Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/UCZusaSA30hP03C-TbYVnnSnXmc.roa
File: UCZusaSA30hP03C-TbYVnnSnXmc.roa (raw, json)
Hash identifier: RC9e+u8qYkWLXefaS52aS5POAzHuoPRgagh4jLhSrMs=
Subject key identifier: 50:26:6E:B1:A4:80:DF:48:4F:D3:70:BE:4D:B6:15:9E:74:A7:5E:67
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12BE
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/UCZusaSA30hP03C-TbYVnnSnXmc.roa
Signing time: Fri 01 Sep 2023 08:04:56 +0000
ROA not before: Fri 01 Sep 2023 08:04:56 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38843
IP address blocks: 210.58.92.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4798 (0x12be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:56 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=50266EB1A480DF484FD370BE4DB6159E74A75E67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:18:7a:66:82:e7:ca:8e:3b:7f:03:9a:9d:fb:
95:cb:1d:59:d9:5e:a0:b0:a0:49:a0:36:04:f8:ea:
c1:c3:31:75:79:7e:b6:c4:3a:c3:83:fd:8d:cf:95:
83:46:2d:04:09:39:38:d1:0b:0f:7b:cc:3b:2b:3a:
9f:6d:51:50:3e:84:63:e9:da:48:73:aa:2b:3b:39:
2b:73:23:9e:db:e2:72:77:e8:cc:06:ef:01:d9:64:
5f:d3:32:18:92:4e:23:3d:71:ab:db:15:18:d9:f9:
b7:16:2c:5c:99:53:e2:9b:57:e8:f3:45:64:b9:2c:
b0:4b:77:45:13:34:dd:9d:6c:9a:b8:6a:3c:83:c9:
3b:47:64:69:9e:e4:7c:8d:ad:cf:72:39:4f:bd:f7:
94:02:27:1f:3f:c4:8f:6c:56:01:ae:e9:d3:29:2a:
58:04:07:22:95:f6:ff:4d:6e:a5:90:d4:55:07:6c:
0e:7b:b5:ff:ab:12:49:4d:95:ff:61:99:45:ad:57:
c7:b6:ae:a4:e3:e4:3f:4c:69:63:85:98:ee:d5:ab:
fa:99:73:38:b1:0b:db:dd:76:5f:02:7b:73:c9:5e:
39:e1:17:87:a8:50:08:23:94:57:5c:e5:62:55:0e:
4d:5e:e9:24:66:c7:cd:57:2f:ff:cc:0a:65:c4:de:
21:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:26:6E:B1:A4:80:DF:48:4F:D3:70:BE:4D:B6:15:9E:74:A7:5E:67
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/UCZusaSA30hP03C-TbYVnnSnXmc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.92.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:93:6c:8f:5d:fd:25:a9:32:de:9e:6f:17:6e:73:b1:31:00:
bf:92:17:36:59:6d:88:5c:6c:30:3e:7e:b8:fd:70:2a:ce:5c:
83:90:7f:84:ce:d5:0a:b9:64:6b:2d:02:08:e8:9e:4e:48:1c:
23:57:97:36:44:f8:b6:b9:52:3b:65:8b:59:51:9f:a7:56:78:
a9:ae:6e:e8:18:e7:17:26:fd:56:b5:56:f2:6f:fe:9b:c2:75:
56:90:3c:dd:93:4f:82:47:b1:6b:40:85:6d:df:e8:41:8a:90:
47:f6:7b:94:c1:16:3a:1a:d9:ca:d0:a7:e3:73:b9:bc:e0:70:
42:b8:d9:2e:be:02:17:97:a5:1e:95:c6:ed:b8:c6:be:ef:60:
7c:8b:21:48:8b:c1:51:59:c9:2e:b3:0a:a5:26:30:1a:17:1d:
e6:86:8b:c5:88:b5:3e:31:13:8d:7e:e0:99:9c:50:a8:d9:3f:
d5:b6:53:f7:16:ca:73:1f:cd:fc:8b:1f:5b:47:5d:12:30:f0:
9e:2a:70:7a:27:a3:6a:0e:71:5c:5b:b3:f5:3c:b3:f4:ed:69:
b2:f8:b6:b4:79:3a:1a:08:e6:1c:f0:de:d6:70:95:ea:22:27:
7d:37:6a:bf:d3:dc:34:d3:91:01:5c:b4:63:ab:78:1b:61:21:
9d:14:b3:10
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEr4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDUwMjY2RUIxQTQ4MERG
NDg0RkQzNzBCRTREQjYxNTlFNzRBNzVFNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9GHpmgufKjjt/A5qd+5XLHVnZXqCwoEmgNgT46sHDMXV5frbE
OsOD/Y3PlYNGLQQJOTjRCw97zDsrOp9tUVA+hGPp2khzqis7OStzI57b4nJ36MwG
7wHZZF/TMhiSTiM9cavbFRjZ+bcWLFyZU+KbV+jzRWS5LLBLd0UTNN2dbJq4ajyD
yTtHZGme5HyNrc9yOU+995QCJx8/xI9sVgGu6dMpKlgEByKV9v9NbqWQ1FUHbA57
tf+rEklNlf9hmUWtV8e2rqTj5D9MaWOFmO7Vq/qZczixC9vddl8Ce3PJXjnhF4eo
UAgjlFdc5WJVDk1e6SRmx81XL//MCmXE3iHLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUUCZusaSA30hP03C+TbYVnnSnXmcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVUNadXNhU0EzMGhQMDNDLVRiWVZu
blNuWG1jLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6XDAN
BgkqhkiG9w0BAQsFAAOCAQEAq5Nsj139Jaky3p5vF25zsTEAv5IXNlltiFxsMD5+
uP1wKs5cg5B/hM7VCrlkay0CCOieTkgcI1eXNkT4trlSO2WLWVGfp1Z4qa5u6Bjn
Fyb9VrVW8m/+m8J1VpA83ZNPgkexa0CFbd/oQYqQR/Z7lMEWOhrZytCn43O5vOBw
QrjZLr4CF5elHpXG7bjGvu9gfIshSIvBUVnJLrMKpSYwGhcd5oaLxYi1PjETjX7g
mZxQqNk/1bZT9xbKcx/N/IsfW0ddEjDwnipweiejag5xXFuz9Tyz9O1psvi2tHk6
GgjmHPDe1nCV6iInfTdqv9PcNNORAVy0Y6t4G2EhnRSzEA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org