Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/MB8jYF9XN_SbzO5jlRLRnT8Wg8k.roa
File: MB8jYF9XN_SbzO5jlRLRnT8Wg8k.roa (raw, json)
Hash identifier: Q2eDx5WDDWlxaCJpPLvm7LjHlL4rtDQ//lgPDN9fTAI=
Subject key identifier: 30:1F:23:60:5F:57:37:F4:9B:CC:EE:63:95:12:D1:9D:3F:16:83:C9
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1080
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MB8jYF9XN_SbzO5jlRLRnT8Wg8k.roa
Signing time: Tue 16 May 2023 08:36:17 +0000
ROA not before: Tue 16 May 2023 08:36:17 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 210.201.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4224 (0x1080)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:17 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=301F23605F5737F49BCCEE639512D19D3F1683C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:79:37:49:bd:de:cd:19:48:f0:40:63:7d:6f:
29:53:63:06:73:32:7e:53:b9:ae:b7:4e:6f:27:42:
0d:39:08:ef:3b:bc:f7:21:b8:a5:64:ac:6b:1f:19:
bf:e1:1a:66:05:2b:6c:0d:07:71:f3:a9:a1:40:d6:
e7:db:6b:2e:55:c3:06:f2:37:5b:01:49:79:5c:8a:
72:35:bf:62:12:63:ed:a8:8f:eb:ac:45:13:6e:20:
7a:7f:3a:6c:20:67:a0:9d:e6:24:f9:b7:db:51:10:
26:34:59:c8:2c:66:43:c3:49:ae:44:e9:e9:6e:68:
61:ec:f9:b4:7a:11:4e:37:e8:23:f6:b9:74:58:7a:
4e:e9:4a:9d:33:96:f6:b9:fb:d8:86:0a:b7:3e:73:
32:a4:3a:69:5f:e3:87:a4:42:fe:d6:46:9e:29:8a:
55:6d:d8:81:15:7e:3b:5a:ce:5e:f8:49:0e:93:20:
74:a0:bd:44:ed:32:21:66:9f:d4:b3:36:29:ef:74:
76:3b:34:fb:4e:0d:90:87:f9:97:a6:39:09:38:c6:
13:d3:17:2c:ed:45:2c:a9:d7:29:12:c5:6f:54:8b:
3a:7a:36:0c:79:74:9a:8f:df:5d:f1:13:24:03:dd:
b0:5a:66:81:d9:28:0c:71:36:fb:fc:a7:8c:f8:14:
83:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:1F:23:60:5F:57:37:F4:9B:CC:EE:63:95:12:D1:9D:3F:16:83:C9
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MB8jYF9XN_SbzO5jlRLRnT8Wg8k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.32.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:4a:9b:02:2c:e3:fd:c2:96:07:d8:3a:09:af:30:a4:20:59:
65:52:6c:80:86:ba:4d:14:81:85:51:b5:6e:8f:86:10:d1:ab:
66:a5:b0:39:fd:76:f1:ad:2c:6f:c6:0d:fa:77:7a:5e:94:06:
f9:c5:85:16:e9:e1:16:1f:9e:28:c7:ab:d2:17:a1:b7:cc:70:
85:64:9b:2c:68:3e:12:ba:4e:b1:5d:95:ca:ae:31:4d:88:aa:
17:4a:cd:3d:2f:67:39:87:09:c2:3d:1e:59:83:dc:18:67:c1:
0b:b9:00:fd:bc:98:ed:b5:23:c4:76:78:5e:6c:05:39:11:7b:
e9:d8:c1:b1:1c:24:7a:06:af:6d:7b:1b:e8:23:c3:e2:70:af:
f6:26:9d:2d:66:8a:09:a2:2d:2b:99:9f:22:3a:2b:e6:64:74:
89:1d:f1:b7:0e:9f:b6:5d:80:2b:f9:48:97:93:e8:69:1a:3f:
d2:d9:83:3f:37:0c:16:d2:e8:29:0b:b0:7d:ad:06:22:69:d7:
3e:19:60:96:bb:ed:9a:1d:25:fa:4a:1f:a7:d8:ff:ef:b3:b6:
52:b9:54:75:e6:19:bd:05:b6:d4:95:47:e8:a0:d2:e5:64:bd:
e1:99:23:58:33:0c:b7:ed:f7:c3:1b:c9:d8:c0:f5:df:0d:cc:
11:7d:07:69
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEIAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMwMUYyMzYwNUY1NzM3
RjQ5QkNDRUU2Mzk1MTJEMTlEM0YxNjgzQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMeTdJvd7NGUjwQGN9bylTYwZzMn5Tua63Tm8nQg05CO87vPch
uKVkrGsfGb/hGmYFK2wNB3HzqaFA1ufbay5VwwbyN1sBSXlcinI1v2ISY+2oj+us
RRNuIHp/OmwgZ6Cd5iT5t9tRECY0WcgsZkPDSa5E6eluaGHs+bR6EU436CP2uXRY
ek7pSp0zlva5+9iGCrc+czKkOmlf44ekQv7WRp4pilVt2IEVfjtazl74SQ6TIHSg
vUTtMiFmn9SzNinvdHY7NPtODZCH+ZemOQk4xhPTFyztRSyp1ykSxW9Uizp6Ngx5
dJqP313xEyQD3bBaZoHZKAxxNvv8p4z4FIN/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMB8jYF9XN/SbzO5jlRLRnT8Wg8kwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTUI4allGOVhOX1Niek81amxSTFJu
VDhXZzhrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLJIDAN
BgkqhkiG9w0BAQsFAAOCAQEAP0qbAizj/cKWB9g6Ca8wpCBZZVJsgIa6TRSBhVG1
bo+GENGrZqWwOf128a0sb8YN+nd6XpQG+cWFFunhFh+eKMer0heht8xwhWSbLGg+
ErpOsV2Vyq4xTYiqF0rNPS9nOYcJwj0eWYPcGGfBC7kA/byY7bUjxHZ4XmwFORF7
6djBsRwkegavbXsb6CPD4nCv9iadLWaKCaItK5mfIjor5mR0iR3xtw6ftl2AK/lI
l5PoaRo/0tmDPzcMFtLoKQuwfa0GImnXPhlglrvtmh0l+kofp9j/77O2UrlUdeYZ
vQW21JVH6KDS5WS94ZkjWDMMt+33wxvJ2MD13w3MEX0HaQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org