Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Vykzzn0xxn1PQMvpsML2Z7NhXzU.roa
File: Vykzzn0xxn1PQMvpsML2Z7NhXzU.roa (raw, json)
Hash identifier: XN33HV8dPRYqv1g1JtId0hXaIPLfmvDFmuFYm5kQFes=
Subject key identifier: 57:29:33:CE:7D:31:C6:7D:4F:40:CB:E9:B0:C2:F6:67:B3:61:5F:35
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1049
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Vykzzn0xxn1PQMvpsML2Z7NhXzU.roa
Signing time: Tue 16 May 2023 08:36:00 +0000
ROA not before: Tue 16 May 2023 08:36:00 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131142
IP address blocks: 223.22.16.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4169 (0x1049)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:00 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=572933CE7D31C67D4F40CBE9B0C2F667B3615F35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:56:0c:0a:55:17:0d:5d:3e:79:ac:d7:4c:85:
9a:cb:3f:f0:07:a3:b2:03:3c:cd:e2:70:c5:31:4f:
ea:07:98:c7:b3:93:c3:1c:84:f2:6b:32:22:d3:85:
15:b6:84:da:2a:77:c7:9b:01:ea:09:18:9c:8d:f9:
ca:44:30:fd:db:77:4f:c6:12:ff:b3:6a:1f:28:80:
78:d7:dc:16:63:09:f1:b8:b6:24:e2:93:ac:1d:c1:
e6:d3:7c:59:b2:9b:cb:7b:39:c2:6d:a7:58:83:5b:
96:10:7f:3a:59:d1:f7:59:d8:c3:af:1d:66:d0:5a:
ff:5f:f4:d5:2d:db:58:92:f2:f1:5a:17:61:6d:39:
b2:28:c8:ee:59:25:19:72:d3:04:26:e3:b6:b0:b7:
a7:92:a7:49:96:03:b6:fd:ec:72:07:48:65:c9:f9:
bb:66:8b:f5:96:d1:db:cb:53:13:64:a9:64:47:3b:
05:b4:40:93:0e:44:6d:4e:28:9b:7d:78:e5:3a:ef:
d8:be:49:8c:01:75:cb:ce:54:be:69:ae:48:df:1e:
71:7b:c8:f1:c2:2b:2e:21:45:31:24:fc:20:d1:c5:
6a:55:55:98:71:ff:e6:79:a7:b4:81:11:44:9a:78:
bc:90:fd:81:68:ce:63:55:3c:96:03:ed:de:3c:8e:
75:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:29:33:CE:7D:31:C6:7D:4F:40:CB:E9:B0:C2:F6:67:B3:61:5F:35
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Vykzzn0xxn1PQMvpsML2Z7NhXzU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.16.0/22
Signature Algorithm: sha256WithRSAEncryption
73:ff:07:21:a5:06:85:21:18:cb:bd:fb:a8:f0:46:c5:df:a5:
3b:ab:a9:d5:c9:73:95:54:dd:99:14:86:32:a0:b9:12:29:e4:
5e:0f:02:94:93:ee:a9:b1:b5:78:04:a1:d3:86:5d:d1:53:41:
36:71:e7:cd:29:07:24:c2:3f:ca:f7:36:86:e3:ca:2b:0a:37:
a9:eb:09:99:3d:ff:5d:e4:0e:2b:8d:44:42:61:fa:38:c6:bf:
89:76:12:ef:5f:4b:42:ca:69:a7:d3:a9:c2:67:a0:0c:31:96:
68:2d:27:53:31:15:a2:b9:88:f0:92:4b:78:33:0e:19:d8:81:
b1:37:fa:c4:03:dc:7f:8a:ba:2b:e2:16:46:d0:01:1b:08:9e:
1c:8d:84:38:9c:fd:4f:98:ab:19:12:93:8c:99:2b:93:27:a6:
a4:d2:49:34:4c:53:c2:fc:89:a5:16:13:bf:e4:e9:1e:b5:04:
28:64:9f:da:e7:24:70:8c:d7:a9:89:1b:31:af:bc:36:00:98:
3a:df:0c:71:55:0b:0f:6d:7a:5b:0a:7c:c9:ee:91:1e:d8:6d:
c9:08:e2:f0:0e:1a:9a:52:b6:7b:89:29:56:3d:36:41:eb:f8:
1b:15:20:96:28:c7:db:7d:43:e2:94:87:4a:19:04:4c:e2:0a:
c8:2c:4a:ff
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDU3MjkzM0NFN0QzMUM2
N0Q0RjQwQ0JFOUIwQzJGNjY3QjM2MTVGMzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWVgwKVRcNXT55rNdMhZrLP/AHo7IDPM3icMUxT+oHmMezk8Mc
hPJrMiLThRW2hNoqd8ebAeoJGJyN+cpEMP3bd0/GEv+zah8ogHjX3BZjCfG4tiTi
k6wdwebTfFmym8t7OcJtp1iDW5YQfzpZ0fdZ2MOvHWbQWv9f9NUt21iS8vFaF2Ft
ObIoyO5ZJRly0wQm47awt6eSp0mWA7b97HIHSGXJ+btmi/WW0dvLUxNkqWRHOwW0
QJMORG1OKJt9eOU679i+SYwBdcvOVL5prkjfHnF7yPHCKy4hRTEk/CDRxWpVVZhx
/+Z5p7SBEUSaeLyQ/YFozmNVPJYD7d48jnU1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUVykzzn0xxn1PQMvpsML2Z7NhXzUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvVnlrenpuMHh4bjFQUU12cHNNTDJa
N05oWHpVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8WEDAN
BgkqhkiG9w0BAQsFAAOCAQEAc/8HIaUGhSEYy737qPBGxd+lO6up1clzlVTdmRSG
MqC5EinkXg8ClJPuqbG1eASh04Zd0VNBNnHnzSkHJMI/yvc2huPKKwo3qesJmT3/
XeQOK41EQmH6OMa/iXYS719LQsppp9OpwmegDDGWaC0nUzEVormI8JJLeDMOGdiB
sTf6xAPcf4q6K+IWRtABGwieHI2EOJz9T5irGRKTjJkrkyempNJJNExTwvyJpRYT
v+TpHrUEKGSf2uckcIzXqYkbMa+8NgCYOt8McVULD216Wwp8ye6RHthtyQji8A4a
mlK2e4kpVj02Qev4GxUglijH231D4pSHShkETOIKyCxK/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:31 2024 by rpki-client on console-fra.rpki-client.org