Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/QIDIOdjoOmNwSV2NlejZMNeS79Y.roa
File: QIDIOdjoOmNwSV2NlejZMNeS79Y.roa (raw, json)
Hash identifier: BaaQuTTG2OakPXDT2GlPO5O00hGzWB/mfGDQTZ44AGU=
Subject key identifier: 40:80:C8:39:D8:E8:3A:63:70:49:5D:8D:95:E8:D9:30:D7:92:EF:D6
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12B2
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/QIDIOdjoOmNwSV2NlejZMNeS79Y.roa
Signing time: Fri 01 Sep 2023 08:04:52 +0000
ROA not before: Fri 01 Sep 2023 08:04:52 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 203.79.232.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4786 (0x12b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:52 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=4080C839D8E83A6370495D8D95E8D930D792EFD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:33:19:0b:d5:6d:49:b4:d7:7d:9a:57:05:e4:
67:8f:e0:ba:34:c4:b5:ae:12:12:5a:b7:ce:6f:ed:
58:ff:1b:b6:80:75:97:7c:f2:48:82:db:f8:15:3d:
4b:dc:29:c1:f5:b4:1d:6f:04:35:27:14:b7:cc:77:
27:88:03:f5:49:a1:64:e9:94:58:a8:a6:6a:f3:b3:
f6:f2:2d:a0:8a:bb:91:a6:b4:88:7d:30:b1:67:c8:
da:0e:7f:be:97:0a:f9:00:e5:4a:ff:12:ca:b1:3c:
99:82:02:63:9b:eb:52:c7:bb:92:26:5f:cc:ab:f4:
00:97:cf:37:a9:e5:4f:d1:1a:49:9f:b8:30:b1:c2:
3e:b4:65:d6:75:76:e7:79:3c:cc:a3:56:58:25:4b:
f6:6d:c6:02:45:db:04:ea:e8:77:d9:c9:4d:28:2f:
0d:d0:f0:73:58:96:7b:91:f3:c8:83:0b:64:45:7a:
88:74:24:dc:16:e0:ec:51:07:ac:ca:8f:c5:3a:5c:
9f:a3:34:da:10:3f:7f:3d:65:b6:76:18:ef:aa:35:
c0:a4:5e:6d:68:7c:2f:de:b8:b1:e2:6a:0e:10:ec:
9e:a2:06:22:49:d1:8a:7d:a9:3a:17:53:10:9f:7b:
64:b9:b2:54:6a:1d:96:bd:06:1b:f3:76:67:6e:7a:
b0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:80:C8:39:D8:E8:3A:63:70:49:5D:8D:95:E8:D9:30:D7:92:EF:D6
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/QIDIOdjoOmNwSV2NlejZMNeS79Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.232.0/21
Signature Algorithm: sha256WithRSAEncryption
73:63:dd:de:a1:3a:4a:a6:06:3a:7c:68:18:61:93:38:48:30:
c9:5f:ad:2f:f1:e7:df:91:8a:23:30:e8:84:24:fa:9a:5f:60:
36:19:42:57:24:fa:95:2d:07:b0:47:e6:bd:35:33:83:fa:5d:
18:4d:30:f4:ec:c3:f4:06:1f:68:08:ea:05:29:44:31:ca:4d:
f2:53:c3:ec:87:92:9d:ec:60:e7:e9:94:e2:fe:98:1d:46:67:
d4:a1:b4:47:9a:14:4b:77:33:50:5c:14:32:95:d6:ae:b0:17:
d4:8c:18:f1:0e:ff:e8:e4:a2:3b:b2:0e:64:92:56:9c:9f:ee:
fe:a4:10:47:c3:fe:03:e1:81:3a:74:3f:a2:96:a6:21:05:a5:
8d:c2:e3:77:be:eb:c9:6b:b2:24:03:f0:a5:d7:aa:1e:fe:73:
fd:c5:80:19:8b:5a:46:72:fc:ad:48:77:8f:2f:78:f8:74:b3:
a0:4a:e4:5f:56:d1:7d:70:9d:1a:22:ff:0c:5c:95:de:2d:08:
20:cd:6d:8a:4c:d7:99:55:2c:36:00:5a:f6:07:bc:7c:09:4d:
ca:b1:ff:07:b5:c9:23:ec:1f:e5:7e:3c:86:79:1f:e8:5e:95:
a2:62:19:20:33:05:9d:d5:e2:84:fc:83:7d:cf:dc:65:6f:1b:
5c:a4:85:a1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICErIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDQwODBDODM5RDhFODNB
NjM3MDQ5NUQ4RDk1RThEOTMwRDc5MkVGRDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUMxkL1W1JtNd9mlcF5GeP4Lo0xLWuEhJat85v7Vj/G7aAdZd8
8kiC2/gVPUvcKcH1tB1vBDUnFLfMdyeIA/VJoWTplFiopmrzs/byLaCKu5GmtIh9
MLFnyNoOf76XCvkA5Ur/EsqxPJmCAmOb61LHu5ImX8yr9ACXzzep5U/RGkmfuDCx
wj60ZdZ1dud5PMyjVlglS/ZtxgJF2wTq6HfZyU0oLw3Q8HNYlnuR88iDC2RFeoh0
JNwW4OxRB6zKj8U6XJ+jNNoQP389ZbZ2GO+qNcCkXm1ofC/euLHiag4Q7J6iBiJJ
0Yp9qToXUxCfe2S5slRqHZa9BhvzdmduerABAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQIDIOdjoOmNwSV2NlejZMNeS79YwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUUlESU9kam9PbU53U1YyTmxlalpN
TmVTNzlZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8tP6DAN
BgkqhkiG9w0BAQsFAAOCAQEAc2Pd3qE6SqYGOnxoGGGTOEgwyV+tL/Hn35GKIzDo
hCT6ml9gNhlCVyT6lS0HsEfmvTUzg/pdGE0w9OzD9AYfaAjqBSlEMcpN8lPD7IeS
nexg5+mU4v6YHUZn1KG0R5oUS3czUFwUMpXWrrAX1IwY8Q7/6OSiO7IOZJJWnJ/u
/qQQR8P+A+GBOnQ/opamIQWljcLjd77ryWuyJAPwpdeqHv5z/cWAGYtaRnL8rUh3
jy94+HSzoErkX1bRfXCdGiL/DFyV3i0IIM1tikzXmVUsNgBa9ge8fAlNyrH/B7XJ
I+wf5X48hnkf6F6VomIZIDMFndXihPyDfc/cZW8bXKSFoQ==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org