Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/U0KNQczYO5sx0X56aXd8y4MnP5o.roa
File: U0KNQczYO5sx0X56aXd8y4MnP5o.roa (raw, json)
Hash identifier: 7BTYe/Tcvu/r4XsPcvlCaRIx6TA/XZujnxx/Gadg1MY=
Subject key identifier: 53:42:8D:41:CC:D8:3B:9B:31:D1:7E:7A:69:77:7C:CB:83:27:3F:9A
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 129B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/U0KNQczYO5sx0X56aXd8y4MnP5o.roa
Signing time: Fri 01 Sep 2023 08:04:42 +0000
ROA not before: Fri 01 Sep 2023 08:04:42 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 60.244.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4763 (0x129b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:42 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=53428D41CCD83B9B31D17E7A69777CCB83273F9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7a:45:ce:8a:78:88:a0:f0:af:17:91:70:e3:
8d:06:5c:03:f4:b4:74:95:cb:4e:8f:1c:35:33:25:
44:6a:a7:4f:27:74:2d:ee:21:00:ef:5f:30:9c:c3:
86:df:e1:90:73:7e:80:5a:b5:b2:2d:a7:b5:c2:0b:
40:98:b5:0a:ac:f4:ee:be:bf:05:18:e3:44:e7:c9:
4d:ae:80:b3:86:89:e3:40:d2:bb:79:f1:11:65:bf:
72:90:27:e8:94:4d:66:26:82:41:97:d3:9b:4c:0e:
4b:c5:e2:cb:cd:34:16:f9:57:5e:b9:00:5d:b4:2d:
5a:fa:3f:6f:b1:57:19:d7:52:f2:53:5b:27:44:b3:
16:46:57:8e:15:9c:d7:03:31:98:9d:cb:56:ea:e3:
83:1c:51:a7:17:e7:35:8f:71:22:9e:b0:33:07:9e:
e9:4b:89:e2:ae:64:d8:5a:64:f5:63:b8:67:76:57:
e8:15:10:c0:db:69:9a:7d:90:17:87:19:49:3e:6d:
d2:9a:f2:d7:84:57:23:a4:d7:ed:ec:73:49:85:07:
ea:11:b8:92:4a:6b:2c:0c:98:ef:7e:99:e4:d5:e1:
77:ff:f8:df:de:fb:ff:a5:9e:6c:19:9c:ba:9b:32:
dc:29:32:b1:07:dd:a7:78:df:a7:a5:83:5f:60:2a:
c3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:42:8D:41:CC:D8:3B:9B:31:D1:7E:7A:69:77:7C:CB:83:27:3F:9A
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/U0KNQczYO5sx0X56aXd8y4MnP5o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a9:5b:a7:f5:87:2b:0a:08:92:30:c7:00:e8:94:d0:9f:5e:27:
e5:5c:98:b1:12:e2:55:3b:73:f2:34:c9:fb:6c:b8:27:33:1e:
c8:1e:b0:71:01:9e:4f:4d:bc:c7:d2:cd:c9:16:e4:10:4c:f5:
fd:b2:d1:08:21:75:3a:7d:8b:66:36:9d:cd:6e:97:44:6e:e4:
cc:e2:af:8b:e1:7e:c0:27:0d:78:22:c3:c1:6c:52:c0:69:9e:
d2:87:98:7d:ef:68:a4:80:38:af:a0:82:63:37:03:6b:83:1f:
e1:7c:6d:14:ae:48:7a:76:b3:53:1f:9d:e1:af:f4:f6:c1:1b:
a6:0f:f9:76:ff:c9:94:64:a6:f5:40:21:5e:b7:8a:54:ec:02:
7f:e0:8f:79:02:2d:db:a5:c8:d2:60:9e:f3:9a:69:46:75:8f:
45:0d:0e:2b:b1:74:27:da:1b:24:2a:c0:59:04:85:ba:09:9c:
be:db:35:dd:fb:3d:f1:2d:8e:bd:52:82:f2:f5:85:28:15:f5:
81:a4:5f:fa:3a:d4:af:3d:9d:cc:b2:20:f2:95:92:2e:33:ea:
16:b6:df:65:64:f6:65:a7:6b:5f:c5:32:e7:b2:f7:5e:d8:2b:
53:22:a3:96:12:5f:f7:a1:d8:69:6f:fc:42:74:e7:14:1b:16:
4c:3e:2e:c0
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEpswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDUzNDI4RDQxQ0NEODNC
OUIzMUQxN0U3QTY5Nzc3Q0NCODMyNzNGOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKekXOiniIoPCvF5Fw440GXAP0tHSVy06PHDUzJURqp08ndC3u
IQDvXzCcw4bf4ZBzfoBatbItp7XCC0CYtQqs9O6+vwUY40TnyU2ugLOGieNA0rt5
8RFlv3KQJ+iUTWYmgkGX05tMDkvF4svNNBb5V165AF20LVr6P2+xVxnXUvJTWydE
sxZGV44VnNcDMZidy1bq44McUacX5zWPcSKesDMHnulLieKuZNhaZPVjuGd2V+gV
EMDbaZp9kBeHGUk+bdKa8teEVyOk1+3sc0mFB+oRuJJKaywMmO9+meTV4Xf/+N/e
+/+lnmwZnLqbMtwpMrEH3ad436elg19gKsOPAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUU0KNQczYO5sx0X56aXd8y4MnP5owHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVTBLTlFjellPNXN4MFg1NmFYZDh5
NE1uUDVvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADz0MA0G
CSqGSIb3DQEBCwUAA4IBAQCpW6f1hysKCJIwxwDolNCfXiflXJixEuJVO3PyNMn7
bLgnMx7IHrBxAZ5PTbzH0s3JFuQQTPX9stEIIXU6fYtmNp3NbpdEbuTM4q+L4X7A
Jw14IsPBbFLAaZ7Sh5h972ikgDivoIJjNwNrgx/hfG0Urkh6drNTH53hr/T2wRum
D/l2/8mUZKb1QCFet4pU7AJ/4I95Ai3bpcjSYJ7zmmlGdY9FDQ4rsXQn2hskKsBZ
BIW6CZy+2zXd+z3xLY69UoLy9YUoFfWBpF/6OtSvPZ3MsiDylZIuM+oWtt9lZPZl
p2tfxTLnsvde2CtTIqOWEl/3odhpb/xCdOcUGxZMPi7A
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:00 2024 by rpki-client on console-ams.rpki-client.org