Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/U49VxCopct63wKr7udZEioRS2Bk.roa
File: U49VxCopct63wKr7udZEioRS2Bk.roa (raw, json)
Hash identifier: iVIjcRz0BTxeaQ3UqmPrBX3sBFocqyEmyQiPsPr9FUs=
Subject key identifier: 53:8F:55:C4:2A:29:72:DE:B7:C0:AA:FB:B9:D6:44:8A:84:52:D8:19
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1039
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/U49VxCopct63wKr7udZEioRS2Bk.roa
Signing time: Tue 16 May 2023 08:35:54 +0000
ROA not before: Tue 16 May 2023 08:35:54 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 202.178.180.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4153 (0x1039)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:35:54 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=538F55C42A2972DEB7C0AAFBB9D6448A8452D819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7e:7a:a8:d8:b0:00:31:c8:52:22:07:96:7c:
d1:53:8c:aa:cc:56:ed:db:78:e9:08:16:e5:05:1d:
90:72:1b:6e:bd:70:aa:43:fe:c8:14:4a:79:f8:0f:
e0:b5:bf:ba:89:ef:0b:01:ee:f0:70:c7:7a:72:57:
01:92:4a:c3:d5:f8:20:01:9e:1c:50:1b:86:46:79:
d6:e2:30:1b:1a:07:16:be:eb:80:1d:f7:ac:4f:30:
00:56:ca:05:4b:11:bf:80:0b:da:b0:e5:04:f3:67:
e3:82:11:2e:18:41:7b:24:d0:ec:be:b4:a8:03:d3:
e6:dc:a7:07:a3:24:4d:3a:75:fe:bc:7d:c7:3a:da:
11:73:03:0a:54:eb:c6:91:7e:60:c3:74:81:02:e5:
e8:a9:68:06:9f:18:59:c1:bc:a0:d3:3e:78:02:08:
bd:7f:17:2c:60:98:8c:b2:60:30:0a:10:4c:65:37:
f7:ca:5f:0c:a3:3a:d7:0e:6b:7d:cf:25:28:7c:96:
a6:15:9d:13:20:72:03:ac:29:fa:fc:40:aa:e1:7b:
20:7e:d4:27:27:7f:0f:a2:4f:80:fb:2d:2f:0a:32:
11:91:35:6d:87:6e:fb:ba:2e:6e:d0:03:7d:7f:b8:
4e:98:59:d7:82:38:9e:4d:3c:79:84:31:d4:f6:63:
55:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:8F:55:C4:2A:29:72:DE:B7:C0:AA:FB:B9:D6:44:8A:84:52:D8:19
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/U49VxCopct63wKr7udZEioRS2Bk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.178.180.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:14:c5:5d:67:b6:77:43:68:9f:5a:60:21:95:d3:da:19:bb:
30:d4:bc:f0:45:8c:33:d9:76:89:8e:43:c7:76:b1:31:ac:9f:
78:2f:79:50:51:0e:7f:b3:e3:f3:e9:4a:ab:72:05:97:b7:02:
78:61:c5:86:4e:76:2a:2b:d1:71:27:89:a8:b6:9d:24:fa:44:
25:68:4a:0f:1c:58:e4:e8:81:d6:1e:3a:df:52:17:a7:56:6c:
44:43:27:15:f3:9a:68:be:56:bc:49:d6:48:73:c6:37:bf:94:
72:c5:f0:eb:24:86:78:be:9a:a9:91:a6:76:ba:fe:40:cc:37:
7a:34:18:1f:46:f6:7f:8f:ee:1e:6d:47:b8:48:fd:4e:47:60:
30:ac:62:36:23:b1:e2:b3:67:f5:2f:84:d1:63:e0:71:88:59:
0f:b6:bd:3e:7a:48:5b:a8:f7:d6:86:54:fa:8b:e0:62:cb:15:
a1:56:5a:6a:7b:69:39:ca:da:e2:af:3d:2f:ac:60:9f:1b:3a:
4c:74:91:40:38:9f:62:da:b5:8c:bb:ce:8d:ed:de:a4:dc:5b:
3c:8d:37:b2:52:1d:f4:37:e7:4b:6f:6d:c2:4f:15:64:e2:b3:
6e:94:db:d4:5a:11:1b:4a:4d:53:63:2a:15:22:3c:d4:98:e4:
e9:f1:26:ae
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEDkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM1NTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDUzOEY1NUM0MkEyOTcy
REVCN0MwQUFGQkI5RDY0NDhBODQ1MkQ4MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDQfnqo2LAAMchSIgeWfNFTjKrMVu3beOkIFuUFHZByG269cKpD
/sgUSnn4D+C1v7qJ7wsB7vBwx3pyVwGSSsPV+CABnhxQG4ZGedbiMBsaBxa+64Ad
96xPMABWygVLEb+AC9qw5QTzZ+OCES4YQXsk0Oy+tKgD0+bcpwejJE06df68fcc6
2hFzAwpU68aRfmDDdIEC5eipaAafGFnBvKDTPngCCL1/FyxgmIyyYDAKEExlN/fK
XwyjOtcOa33PJSh8lqYVnRMgcgOsKfr8QKrheyB+1Ccnfw+iT4D7LS8KMhGRNW2H
bvu6Lm7QA31/uE6YWdeCOJ5NPHmEMdT2Y1XzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUU49VxCopct63wKr7udZEioRS2BkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVTQ5VnhDb3BjdDYzd0tyN3VkWkVp
b1JTMkJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsqytDAN
BgkqhkiG9w0BAQsFAAOCAQEAbBTFXWe2d0Non1pgIZXT2hm7MNS88EWMM9l2iY5D
x3axMayfeC95UFEOf7Pj8+lKq3IFl7cCeGHFhk52KivRcSeJqLadJPpEJWhKDxxY
5OiB1h4631IXp1ZsREMnFfOaaL5WvEnWSHPGN7+UcsXw6ySGeL6aqZGmdrr+QMw3
ejQYH0b2f4/uHm1HuEj9TkdgMKxiNiOx4rNn9S+E0WPgcYhZD7a9PnpIW6j31oZU
+ovgYssVoVZaantpOcra4q89L6xgnxs6THSRQDifYtq1jLvOje3epNxbPI03slId
9DfnS29twk8VZOKzbpTb1FoRG0pNU2MqFSI81Jjk6fEmrg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org