Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Lr2R875-cgb7jaxfsTa05RYdPsk.roa
File: Lr2R875-cgb7jaxfsTa05RYdPsk.roa (raw, json)
Hash identifier: 7FqpcpgcTkWWOyB+cs7HqYEiq0V7IQysXPDDqDjBk5Y=
Subject key identifier: 2E:BD:91:F3:BE:7E:72:06:FB:8D:AC:5F:B1:36:B4:E5:16:1D:3E:C9
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12CB
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Lr2R875-cgb7jaxfsTa05RYdPsk.roa
Signing time: Fri 01 Sep 2023 08:04:59 +0000
ROA not before: Fri 01 Sep 2023 08:04:59 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 210.200.0.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4811 (0x12cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:59 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2EBD91F3BE7E7206FB8DAC5FB136B4E5161D3EC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ea:db:40:b7:86:b0:ba:6e:7e:c7:05:2f:2f:
d6:f4:66:dc:a5:34:59:f5:cb:fc:64:32:1b:5c:a8:
4c:bc:7b:be:10:1d:ac:27:a3:86:fa:07:ed:fc:4a:
26:dd:01:ce:c9:9f:ff:80:a9:09:d9:ea:c1:91:24:
34:e1:b2:c2:4b:10:5a:8e:4c:31:00:4b:ac:12:1c:
a5:3b:e6:60:e2:88:e4:ae:7d:08:83:e7:bd:e3:4d:
c4:c4:32:63:4d:53:a8:61:ac:38:b1:b5:b0:da:83:
23:95:56:be:57:33:24:ca:4e:67:20:4b:77:37:7a:
31:a2:50:0e:b6:21:3e:3f:71:da:23:69:e3:45:73:
af:36:12:e8:3e:52:23:88:70:37:b9:cb:cd:31:a5:
b5:ce:59:a9:4b:04:cf:a8:f8:7a:47:da:c9:c5:c0:
74:8b:43:34:39:ef:31:54:36:d5:c8:4d:80:8b:e9:
dd:1f:29:eb:33:8a:ac:31:60:ca:9b:53:eb:d0:46:
94:36:90:9c:a2:c4:0c:65:d6:f4:e5:1c:c4:99:7a:
6d:27:1f:d8:9a:18:5a:d4:71:68:60:c8:33:2d:4a:
b8:6b:cf:c9:11:2e:46:19:f5:47:dc:63:76:f2:62:
d3:2f:72:67:a7:02:61:71:94:5c:1d:6c:76:ad:85:
f8:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:BD:91:F3:BE:7E:72:06:FB:8D:AC:5F:B1:36:B4:E5:16:1D:3E:C9
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Lr2R875-cgb7jaxfsTa05RYdPsk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.0.0/19
Signature Algorithm: sha256WithRSAEncryption
3c:0a:5a:9c:2d:bc:11:c3:78:a5:96:37:3b:35:d0:ef:d7:3f:
7e:32:7f:2b:81:2c:75:34:14:87:3e:f6:e7:04:a2:01:86:23:
20:9d:e2:3c:3a:3b:eb:31:6f:f3:40:85:c6:5f:10:59:f4:2f:
b3:c9:02:a6:e6:91:5f:44:9f:de:14:04:56:41:eb:35:f3:e5:
3b:be:26:f6:5e:75:bb:2f:6d:de:30:67:99:d0:65:1a:1f:87:
89:65:67:53:60:35:ee:a8:22:b8:30:d0:16:0f:f3:c3:fd:88:
26:6e:54:8f:87:f0:23:90:0a:5f:32:5d:7b:2c:18:f5:3a:aa:
36:27:84:10:e4:9c:34:a7:fa:c9:60:d2:a9:47:8d:35:bc:f1:
42:5b:76:c8:73:e0:e0:90:17:1e:b8:79:0e:24:48:38:c5:f4:
6e:03:c3:74:cc:84:40:d9:1c:9e:f8:95:a9:56:82:6b:20:ed:
6e:a9:3e:69:41:d9:dd:d4:71:08:37:43:1f:b7:60:10:1a:53:
88:49:06:2e:09:07:5a:f0:ce:45:a0:de:2e:5e:ce:62:83:af:
4d:4f:5d:16:db:f4:5c:4d:6f:50:d1:47:7d:39:7c:5f:6b:40:
87:65:a8:89:7b:a9:71:b4:b1:93:3c:59:71:d7:b9:cd:fa:74:
29:30:d4:12
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEsswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJFQkQ5MUYzQkU3RTcy
MDZGQjhEQUM1RkIxMzZCNEU1MTYxRDNFQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/6ttAt4awum5+xwUvL9b0ZtylNFn1y/xkMhtcqEy8e74QHawn
o4b6B+38SibdAc7Jn/+AqQnZ6sGRJDThssJLEFqOTDEAS6wSHKU75mDiiOSufQiD
573jTcTEMmNNU6hhrDixtbDagyOVVr5XMyTKTmcgS3c3ejGiUA62IT4/cdojaeNF
c682Eug+UiOIcDe5y80xpbXOWalLBM+o+HpH2snFwHSLQzQ57zFUNtXITYCL6d0f
KesziqwxYMqbU+vQRpQ2kJyixAxl1vTlHMSZem0nH9iaGFrUcWhgyDMtSrhrz8kR
LkYZ9UfcY3byYtMvcmenAmFxlFwdbHathfjnAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULr2R875+cgb7jaxfsTa05RYdPskwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTHIyUjg3NS1jZ2I3amF4ZnNUYTA1
UllkUHNrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdLIADAN
BgkqhkiG9w0BAQsFAAOCAQEAPApanC28EcN4pZY3OzXQ79c/fjJ/K4EsdTQUhz72
5wSiAYYjIJ3iPDo76zFv80CFxl8QWfQvs8kCpuaRX0Sf3hQEVkHrNfPlO74m9l51
uy9t3jBnmdBlGh+HiWVnU2A17qgiuDDQFg/zw/2IJm5Uj4fwI5AKXzJdeywY9Tqq
NieEEOScNKf6yWDSqUeNNbzxQlt2yHPg4JAXHrh5DiRIOMX0bgPDdMyEQNkcnviV
qVaCayDtbqk+aUHZ3dRxCDdDH7dgEBpTiEkGLgkHWvDORaDeLl7OYoOvTU9dFtv0
XE1vUNFHfTl8X2tAh2WoiXupcbSxkzxZcde5zfp0KTDUEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org