Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/XaXE85GtekB9kGOGVS8LukqzomE.roa
File: XaXE85GtekB9kGOGVS8LukqzomE.roa (raw, json)
Hash identifier: +F/LsHFboyzUbkrUwlUWG1ql4aN+P3M6Cfm+fVK1gss=
Subject key identifier: 5D:A5:C4:F3:91:AD:7A:40:7D:90:63:86:55:2F:0B:BA:4A:B3:A2:61
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C95
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XaXE85GtekB9kGOGVS8LukqzomE.roa
Signing time: Sun 07 Feb 2021 11:40:11 +0000
ROA not before: Sun 07 Feb 2021 11:40:11 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131142
IP address blocks: 223.22.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3221 (0xc95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:40:11 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=5DA5C4F391AD7A407D906386552F0BBA4AB3A261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0f:37:71:9a:1d:aa:d5:c0:86:31:50:9b:18:
ad:90:c6:26:08:72:4c:cd:d3:1c:be:cf:05:96:2f:
f4:a5:78:2b:3e:81:2c:86:51:bf:1c:75:b0:bb:33:
b5:2f:17:02:9c:56:e0:00:b9:dd:91:9f:5a:ca:fc:
61:a5:14:22:c0:17:58:e3:92:fd:d2:92:e9:66:74:
cb:34:b0:d9:9f:09:02:9c:bc:ef:ad:10:81:0e:1c:
34:58:bd:e7:ae:be:0a:1a:da:5d:80:13:01:28:26:
af:3a:75:47:e1:aa:65:ae:3d:e3:43:2b:79:fe:71:
30:a4:26:a0:88:4a:3f:a7:b8:19:5a:8e:ac:2b:91:
ed:2b:62:b0:30:64:d7:50:99:6a:9a:ee:43:1a:3f:
74:b3:56:ef:54:28:85:42:57:d8:a2:81:25:19:52:
20:86:ad:af:31:7b:2b:6a:1f:9d:01:70:ea:bb:16:
22:cb:b3:97:87:ba:5f:3a:47:29:2f:fa:c3:b5:5d:
1d:c4:33:98:3f:6d:fa:81:63:b9:a1:d7:5f:0a:bf:
9f:26:e5:1a:a1:9a:b4:61:50:f7:8f:81:26:36:b6:
7d:f7:6c:27:68:0a:fb:4b:f1:10:61:cf:0b:80:81:
71:52:3d:c0:cf:65:75:16:4f:37:0d:7b:d9:0c:ef:
29:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A5:C4:F3:91:AD:7A:40:7D:90:63:86:55:2F:0B:BA:4A:B3:A2:61
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XaXE85GtekB9kGOGVS8LukqzomE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.252.0/22
Signature Algorithm: sha256WithRSAEncryption
90:02:2b:d1:f9:58:27:15:01:44:5e:98:3b:a9:bb:de:95:8f:
52:f2:e5:05:15:9e:3a:75:32:97:76:c6:e8:e7:5d:e3:c9:13:
90:b0:9e:bf:59:bd:3e:00:c2:19:23:ce:dc:2c:c3:05:ad:34:
86:56:9f:29:fb:e0:b2:38:a8:44:77:52:ff:22:57:55:60:13:
87:9f:39:1a:16:9a:e9:14:b2:e0:e3:7e:50:4a:bf:f7:24:ae:
a3:59:b0:0d:b3:08:5e:bf:85:bc:22:54:46:02:b5:31:56:61:
75:86:69:32:9b:53:3d:d7:8d:40:70:31:4e:2f:d4:d8:cf:3f:
13:f2:6a:96:ab:6c:c0:9a:a3:9d:ae:58:39:11:34:b9:e0:df:
d0:1a:27:91:e6:83:2d:23:75:fa:0b:e5:92:af:3d:6a:c9:e0:
13:eb:da:7a:ce:95:f3:84:62:6c:82:c7:4b:d3:e8:8f:dc:9d:
7a:b5:5e:50:50:92:81:6c:36:6d:31:ed:ec:9c:ac:cb:05:11:
04:e1:9d:09:c0:87:d6:bc:0d:2c:69:8d:d6:eb:a2:b1:ab:e5:
e7:b6:a2:04:98:9c:17:43:79:06:f1:3c:8f:8a:6e:38:78:dc:
f5:cd:07:14:4c:d6:f4:5e:c6:f6:18:ff:af:41:98:5d:8e:80:
53:1a:a8:51
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDJUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTQwMTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDVEQTVDNEYzOTFBRDdB
NDA3RDkwNjM4NjU1MkYwQkJBNEFCM0EyNjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCaDzdxmh2q1cCGMVCbGK2QxiYIckzN0xy+zwWWL/SleCs+gSyG
Ub8cdbC7M7UvFwKcVuAAud2Rn1rK/GGlFCLAF1jjkv3SkulmdMs0sNmfCQKcvO+t
EIEOHDRYveeuvgoa2l2AEwEoJq86dUfhqmWuPeNDK3n+cTCkJqCISj+nuBlajqwr
ke0rYrAwZNdQmWqa7kMaP3SzVu9UKIVCV9iigSUZUiCGra8xeytqH50BcOq7FiLL
s5eHul86Rykv+sO1XR3EM5g/bfqBY7mh118Kv58m5RqhmrRhUPePgSY2tn33bCdo
CvtL8RBhzwuAgXFSPcDPZXUWTzcNe9kM7ykLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXaXE85GtekB9kGOGVS8LukqzomEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWGFYRTg1R3Rla0I5a0dPR1ZTOEx1
a3F6b21FLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8W/DAN
BgkqhkiG9w0BAQsFAAOCAQEAkAIr0flYJxUBRF6YO6m73pWPUvLlBRWeOnUyl3bG
6Odd48kTkLCev1m9PgDCGSPO3CzDBa00hlafKfvgsjioRHdS/yJXVWATh585Ghaa
6RSy4ON+UEq/9ySuo1mwDbMIXr+FvCJURgK1MVZhdYZpMptTPdeNQHAxTi/U2M8/
E/JqlqtswJqjna5YORE0ueDf0BonkeaDLSN1+gvlkq89asngE+vaes6V84RibILH
S9Poj9yderVeUFCSgWw2bTHt7JysywURBOGdCcCH1rwNLGmN1uuisavl57aiBJic
F0N5BvE8j4puOHjc9c0HFEzW9F7G9hj/r0GYXY6AUxqoUQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org