Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/M-2WAuWtCjE3uEGH1leG1iziVl8.roa
File: M-2WAuWtCjE3uEGH1leG1iziVl8.roa (raw, json)
Hash identifier: FCm88NDOnW5fA6JIG6Wua+Co3NDvB1RNwNcbnuNYw+M=
Subject key identifier: 33:ED:96:02:E5:AD:0A:31:37:B8:41:87:D6:57:86:D6:2C:E2:56:5F
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 130D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/M-2WAuWtCjE3uEGH1leG1iziVl8.roa
Signing time: Fri 01 Sep 2023 08:05:19 +0000
ROA not before: Fri 01 Sep 2023 08:05:19 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 218.35.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4877 (0x130d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:19 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=33ED9602E5AD0A3137B84187D65786D62CE2565F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c7:e2:eb:a0:37:ea:53:44:bd:17:9f:2b:39:
49:42:fa:53:c6:2d:6b:b6:00:1d:e5:1b:e4:41:8c:
60:7e:d7:87:8d:7f:96:02:26:e7:71:be:8e:1e:c2:
f7:bc:a3:ca:44:8a:1d:3d:9f:76:f6:fe:d0:35:f9:
38:28:3c:9d:eb:fe:3d:ab:9a:88:1e:24:75:00:3a:
36:7f:b0:7c:ec:ce:0f:8c:d0:b2:d1:87:d6:c5:02:
f7:5b:71:da:54:c1:cb:a0:8d:9b:25:21:2d:61:2f:
c4:67:24:84:80:4d:b4:e8:f7:3a:03:37:30:a3:eb:
ff:d5:ea:a1:33:bb:51:d7:48:19:7e:8d:f6:60:47:
c0:98:d1:76:5f:ed:89:9c:3d:f1:46:5d:70:2a:35:
cf:24:e7:ef:1d:83:58:3f:cb:d1:20:08:c5:fc:d3:
dc:ad:bf:78:50:06:97:4f:98:46:b5:20:fd:4a:b8:
36:72:f2:26:21:35:26:36:e3:54:5f:ea:7a:7b:f9:
f5:78:ec:43:54:72:7f:52:de:4d:b9:5e:d5:cc:0f:
26:bf:6d:f0:68:af:94:a6:f7:c4:22:a6:c0:1c:a8:
db:de:dd:1f:44:55:2a:5d:31:fd:bb:5b:16:0f:d7:
c1:b1:25:0b:46:fa:75:94:25:ef:38:fc:e9:31:e2:
71:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:ED:96:02:E5:AD:0A:31:37:B8:41:87:D6:57:86:D6:2C:E2:56:5F
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/M-2WAuWtCjE3uEGH1leG1iziVl8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.0.0/16
Signature Algorithm: sha256WithRSAEncryption
35:48:83:1b:5e:6d:c4:5c:db:8a:d8:6d:0c:e7:d4:ef:79:5e:
7b:73:e1:53:5c:42:20:d5:b0:03:b1:9d:23:2a:3d:dc:81:39:
f6:97:47:f1:86:66:21:ba:39:a2:b9:30:37:b9:38:a7:e4:2e:
76:26:91:1e:67:d4:25:2f:2d:dc:d3:ec:b9:d5:a6:4a:d7:33:
a3:61:e8:42:ab:44:e6:4a:5e:50:88:40:12:9a:cd:7c:18:ec:
23:9e:80:2f:63:29:e5:05:e5:e3:b1:44:68:94:80:9a:ae:4a:
b4:2e:ae:9e:3a:a2:fc:be:b4:6f:1d:f5:9c:ef:f9:cc:d6:16:
fa:c6:9c:4f:5e:ab:36:19:be:91:5b:a1:fe:34:be:98:bf:a6:
cd:6e:29:e9:26:c8:c3:32:9f:02:1c:e6:3c:d3:de:19:2a:e6:
45:bd:e1:9e:a2:80:80:95:b7:81:a9:ef:8b:e1:e8:1d:c1:20:
27:de:fa:40:66:ad:0a:02:7e:7c:e6:38:50:76:b5:b8:fa:4d:
99:df:54:98:af:d7:c3:56:a6:d4:e3:2f:f1:18:b0:64:f3:32:
b1:cc:ee:8b:74:20:fb:4d:c7:83:ca:5f:92:78:41:f7:21:b3:
f1:da:d1:1f:f8:9a:67:71:e8:6b:a4:ef:f1:62:5f:73:44:2a:
a9:a3:92:a2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEw0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDMzRUQ5NjAyRTVBRDBB
MzEzN0I4NDE4N0Q2NTc4NkQ2MkNFMjU2NUYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5x+LroDfqU0S9F58rOUlC+lPGLWu2AB3lG+RBjGB+14eNf5YC
Judxvo4ewve8o8pEih09n3b2/tA1+TgoPJ3r/j2rmogeJHUAOjZ/sHzszg+M0LLR
h9bFAvdbcdpUwcugjZslIS1hL8RnJISATbTo9zoDNzCj6//V6qEzu1HXSBl+jfZg
R8CY0XZf7YmcPfFGXXAqNc8k5+8dg1g/y9EgCMX809ytv3hQBpdPmEa1IP1KuDZy
8iYhNSY241Rf6np7+fV47ENUcn9S3k25XtXMDya/bfBor5Sm98QipsAcqNve3R9E
VSpdMf27WxYP18GxJQtG+nWUJe84/Okx4nHFAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUM+2WAuWtCjE3uEGH1leG1iziVl8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTS0yV0F1V3RDakUzdUVHSDFsZUcx
aXppVmw4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANojMA0G
CSqGSIb3DQEBCwUAA4IBAQA1SIMbXm3EXNuK2G0M59TveV57c+FTXEIg1bADsZ0j
Kj3cgTn2l0fxhmYhujmiuTA3uTin5C52JpEeZ9QlLy3c0+y51aZK1zOjYehCq0Tm
Sl5QiEASms18GOwjnoAvYynlBeXjsURolICarkq0Lq6eOqL8vrRvHfWc7/nM1hb6
xpxPXqs2Gb6RW6H+NL6Yv6bNbinpJsjDMp8CHOY8094ZKuZFveGeooCAlbeBqe+L
4egdwSAn3vpAZq0KAn585jhQdrW4+k2Z31SYr9fDVqbU4y/xGLBk8zKxzO6LdCD7
TceDyl+SeEH3IbPx2tEf+JpncehrpO/xYl9zRCqpo5Ki
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org