Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/MsOmWsfe40W-ofxaZXjytEj1kRE.roa
File: MsOmWsfe40W-ofxaZXjytEj1kRE.roa (raw, json)
Hash identifier: oUUmA0bdmOlguUNVbx318UqMHfxnLZVetFul/eoFiuw=
Subject key identifier: 32:C3:A6:5A:C7:DE:E3:45:BE:A1:FC:5A:65:78:F2:B4:48:F5:91:11
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0BC9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MsOmWsfe40W-ofxaZXjytEj1kRE.roa
Signing time: Sun 07 Feb 2021 11:33:53 +0000
ROA not before: Sun 07 Feb 2021 11:33:53 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 210.200.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3017 (0xbc9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:33:53 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=32C3A65AC7DEE345BEA1FC5A6578F2B448F59111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:27:46:51:5b:87:8a:fe:56:49:99:b8:22:0e:
73:35:72:8c:c8:e5:8d:35:8d:3f:e5:21:9b:e5:48:
87:ca:79:c7:c3:13:4b:72:f9:e4:53:53:e2:5b:ba:
7a:08:e4:f7:5c:ee:1c:a6:95:2a:2a:65:82:b8:58:
e9:dd:11:63:63:35:4f:b2:58:3d:79:6b:12:d4:53:
74:5f:b4:5b:07:9b:57:ea:3e:9c:4d:a0:e5:af:36:
0b:8a:27:84:f3:68:00:a8:0a:36:42:9f:24:3f:54:
3c:06:f8:ac:9e:61:dc:8d:e1:31:74:79:1b:34:ae:
62:0c:46:24:82:c5:08:ce:c0:ee:13:b2:1e:1d:02:
8e:1e:9d:49:b7:c9:01:8f:c1:18:d3:0f:65:a6:77:
84:67:1d:c4:eb:e9:d2:fc:48:48:67:72:60:f9:b1:
00:83:50:c0:08:82:fd:a4:90:1a:da:ad:f2:3f:d1:
53:10:13:b1:84:dd:d7:65:9b:11:d0:08:d9:72:bd:
87:a3:ab:4f:93:ba:23:b3:95:8e:df:04:01:2e:ae:
94:a7:28:2d:a2:cc:fd:d3:b4:16:01:c7:dc:ef:ee:
94:df:4c:77:f7:ed:31:22:f2:f3:50:1d:5e:15:34:
f3:01:14:23:2f:f7:39:96:e6:2a:aa:1c:3d:39:71:
a2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:C3:A6:5A:C7:DE:E3:45:BE:A1:FC:5A:65:78:F2:B4:48:F5:91:11
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/MsOmWsfe40W-ofxaZXjytEj1kRE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0c:81:e6:84:f6:f4:00:3f:44:22:91:ec:03:2a:67:f6:ec:66:
fc:c7:7e:ad:1a:9f:5b:94:0f:40:58:99:a8:8f:71:72:27:66:
51:af:eb:e9:3f:41:9b:ac:9d:06:88:1c:ef:10:d1:e1:fe:28:
f4:b2:3a:f1:3c:5e:9d:9a:f0:95:83:78:0e:29:77:19:ab:56:
77:e7:29:20:ce:9f:43:c5:1e:2b:98:29:46:25:c4:4f:66:6a:
7e:3b:0d:4b:15:2e:29:99:11:1b:d8:ac:a2:d3:a6:88:cb:a5:
c2:66:0c:c7:8e:5e:1a:60:96:22:bc:17:00:ae:34:68:cb:1c:
8e:b9:e9:72:80:4f:98:e9:40:0a:b4:74:69:16:54:26:a1:a5:
b7:62:89:b6:8d:11:a9:a7:f8:46:4c:6e:84:94:4f:82:94:52:
aa:8c:7e:c5:da:de:5a:c0:fb:d3:37:22:f2:a6:cc:2f:41:dd:
0d:a5:a1:ee:1f:a0:47:a5:4b:45:6d:1a:84:06:e9:28:5a:8d:
fc:f8:c6:3d:73:6f:50:f4:65:d2:1a:02:f1:5e:16:8f:15:6d:
f6:76:c0:a3:af:a3:0f:67:ec:00:6a:27:e8:73:dd:c9:bf:7e:
c4:55:8d:f3:8e:96:2c:8a:04:17:5a:ae:22:b5:5a:76:9d:71:
48:e0:64:ed
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICC8kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTMzNTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDMyQzNBNjVBQzdERUUz
NDVCRUExRkM1QTY1NzhGMkI0NDhGNTkxMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEJ0ZRW4eK/lZJmbgiDnM1cozI5Y01jT/lIZvlSIfKecfDE0ty
+eRTU+JbunoI5Pdc7hymlSoqZYK4WOndEWNjNU+yWD15axLUU3RftFsHm1fqPpxN
oOWvNguKJ4TzaACoCjZCnyQ/VDwG+KyeYdyN4TF0eRs0rmIMRiSCxQjOwO4Tsh4d
Ao4enUm3yQGPwRjTD2Wmd4RnHcTr6dL8SEhncmD5sQCDUMAIgv2kkBrarfI/0VMQ
E7GE3ddlmxHQCNlyvYejq0+TuiOzlY7fBAEurpSnKC2izP3TtBYBx9zv7pTfTHf3
7TEi8vNQHV4VNPMBFCMv9zmW5iqqHD05caKlAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUMsOmWsfe40W+ofxaZXjytEj1kREwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvTXNPbVdzZmU0MFctb2Z4YVpYanl0
RWoxa1JFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANLIMA0G
CSqGSIb3DQEBCwUAA4IBAQAMgeaE9vQAP0QikewDKmf27Gb8x36tGp9blA9AWJmo
j3FyJ2ZRr+vpP0GbrJ0GiBzvENHh/ij0sjrxPF6dmvCVg3gOKXcZq1Z35ykgzp9D
xR4rmClGJcRPZmp+Ow1LFS4pmREb2Kyi06aIy6XCZgzHjl4aYJYivBcArjRoyxyO
uelygE+Y6UAKtHRpFlQmoaW3Yom2jRGpp/hGTG6ElE+ClFKqjH7F2t5awPvTNyLy
pswvQd0NpaHuH6BHpUtFbRqEBukoWo38+MY9c29Q9GXSGgLxXhaPFW32dsCjr6MP
Z+wAaifoc93Jv37EVY3zjpYsigQXWq4itVp2nXFI4GTt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org