Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Qm86otd6_IjeIiaONAcKBZ5z270.roa
File: Qm86otd6_IjeIiaONAcKBZ5z270.roa (raw, json)
Hash identifier: lnef+9NrxiXH3nDMKwDa8GdeQA8R7MF5XiXqbmr3J7w=
Subject key identifier: 42:6F:3A:A2:D7:7A:FC:88:DE:22:26:8E:34:07:0A:05:9E:73:DB:BD
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12A1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Qm86otd6_IjeIiaONAcKBZ5z270.roa
Signing time: Fri 01 Sep 2023 08:04:44 +0000
ROA not before: Fri 01 Sep 2023 08:04:44 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 22787
IP address blocks: 210.58.90.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4769 (0x12a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:44 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=426F3AA2D77AFC88DE22268E34070A059E73DBBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:10:b1:5d:e2:39:d4:c5:b3:18:b9:f5:79:2c:
bc:2e:8e:b2:96:46:d0:79:bf:9d:f6:a9:63:e7:1b:
a0:9d:ff:08:8f:d0:b9:41:d9:90:ca:a9:84:15:b6:
17:01:5e:6d:30:8d:bc:e5:b7:8a:3c:2d:31:d7:0b:
f0:bf:1f:e6:48:19:6c:a5:4f:e2:b0:7c:ee:0a:9b:
27:54:91:0c:e5:d6:7d:fe:05:df:e0:0d:48:30:18:
21:68:20:a1:83:be:63:6d:63:82:09:8f:91:ca:fd:
0f:ae:dc:0a:70:8e:b2:17:ee:71:f9:4e:83:6c:71:
7d:83:7d:b9:a0:ed:1c:13:ae:f2:bd:5a:ef:a8:8c:
83:63:ee:77:48:34:82:b3:63:25:1d:74:c5:b8:76:
1c:2a:b1:76:06:73:5b:0a:a1:ef:e2:31:3c:ba:b4:
9a:a1:8b:b7:0d:87:7d:f8:49:8e:d6:5a:7e:ab:65:
0f:2f:14:c1:ab:dc:fc:66:90:7c:58:9c:e9:59:a2:
e3:dd:7e:c8:65:7e:65:34:e5:d7:d0:a0:9a:1f:c6:
04:39:c1:e3:c2:80:1b:43:a6:7e:b8:ce:0e:81:1f:
16:f9:5e:d6:d8:9f:b5:15:79:c9:03:02:44:b1:8b:
3c:7c:48:60:88:1f:fe:86:51:2f:38:cb:3b:12:35:
73:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:6F:3A:A2:D7:7A:FC:88:DE:22:26:8E:34:07:0A:05:9E:73:DB:BD
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Qm86otd6_IjeIiaONAcKBZ5z270.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.90.0/24
Signature Algorithm: sha256WithRSAEncryption
03:fa:c3:c1:e5:d4:57:1a:a9:84:2a:ea:2e:5d:c4:ab:cd:df:
57:91:eb:62:ae:7e:5b:08:ef:aa:b0:35:31:c5:f7:5b:42:d3:
9a:8e:96:25:0f:a5:cb:f2:15:b0:45:bc:00:36:ae:cf:d2:71:
d6:32:59:eb:ed:b5:ae:51:f9:38:4e:af:9f:63:2b:ff:0b:f1:
af:a5:0d:20:12:f8:80:4b:f3:6d:d5:f0:7c:1b:ae:5c:23:7a:
89:d1:56:53:83:ad:73:0c:85:b5:de:ec:9e:cb:1c:c0:0f:e0:
79:be:4e:38:5b:4b:6a:25:75:63:86:75:44:38:63:95:28:62:
a9:c9:5a:73:33:6b:fd:87:19:39:04:29:09:4d:69:f2:76:b5:
a3:00:20:e7:5e:bc:74:df:c3:0f:3e:ab:c0:ef:f6:92:79:a5:
c7:84:00:5a:6a:fe:f0:ca:01:73:42:98:75:73:a2:0c:6e:d8:
46:07:04:e4:35:72:55:87:5c:15:a1:cf:19:3a:c6:81:ce:90:
51:ec:1b:ea:73:3c:17:0d:34:8e:4d:d1:86:b6:c2:bf:3d:33:
a1:d7:b6:a7:dc:28:31:9b:f3:7c:56:62:0f:6e:bc:ca:9c:82:
73:92:24:99:b2:4b:53:87:a8:93:2a:16:20:9c:82:f0:13:b9:
f5:89:13:b6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDQyNkYzQUEyRDc3QUZD
ODhERTIyMjY4RTM0MDcwQTA1OUU3M0RCQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDjELFd4jnUxbMYufV5LLwujrKWRtB5v532qWPnG6Cd/wiP0LlB
2ZDKqYQVthcBXm0wjbzlt4o8LTHXC/C/H+ZIGWylT+KwfO4KmydUkQzl1n3+Bd/g
DUgwGCFoIKGDvmNtY4IJj5HK/Q+u3ApwjrIX7nH5ToNscX2Dfbmg7RwTrvK9Wu+o
jINj7ndINIKzYyUddMW4dhwqsXYGc1sKoe/iMTy6tJqhi7cNh334SY7WWn6rZQ8v
FMGr3PxmkHxYnOlZouPdfshlfmU05dfQoJofxgQ5wePCgBtDpn64zg6BHxb5XtbY
n7UVeckDAkSxizx8SGCIH/6GUS84yzsSNXOBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQm86otd6/IjeIiaONAcKBZ5z270wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUW04Nm90ZDZfSWplSWlhT05BY0tC
WjV6MjcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6WjAN
BgkqhkiG9w0BAQsFAAOCAQEAA/rDweXUVxqphCrqLl3Eq83fV5HrYq5+WwjvqrA1
McX3W0LTmo6WJQ+ly/IVsEW8ADauz9Jx1jJZ6+21rlH5OE6vn2Mr/wvxr6UNIBL4
gEvzbdXwfBuuXCN6idFWU4OtcwyFtd7snsscwA/geb5OOFtLaiV1Y4Z1RDhjlShi
qclaczNr/YcZOQQpCU1p8na1owAg5168dN/DDz6rwO/2knmlx4QAWmr+8MoBc0KY
dXOiDG7YRgcE5DVyVYdcFaHPGTrGgc6QUewb6nM8Fw00jk3RhrbCvz0zode2p9wo
MZvzfFZiD268ypyCc5IkmbJLU4eokyoWIJyC8BO59YkTtg==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org