Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/OykdPAmYIETglYcOk4lXnbIlKpk.roa
File: OykdPAmYIETglYcOk4lXnbIlKpk.roa (raw, json)
Hash identifier: /srbRZWAMUXmRLmnuMvqK9F6tdGX6/jaA7rTdHXVjac=
Subject key identifier: 3B:29:1D:3C:09:98:20:44:E0:95:87:0E:93:89:57:9D:B2:25:2A:99
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 13A7
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/OykdPAmYIETglYcOk4lXnbIlKpk.roa
Signing time: Wed 13 Dec 2023 02:48:32 +0000
ROA not before: Wed 13 Dec 2023 02:48:32 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.250.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5031 (0x13a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Dec 13 02:48:32 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=3B291D3C09982044E095870E9389579DB2252A99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:67:e2:eb:f5:05:36:d3:15:b6:d8:27:6c:34:
46:57:3c:df:d2:f4:ab:6f:d0:a8:e6:f7:7b:59:e8:
66:48:6b:58:a0:f1:ad:a4:cb:89:f5:ee:04:0a:57:
59:d8:e3:06:54:a0:bb:55:db:ac:c9:0f:fc:73:3d:
80:d0:82:8b:0f:3d:1d:53:0d:de:47:e0:e5:17:51:
4c:8a:cc:13:34:dc:91:12:4c:08:26:c9:71:38:b7:
97:7a:ee:0c:1a:16:f5:09:7e:7f:04:f4:f8:06:59:
4d:b8:e7:6f:5b:03:17:27:91:1b:6f:f9:8e:24:04:
7b:d2:10:da:26:ce:13:a0:01:40:fb:18:2f:ef:e2:
ee:79:93:15:d1:ef:ef:a9:37:25:8a:bd:dd:7e:26:
40:7e:b1:79:e1:94:32:ad:4e:9e:72:2e:b5:dc:89:
be:c6:a2:8b:71:8d:b9:af:19:d1:57:65:78:57:70:
76:5a:07:9b:d2:89:12:a7:10:42:42:bb:b5:a0:89:
44:48:0b:f6:fa:dc:87:1c:85:7c:0f:c1:fb:a1:2a:
81:37:68:0e:34:ed:05:bd:b8:aa:22:9a:2a:66:ed:
2e:c2:7c:15:19:1a:33:cb:8a:0b:f3:4e:f6:3b:3f:
65:67:8c:3c:00:52:d6:66:1a:d7:30:6d:8b:4d:1e:
a8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:29:1D:3C:09:98:20:44:E0:95:87:0E:93:89:57:9D:B2:25:2A:99
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/OykdPAmYIETglYcOk4lXnbIlKpk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.192.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:60:08:9e:8d:c6:1f:b9:7e:37:e2:26:7c:c8:d6:04:8d:ca:
89:c3:a4:58:83:a4:4a:f4:4e:c9:0a:e8:8b:bf:e8:52:b0:7c:
9c:5f:ed:2d:17:b6:bc:de:0d:57:be:98:da:ce:87:29:e8:73:
b9:c7:96:66:ec:a0:f3:5e:0b:77:fd:1c:db:f2:1b:40:fa:0d:
40:1f:18:81:08:d7:c3:53:15:ea:f1:21:42:91:50:36:e9:c4:
2b:93:51:72:ff:db:2c:5e:ba:cb:28:94:08:eb:19:0d:f0:d3:
e1:4f:1b:b9:89:9f:62:10:47:e8:ba:42:79:34:20:15:d1:71:
89:e1:cc:01:b4:a1:e6:43:38:3c:e8:8f:cc:c8:b9:bd:55:aa:
00:a1:45:0f:9d:cd:0b:08:12:00:55:d4:d2:b8:ac:fc:4e:b5:
20:db:0b:10:38:0b:74:26:66:63:ac:5e:e4:86:64:41:04:84:
87:25:8b:5e:a5:dd:ba:ce:b1:72:9d:e8:7b:0c:ca:af:5a:72:
80:3d:c8:ac:aa:4d:a6:b6:b6:ab:eb:a4:f6:c1:ca:53:6e:3f:
47:b6:f3:db:c0:3f:52:62:d3:46:cb:96:19:9c:93:ea:96:88:
0e:a1:5e:0a:e2:a3:4a:f9:a2:21:bd:5d:78:83:74:4b:7d:c3:
2c:19:56:f0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICE6cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzEyMTMw
MjQ4MzJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNCMjkxRDNDMDk5ODIw
NDRFMDk1ODcwRTkzODk1NzlEQjIyNTJBOTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlZ+Lr9QU20xW22CdsNEZXPN/S9Ktv0Kjm93tZ6GZIa1ig8a2k
y4n17gQKV1nY4wZUoLtV26zJD/xzPYDQgosPPR1TDd5H4OUXUUyKzBM03JESTAgm
yXE4t5d67gwaFvUJfn8E9PgGWU24529bAxcnkRtv+Y4kBHvSENomzhOgAUD7GC/v
4u55kxXR7++pNyWKvd1+JkB+sXnhlDKtTp5yLrXcib7GootxjbmvGdFXZXhXcHZa
B5vSiRKnEEJCu7WgiURIC/b63IcchXwPwfuhKoE3aA407QW9uKoimipm7S7CfBUZ
GjPLigvzTvY7P2VnjDwAUtZmGtcwbYtNHqgdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUOykdPAmYIETglYcOk4lXnbIlKpkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvT3lrZFBBbVlJRVRnbFljT2s0bFhu
YklsS3BrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt76wDAN
BgkqhkiG9w0BAQsFAAOCAQEAtGAIno3GH7l+N+ImfMjWBI3KicOkWIOkSvROyQro
i7/oUrB8nF/tLRe2vN4NV76Y2s6HKehzuceWZuyg814Ld/0c2/IbQPoNQB8YgQjX
w1MV6vEhQpFQNunEK5NRcv/bLF66yyiUCOsZDfDT4U8buYmfYhBH6LpCeTQgFdFx
ieHMAbSh5kM4POiPzMi5vVWqAKFFD53NCwgSAFXU0ris/E61INsLEDgLdCZmY6xe
5IZkQQSEhyWLXqXdus6xcp3oewzKr1pygD3IrKpNpra2q+uk9sHKU24/R7bz28A/
UmLTRsuWGZyT6paIDqFeCuKjSvmiIb1deIN0S33DLBlW8A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org