Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/RaqlHmiRBrTDC6XZP6NRVtuA1fk.roa
File: RaqlHmiRBrTDC6XZP6NRVtuA1fk.roa (raw, json)
Hash identifier: IxFtGjSXa15Wtrb8KaTscEGaqk4VVabazymPXG6Hb8k=
Subject key identifier: 45:AA:A5:1E:68:91:06:B4:C3:0B:A5:D9:3F:A3:51:56:DB:80:D5:F9
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 131D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/RaqlHmiRBrTDC6XZP6NRVtuA1fk.roa
Signing time: Fri 01 Sep 2023 08:05:23 +0000
ROA not before: Fri 01 Sep 2023 08:05:23 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131142
IP address blocks: 222.251.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4893 (0x131d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:23 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=45AAA51E689106B4C30BA5D93FA35156DB80D5F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:c0:08:ed:88:4a:cd:80:1a:ea:84:2a:47:b0:
71:8c:45:99:23:66:8e:8f:34:ea:10:ea:19:f2:c2:
79:aa:39:d2:c0:8f:82:71:d6:c6:bb:b8:c1:7a:3a:
00:50:23:79:f7:d7:8b:dd:d0:41:f6:7a:08:9c:4a:
8a:9a:a1:7d:37:08:33:fb:b7:28:04:e0:42:ae:87:
84:8c:12:5d:51:03:51:5d:f6:57:45:cc:8d:f0:6d:
bd:8a:f7:fe:64:17:a2:fa:af:70:e9:db:fe:3b:73:
77:dd:4b:50:57:ba:d3:4d:53:08:ab:c6:3d:a3:4f:
4a:6d:33:9f:05:8b:94:15:35:6e:09:9d:fd:7e:95:
a0:a0:cc:05:44:51:8f:b0:3e:5c:9f:eb:8f:14:fb:
30:60:af:3a:c2:e7:c5:d0:64:65:c7:66:38:4c:8a:
2c:2b:08:27:3d:c0:8e:af:6f:b6:c5:dd:20:4a:cb:
36:33:85:72:cf:28:a1:a6:40:c3:42:39:c1:5a:2c:
d0:b2:0a:55:00:46:e0:fd:e2:18:11:76:01:07:b0:
13:cf:6e:de:0e:35:30:87:7f:2e:44:e1:ef:6b:92:
cc:dd:63:96:d4:47:ed:4d:29:47:52:85:30:8b:a7:
c4:8c:86:fb:fd:92:40:fd:b2:79:d5:d9:ec:7c:6f:
0e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:AA:A5:1E:68:91:06:B4:C3:0B:A5:D9:3F:A3:51:56:DB:80:D5:F9
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/RaqlHmiRBrTDC6XZP6NRVtuA1fk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.251.0.0/18
Signature Algorithm: sha256WithRSAEncryption
34:ca:71:41:7d:11:0b:10:92:59:f1:8c:f4:ba:58:17:fb:4f:
98:db:92:a6:25:b7:48:92:f2:10:12:1d:fc:30:9f:8f:be:98:
fb:d0:51:9f:39:14:46:0a:c9:26:3e:39:5e:45:7f:1f:53:81:
b8:69:d4:61:4c:d6:88:d0:af:22:21:83:15:d1:f0:3e:9b:8b:
e4:9b:70:4a:e5:f4:77:e8:a7:fb:8d:44:39:1d:62:fc:f7:c9:
db:eb:07:9a:77:49:a3:9b:b1:30:33:ba:8b:e0:00:cc:58:bd:
1f:b9:4f:ac:95:7a:ba:fe:bf:b9:79:65:22:a2:60:c0:e5:61:
39:4d:63:99:81:e9:bc:ec:2c:c7:ff:ba:36:55:db:02:1e:86:
6a:70:d6:e8:8f:99:d7:87:9a:5d:77:22:ce:dd:96:dd:12:15:
8c:08:40:5d:53:56:d5:82:68:ab:c2:1a:5a:2b:da:6a:01:ca:
85:d1:86:d6:7f:ea:05:20:f6:a0:0f:43:d5:34:0f:3d:27:21:
27:3f:c5:e3:94:2f:9c:13:94:be:06:2a:80:77:92:d6:2b:4f:
bb:2c:54:e3:84:f1:9a:43:be:6c:35:5d:e5:e2:9c:9b:08:65:
bb:3f:50:66:1c:90:f5:dd:76:44:dd:ac:db:43:2c:01:2b:12:
04:2a:e1:40
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEx0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDQ1QUFBNTFFNjg5MTA2
QjRDMzBCQTVEOTNGQTM1MTU2REI4MEQ1RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGwAjtiErNgBrqhCpHsHGMRZkjZo6PNOoQ6hnywnmqOdLAj4Jx
1sa7uMF6OgBQI3n314vd0EH2egicSoqaoX03CDP7tygE4EKuh4SMEl1RA1Fd9ldF
zI3wbb2K9/5kF6L6r3Dp2/47c3fdS1BXutNNUwirxj2jT0ptM58Fi5QVNW4Jnf1+
laCgzAVEUY+wPlyf648U+zBgrzrC58XQZGXHZjhMiiwrCCc9wI6vb7bF3SBKyzYz
hXLPKKGmQMNCOcFaLNCyClUARuD94hgRdgEHsBPPbt4ONTCHfy5E4e9rkszdY5bU
R+1NKUdShTCLp8SMhvv9kkD9snnV2ex8bw7LAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQURaqlHmiRBrTDC6XZP6NRVtuA1fkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvUmFxbEhtaVJCclREQzZYWlA2TlJW
dHVBMWZrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt77ADAN
BgkqhkiG9w0BAQsFAAOCAQEANMpxQX0RCxCSWfGM9LpYF/tPmNuSpiW3SJLyEBId
/DCfj76Y+9BRnzkURgrJJj45XkV/H1OBuGnUYUzWiNCvIiGDFdHwPpuL5JtwSuX0
d+in+41EOR1i/PfJ2+sHmndJo5uxMDO6i+AAzFi9H7lPrJV6uv6/uXllIqJgwOVh
OU1jmYHpvOwsx/+6NlXbAh6GanDW6I+Z14eaXXcizt2W3RIVjAhAXVNW1YJoq8Ia
WivaagHKhdGG1n/qBSD2oA9D1TQPPSchJz/F45QvnBOUvgYqgHeS1itPuyxU44Tx
mkO+bDVd5eKcmwhluz9QZhyQ9d12RN2s20MsASsSBCrhQA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org