Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/MmQToPZbMXJanVmxiVMXYNEww6U.roa
File: MmQToPZbMXJanVmxiVMXYNEww6U.roa (raw, json)
Hash identifier: kOvTkdH38Zicm9hnSdnc9ItMGfjAZuKtYiuq7Hq+B7I=
Subject key identifier: 32:64:13:A0:F6:5B:31:72:5A:9D:59:B1:89:53:17:60:D1:30:C3:A5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12FC
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MmQToPZbMXJanVmxiVMXYNEww6U.roa
Signing time: Fri 01 Sep 2023 08:05:15 +0000
ROA not before: Fri 01 Sep 2023 08:05:15 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131597
IP address blocks: 218.35.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4860 (0x12fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:15 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=326413A0F65B31725A9D59B189531760D130C3A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:0b:18:d6:6c:f1:bb:7d:cb:de:e9:12:86:
04:b9:fd:36:c8:ec:f3:7b:a1:ca:b2:5b:b9:8b:9c:
1b:2f:d6:64:fd:7d:54:67:21:a0:c9:fb:88:a8:90:
8a:22:05:7b:41:ab:8d:80:f6:0d:cf:24:5d:7f:5c:
57:3e:9f:e7:61:d0:b0:62:04:6f:cf:a7:98:0b:28:
74:4f:af:99:bb:43:ab:4d:30:fb:cc:d7:43:6a:59:
97:ea:00:98:2b:ae:5a:ec:d1:89:b2:6f:c5:d3:ce:
03:3c:7e:77:8d:df:1b:42:36:7c:c0:35:3d:8a:6d:
ae:ce:05:70:2d:99:2c:a1:91:9d:99:82:63:37:97:
a2:71:6f:f8:53:02:b3:a1:01:c0:cc:99:c2:39:d8:
e4:cf:0d:a2:2f:3e:0c:15:bb:db:b4:2d:0e:9c:5b:
89:a7:b0:fb:44:7b:21:ed:af:9e:70:83:e3:ae:ee:
2e:7c:dd:46:e8:fc:7d:d7:b0:58:6f:7f:19:9f:c7:
c2:29:57:2d:d9:9b:45:ee:51:40:b5:af:d7:7b:38:
4c:27:54:54:e4:07:ec:22:2f:ff:50:cc:5e:89:c2:
85:26:14:b8:35:28:50:61:53:16:c9:9d:60:af:62:
ea:ab:e6:72:8c:35:60:f4:fd:6f:fb:5a:4f:fe:93:
b0:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:64:13:A0:F6:5B:31:72:5A:9D:59:B1:89:53:17:60:D1:30:C3:A5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MmQToPZbMXJanVmxiVMXYNEww6U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.64.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:64:7b:a7:ff:66:67:5a:e3:87:07:6d:de:3b:99:cb:3d:81:
47:12:c5:d6:19:19:6a:c6:29:7c:cb:33:60:c3:80:4f:ec:9a:
a0:5c:c7:58:1b:89:56:9f:fe:32:42:67:00:3e:c7:f7:d0:40:
32:5a:a6:f1:90:28:7d:2e:41:01:81:a5:63:2d:bc:d4:96:97:
14:50:12:d6:f9:86:5a:b3:27:0e:3f:21:20:fe:f5:74:83:37:
17:45:31:2d:92:9d:d2:9c:71:9f:c2:cd:f1:8d:c4:a9:78:61:
aa:11:ff:87:32:7c:fc:1f:93:e2:a8:e3:d6:3c:77:56:d5:8a:
11:d9:2f:f0:2b:04:53:73:39:25:74:d0:66:9e:c9:01:2c:64:
e5:50:0b:2f:ab:61:06:ec:9a:1f:10:a2:5f:b8:a6:46:0a:f7:
e9:08:4b:e9:f5:47:72:31:17:58:95:7d:28:56:45:16:e8:a0:
2f:dc:14:3f:b6:ac:f1:11:48:71:6c:bb:bf:51:98:91:ca:23:
d6:9c:89:2c:c5:86:c7:70:d0:8b:65:ca:26:64:a9:28:b8:02:
1f:9c:e1:a4:6d:7c:27:e0:e8:6e:1d:76:3f:10:52:0a:ec:1e:
50:b9:bd:26:2e:7c:98:20:63:7b:4c:02:e0:5e:ad:93:7c:90:
e1:bb:8b:eb
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEvwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDMyNjQxM0EwRjY1QjMx
NzI1QTlENTlCMTg5NTMxNzYwRDEzMEMzQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu5QsY1mzxu33L3ukShgS5/TbI7PN7ocqyW7mLnBsv1mT9fVRn
IaDJ+4iokIoiBXtBq42A9g3PJF1/XFc+n+dh0LBiBG/Pp5gLKHRPr5m7Q6tNMPvM
10NqWZfqAJgrrlrs0Ymyb8XTzgM8fneN3xtCNnzANT2Kba7OBXAtmSyhkZ2ZgmM3
l6Jxb/hTArOhAcDMmcI52OTPDaIvPgwVu9u0LQ6cW4mnsPtEeyHtr55wg+Ou7i58
3Ubo/H3XsFhvfxmfx8IpVy3Zm0XuUUC1r9d7OEwnVFTkB+wiL/9QzF6JwoUmFLg1
KFBhUxbJnWCvYuqr5nKMNWD0/W/7Wk/+k7AdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUMmQToPZbMXJanVmxiVMXYNEww6UwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTW1RVG9QWmJNWEphblZteGlWTVhZ
TkV3dzZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojQDAN
BgkqhkiG9w0BAQsFAAOCAQEAXmR7p/9mZ1rjhwdt3juZyz2BRxLF1hkZasYpfMsz
YMOAT+yaoFzHWBuJVp/+MkJnAD7H99BAMlqm8ZAofS5BAYGlYy281JaXFFAS1vmG
WrMnDj8hIP71dIM3F0UxLZKd0pxxn8LN8Y3EqXhhqhH/hzJ8/B+T4qjj1jx3VtWK
Edkv8CsEU3M5JXTQZp7JASxk5VALL6thBuyaHxCiX7imRgr36QhL6fVHcjEXWJV9
KFZFFuigL9wUP7as8RFIcWy7v1GYkcoj1pyJLMWGx3DQi2XKJmSpKLgCH5zhpG18
J+Dobh12PxBSCuweULm9Ji58mCBje0wC4F6tk3yQ4buL6w==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org