Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/XbYGh90ZkPq6J9qTgHj3S5RUOdI.roa
File: XbYGh90ZkPq6J9qTgHj3S5RUOdI.roa (raw, json)
Hash identifier: mxeF+OvwwDxl9hvrGEiM7kPbjrIVHTKRGHQgOhxgnLI=
Subject key identifier: 5D:B6:06:87:DD:19:90:FA:BA:27:DA:93:80:78:F7:4B:94:54:39:D2
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 10C9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XbYGh90ZkPq6J9qTgHj3S5RUOdI.roa
Signing time: Tue 16 May 2023 08:36:38 +0000
ROA not before: Tue 16 May 2023 08:36:38 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131597
IP address blocks: 218.35.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4297 (0x10c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:38 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5DB60687DD1990FABA27DA938078F74B945439D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:28:d5:ea:0b:e8:de:81:1f:f7:32:5d:a8:81:
26:28:6f:c5:ab:f3:8f:b5:6e:41:d0:92:b6:13:ea:
ac:58:4d:33:9d:a6:8d:cd:2e:ed:aa:e6:f1:04:d4:
bb:d5:df:87:03:c0:6d:e5:4d:78:a2:22:7c:c7:6e:
ab:b1:89:4b:d4:6f:97:55:84:13:2d:03:71:a5:4b:
80:24:e6:1c:da:46:79:16:a9:2c:d7:68:a2:03:61:
21:43:e2:6a:d1:02:94:f1:1f:33:a9:56:2f:22:86:
30:37:0f:ac:e7:f8:ba:14:f8:9f:80:bb:cb:bc:cf:
3b:79:02:af:4b:a0:a4:17:d6:36:ec:94:7a:84:9d:
de:eb:c4:c3:b9:7e:fa:f9:be:ff:dd:31:9e:9c:96:
92:72:13:b4:30:50:45:cf:25:f6:45:e7:d6:7c:94:
85:80:7c:5c:3d:35:f8:d2:33:76:b2:8a:e0:c1:c8:
d7:59:a9:8a:9a:16:ea:e5:96:92:e3:6b:e2:9b:f1:
b0:e2:7c:a4:8c:9a:74:f1:b7:02:ba:f4:c6:d0:6c:
3f:9e:04:34:1d:29:ec:89:ee:59:84:66:7e:36:58:
8f:9c:2d:1b:3d:b9:1e:7a:18:a2:d2:e9:4b:0c:67:
ae:4d:4a:ff:0a:70:bd:87:f8:87:5d:4f:12:44:68:
3a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B6:06:87:DD:19:90:FA:BA:27:DA:93:80:78:F7:4B:94:54:39:D2
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XbYGh90ZkPq6J9qTgHj3S5RUOdI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.35.64.0/19
Signature Algorithm: sha256WithRSAEncryption
60:d4:de:37:e2:2a:b1:e9:10:6a:94:d2:eb:50:11:95:ac:f4:
02:97:18:0f:de:aa:1a:34:dc:b3:e2:bc:76:3e:80:8d:ef:b6:
95:d7:69:6b:ee:ee:a9:b7:cc:74:45:df:b0:09:2d:1c:87:10:
b2:82:33:cc:3b:24:96:b1:8b:82:15:97:c9:eb:de:d4:06:06:
a7:e0:1c:5f:f1:1b:50:2c:8b:93:21:ca:c3:48:30:44:7e:7d:
78:01:71:1e:60:3d:dc:44:2e:af:ad:64:52:91:d0:25:db:17:
23:1c:f2:46:3d:ea:31:03:4c:e1:89:59:25:6b:b4:f1:ef:61:
a9:98:a8:11:a0:39:cd:21:f9:43:4c:da:d9:12:ef:e9:e7:a0:
e7:6f:09:d3:06:04:11:dd:a1:11:d3:4f:f9:31:e0:dd:88:2f:
c6:2b:7d:67:7b:46:3e:04:ad:4c:28:42:3c:a7:06:22:c9:17:
13:ed:9b:3c:fb:5e:03:2b:ce:c7:49:23:d1:ce:81:45:45:c3:
61:f4:77:b9:d1:ad:b8:5b:ae:05:b5:4f:66:cb:c3:d8:2c:7e:
0f:15:ed:97:e0:b3:dc:9e:44:8c:9a:3e:d7:0b:37:8a:20:43:
78:b6:d8:bb:16:cf:2d:78:da:98:f9:3b:cb:c5:a3:66:18:9a:
4c:3e:12:f8
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEMkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MzhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVEQjYwNjg3REQxOTkw
RkFCQTI3REE5MzgwNzhGNzRCOTQ1NDM5RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBKNXqC+jegR/3Ml2ogSYob8Wr84+1bkHQkrYT6qxYTTOdpo3N
Lu2q5vEE1LvV34cDwG3lTXiiInzHbquxiUvUb5dVhBMtA3GlS4Ak5hzaRnkWqSzX
aKIDYSFD4mrRApTxHzOpVi8ihjA3D6zn+LoU+J+Au8u8zzt5Aq9LoKQX1jbslHqE
nd7rxMO5fvr5vv/dMZ6clpJyE7QwUEXPJfZF59Z8lIWAfFw9NfjSM3ayiuDByNdZ
qYqaFurllpLja+Kb8bDifKSMmnTxtwK69MbQbD+eBDQdKeyJ7lmEZn42WI+cLRs9
uR56GKLS6UsMZ65NSv8KcL2H+IddTxJEaDrPAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXbYGh90ZkPq6J9qTgHj3S5RUOdIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWGJZR2g5MFprUHE2SjlxVGdIajNT
NVJVT2RJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdojQDAN
BgkqhkiG9w0BAQsFAAOCAQEAYNTeN+IqsekQapTS61ARlaz0ApcYD96qGjTcs+K8
dj6Aje+2lddpa+7uqbfMdEXfsAktHIcQsoIzzDsklrGLghWXyeve1AYGp+AcX/Eb
UCyLkyHKw0gwRH59eAFxHmA93EQur61kUpHQJdsXIxzyRj3qMQNM4YlZJWu08e9h
qZioEaA5zSH5Q0za2RLv6eeg528J0wYEEd2hEdNP+THg3Ygvxit9Z3tGPgStTChC
PKcGIskXE+2bPPteAyvOx0kj0c6BRUXDYfR3udGtuFuuBbVPZsvD2Cx+DxXtl+Cz
3J5EjJo+1ws3iiBDeLbYuxbPLXjamPk7y8WjZhiaTD4S+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org