Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/QoZUIumJLgtEwNhrXk2mWYr1eGk.roa
File: QoZUIumJLgtEwNhrXk2mWYr1eGk.roa (raw, json)
Hash identifier: urM9boWo9QHWHkQ0UVMfw6U5mxfx+NgfYjT/kCdh7HE=
Subject key identifier: 42:86:54:22:E9:89:2E:0B:44:C0:D8:6B:5E:4D:A6:59:8A:F5:78:69
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 128D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/QoZUIumJLgtEwNhrXk2mWYr1eGk.roa
Signing time: Fri 01 Sep 2023 08:04:37 +0000
ROA not before: Fri 01 Sep 2023 08:04:37 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131597
IP address blocks: 218.35.64.0/19 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4749 (0x128d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:37 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=42865422E9892E0B44C0D86B5E4DA6598AF57869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:23:a0:c1:f7:32:40:40:aa:a8:5e:21:2a:a4:
64:61:20:06:3e:13:4b:27:2a:fc:fa:46:3d:86:16:
7c:e3:db:ab:0b:12:24:d2:ea:ee:f6:fc:aa:2f:33:
4a:d1:4c:e6:ec:a4:8d:2b:f9:6d:a3:d6:f6:e3:e4:
6f:b0:cb:77:b4:1a:02:a3:b1:c5:d2:4c:65:08:02:
8d:30:a8:e0:b2:8a:04:96:db:16:aa:d2:e2:07:14:
af:be:8b:a4:b5:08:87:75:03:88:eb:ce:28:05:da:
1e:77:ee:47:e6:49:86:2d:ba:b1:e3:a7:7d:f5:f3:
b6:66:eb:a9:21:62:cc:08:47:c5:a2:b4:f2:99:f3:
c9:f3:a4:19:3e:fe:50:ff:78:6f:cd:aa:22:dc:5c:
29:4f:e6:ab:fd:ea:3c:f1:0d:54:d1:ce:03:d8:0c:
74:ea:54:0b:24:cd:ee:2d:e4:bd:51:a3:d5:b3:09:
fa:2a:44:a1:b0:64:65:1f:15:fb:8a:58:41:11:1a:
bb:fd:70:02:47:b4:51:27:81:f8:9e:5a:77:cf:f3:
30:df:19:b3:27:bd:b9:45:89:48:1d:f8:dc:90:96:
b4:c8:1d:b0:0f:e3:eb:36:19:1c:71:db:0c:af:04:
e7:c1:44:26:e5:56:27:98:75:ca:00:57:33:98:d6:
81:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:86:54:22:E9:89:2E:0B:44:C0:D8:6B:5E:4D:A6:59:8A:F5:78:69
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/QoZUIumJLgtEwNhrXk2mWYr1eGk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.64.0/19
Signature Algorithm: sha256WithRSAEncryption
67:7f:1e:a2:69:75:e2:50:41:b6:bb:eb:0f:35:d2:e2:99:2a:
ac:32:68:cf:23:d9:fd:50:04:33:3a:94:bc:fb:74:3d:e2:b0:
93:94:e8:f8:14:96:e3:cf:e7:80:e6:9e:c3:88:74:1a:c4:41:
73:6e:b5:22:e3:7e:41:99:e8:bb:53:a5:92:eb:70:c6:4e:19:
a0:4c:69:8a:0c:61:05:dc:d5:a3:2c:67:4f:cb:46:ff:f5:23:
81:49:19:8a:e4:28:ce:70:e3:48:08:ea:98:5d:f7:c7:21:9c:
bc:8f:87:ab:a0:a7:86:89:05:7e:f0:c1:86:b5:c3:c1:2e:46:
09:0e:4c:49:9a:a0:80:a0:56:dd:a6:8c:11:6a:9d:13:80:0c:
e4:d8:2a:bb:65:3f:2a:15:ce:b3:c9:e5:b7:07:67:61:12:b1:
80:c7:2c:29:44:32:4b:c5:ae:0f:43:48:31:0a:7a:c4:e2:52:
61:56:01:c1:6d:96:ca:c0:ca:82:e9:c9:5a:38:49:d9:ed:ed:
74:08:78:fb:f1:d8:4b:59:dc:1d:9b:bb:09:e8:b3:82:4b:56:
1f:d9:53:36:a1:d8:80:23:8c:bb:21:b7:c7:66:dd:67:bc:e1:
5f:3e:d7:0f:32:75:d3:f3:4f:b8:50:32:a3:bc:75:93:06:66:
0e:4e:4c:88
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEo0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDQyODY1NDIyRTk4OTJF
MEI0NEMwRDg2QjVFNERBNjU5OEFGNTc4NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOI6DB9zJAQKqoXiEqpGRhIAY+E0snKvz6Rj2GFnzj26sLEiTS
6u72/KovM0rRTObspI0r+W2j1vbj5G+wy3e0GgKjscXSTGUIAo0wqOCyigSW2xaq
0uIHFK++i6S1CId1A4jrzigF2h537kfmSYYturHjp33187Zm66khYswIR8WitPKZ
88nzpBk+/lD/eG/NqiLcXClP5qv96jzxDVTRzgPYDHTqVAskze4t5L1Ro9WzCfoq
RKGwZGUfFfuKWEERGrv9cAJHtFEngfieWnfP8zDfGbMnvblFiUgd+NyQlrTIHbAP
4+s2GRxx2wyvBOfBRCblVieYdcoAVzOY1oERAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUQoZUIumJLgtEwNhrXk2mWYr1eGkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUW9aVUl1bUpMZ3RFd05oclhrMm1X
WXIxZUdrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZ38eoml14lBBtrvrDzXS4pkqrDJozyPZ/VAEMzqU
vPt0PeKwk5To+BSW48/ngOaew4h0GsRBc261IuN+QZnou1Olkutwxk4ZoExpigxh
BdzVoyxnT8tG//UjgUkZiuQoznDjSAjqmF33xyGcvI+Hq6CnhokFfvDBhrXDwS5G
CQ5MSZqggKBW3aaMEWqdE4AM5Ngqu2U/KhXOs8nltwdnYRKxgMcsKUQyS8WuD0NI
MQp6xOJSYVYBwW2WysDKgunJWjhJ2e3tdAh4+/HYS1ncHZu7CeizgktWH9lTNqHY
gCOMuyG3x2bdZ7zhXz7XDzJ10/NPuFAyo7x1kwZmDk5MiA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org