLWiocWdN209HMP5ASVeAlpvAmzlRrQ38IZhdHxquUD1JB+Ft1fLPYoMLBNW
JJErECyXwz3rhz8IjlzrBXIyKaf1XPNENPdS3jA2qizcSM4EHOIkaQkkurkFbl2L
O4lNzVgRM0pthfIJg4WUJrDzXVQLb2ELHjhGEMrvgyHUWwpip8zggAEo0yB/qe24
F4qfAujORq2c5ywM8FdKA20tdfWTCDtLwYMMYpOa8O8fMbC97Z6PyUDWQrkrRsky
vbXzBrYTVSi/OIrWxqhc1ag9/Nw9M0qAGVKI5C/i+8O6QA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org