Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Pu8HD-2KfB5Kx398LH4x_o4ZA84.roa
File: Pu8HD-2KfB5Kx398LH4x_o4ZA84.roa (raw, json)
Hash identifier: FlQwMCMHTEk5Q9hDjtDaZHOo1XBDYYMCE+4d2BwuHEQ=
Subject key identifier: 3E:EF:07:0F:ED:8A:7C:1E:4A:C7:7F:7C:2C:7E:31:FE:8E:19:03:CE
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 10C0
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Pu8HD-2KfB5Kx398LH4x_o4ZA84.roa
Signing time: Tue 16 May 2023 08:36:34 +0000
ROA not before: Tue 16 May 2023 08:36:34 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 43.240.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4288 (0x10c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:34 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3EEF070FED8A7C1E4AC77F7C2C7E31FE8E1903CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7c:22:4d:eb:bd:93:b0:48:24:90:59:55:48:
71:b5:3e:b9:93:66:c3:5d:b8:df:0e:b1:a2:fa:d7:
dc:fa:bf:77:0a:70:99:17:c6:ac:e7:6d:e5:ca:e9:
91:24:eb:85:81:f4:cc:37:4a:eb:aa:d0:2b:27:ce:
3a:89:cb:21:31:af:6f:ee:03:8d:c9:3b:33:a7:ee:
91:19:ce:c3:61:2b:31:33:ae:cd:fd:38:b9:61:24:
0f:40:83:32:ed:18:3c:4e:a1:d8:45:90:0b:03:87:
07:fa:90:2d:60:33:e6:8e:1d:04:81:7f:5d:80:ca:
61:f5:e6:08:7a:2c:c0:0d:16:ba:32:4e:8e:c3:4f:
f7:e9:23:c0:96:0a:dd:6f:c9:ff:a1:9f:dd:5c:2b:
47:ac:ad:4b:d1:a8:63:14:72:10:5d:d3:05:f3:71:
1e:c2:a5:08:b1:4a:41:23:d6:bc:a3:c9:a6:91:26:
cb:ab:cf:bd:71:f1:0a:44:70:67:15:a8:53:2d:d3:
87:a1:8a:ca:45:9c:d8:2d:1d:8b:6b:ac:f5:43:92:
4f:01:08:ec:26:12:71:52:8a:c1:12:08:92:ea:96:
33:88:5d:52:cc:33:31:0d:6b:25:4c:43:e5:7b:25:
e3:0d:42:51:f6:a7:e0:fe:07:bf:0a:78:8f:a9:44:
11:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:EF:07:0F:ED:8A:7C:1E:4A:C7:7F:7C:2C:7E:31:FE:8E:19:03:CE
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Pu8HD-2KfB5Kx398LH4x_o4ZA84.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.104.0/22
Signature Algorithm: sha256WithRSAEncryption
58:09:38:b2:7f:43:c9:25:7a:a9:e6:be:6a:08:7d:74:66:ab:
2d:fb:bf:d8:e0:1b:b0:2a:e0:f4:e3:74:c1:4e:77:32:a0:6f:
a6:8c:d5:2e:b9:2f:18:3e:ab:32:43:53:26:14:04:b6:d4:a1:
ab:66:1b:3c:49:4e:b5:6b:99:c2:bd:88:ad:08:26:a6:c8:55:
50:9a:de:97:9f:78:e8:c3:95:70:a4:91:f4:0e:27:79:94:8c:
d6:fa:e7:70:b4:b6:90:3f:01:29:cc:68:cc:e0:f9:f4:59:a7:
ce:e5:b2:3c:71:67:e7:b7:28:b6:36:49:49:d1:1c:85:d3:a7:
b5:f8:0c:85:68:c4:72:b2:d0:e6:c4:33:b8:67:da:16:ec:d9:
b6:e1:e8:2c:4b:19:5b:1a:d7:4a:a1:87:6f:f9:77:53:9f:12:
94:46:8f:f1:51:11:7b:71:7c:71:3f:3c:bd:4b:93:c6:c4:3b:
92:38:cf:49:81:6a:2a:9b:9d:71:a9:80:0e:94:bc:23:3b:db:
06:d5:0c:a3:a1:c3:5f:3e:7f:b6:89:0f:bd:88:3c:6d:2f:db:
8f:6c:d1:ae:72:f3:20:72:f4:de:e6:e3:c9:0a:ef:2c:04:79:
e4:53:4d:71:d5:79:89:94:2f:3d:7f:e4:29:c2:b0:0e:28:95:
3c:46:18:fd
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEMAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MzRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNFRUYwNzBGRUQ4QTdD
MUU0QUM3N0Y3QzJDN0UzMUZFOEUxOTAzQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCfCJN672TsEgkkFlVSHG1PrmTZsNduN8OsaL619z6v3cKcJkX
xqznbeXK6ZEk64WB9Mw3Suuq0CsnzjqJyyExr2/uA43JOzOn7pEZzsNhKzEzrs39
OLlhJA9AgzLtGDxOodhFkAsDhwf6kC1gM+aOHQSBf12AymH15gh6LMANFroyTo7D
T/fpI8CWCt1vyf+hn91cK0esrUvRqGMUchBd0wXzcR7CpQixSkEj1ryjyaaRJsur
z71x8QpEcGcVqFMt04ehispFnNgtHYtrrPVDkk8BCOwmEnFSisESCJLqljOIXVLM
MzENayVMQ+V7JeMNQlH2p+D+B78KeI+pRBG1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUPu8HD+2KfB5Kx398LH4x/o4ZA84wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUHU4SEQtMktmQjVLeDM5OExINHhf
bzRaQTg0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAivwaDAN
BgkqhkiG9w0BAQsFAAOCAQEAWAk4sn9DySV6qea+agh9dGarLfu/2OAbsCrg9ON0
wU53MqBvpozVLrkvGD6rMkNTJhQEttShq2YbPElOtWuZwr2IrQgmpshVUJrel594
6MOVcKSR9A4neZSM1vrncLS2kD8BKcxozOD59FmnzuWyPHFn57cotjZJSdEchdOn
tfgMhWjEcrLQ5sQzuGfaFuzZtuHoLEsZWxrXSqGHb/l3U58SlEaP8VERe3F8cT88
vUuTxsQ7kjjPSYFqKpudcamADpS8IzvbBtUMo6HDXz5/tokPvYg8bS/bj2zRrnLz
IHL03ubjyQrvLAR55FNNcdV5iZQvPX/kKcKwDiiVPEYY/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org