Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/XdYQ5WLcV3y04CChbodtEVAyG6U.roa
File: XdYQ5WLcV3y04CChbodtEVAyG6U.roa (raw, json)
Hash identifier: Igyv30pBkqJbRw6CKDhUyCmj2sbIkvs1js6csX7+kNA=
Subject key identifier: 5D:D6:10:E5:62:DC:57:7C:B4:E0:20:A1:6E:87:6D:11:50:32:1B:A5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0FF2
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XdYQ5WLcV3y04CChbodtEVAyG6U.roa
Signing time: Fri 24 Mar 2023 08:43:37 +0000
ROA not before: Fri 24 Mar 2023 08:43:37 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9922
IP address blocks: 124.218.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4082 (0xff2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Mar 24 08:43:37 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=5DD610E562DC577CB4E020A16E876D1150321BA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ef:f3:87:03:8f:55:8b:11:77:1e:d5:06:ad:
ac:3b:a6:3a:84:b0:11:71:83:28:a9:f3:0d:53:4f:
76:e1:c6:1c:05:2d:22:68:87:f4:05:92:12:33:ee:
c2:ee:60:8e:d0:86:0b:66:ba:43:4c:ae:75:29:ef:
d0:ff:f1:d0:2a:87:0b:67:8d:7a:56:af:9c:72:ab:
3a:d3:6e:69:a4:dd:ca:36:9a:75:a0:eb:27:c2:13:
29:33:11:d0:2e:5f:51:c3:18:2f:a2:cc:41:2e:5a:
a9:22:9c:62:0b:63:6d:4a:18:46:da:0c:76:6c:ba:
e1:ed:7c:94:c8:ee:17:00:c1:ba:56:9b:7f:b3:65:
f3:5a:55:75:65:1e:a2:14:4d:85:a3:c3:fb:a6:db:
02:9f:3e:0d:bf:34:83:94:ab:12:a0:72:80:63:a7:
b4:11:9d:41:96:cf:56:bc:6a:b5:48:dc:b3:5c:1e:
19:0b:85:47:34:db:d5:60:db:23:c3:56:e4:28:af:
ce:48:70:8d:56:fe:86:cc:f0:35:bf:3d:f6:1b:2f:
bb:e9:ac:86:08:40:57:44:18:75:a4:3a:10:0b:14:
04:56:9b:98:6c:8e:fd:37:bf:eb:a9:0c:64:45:9a:
97:80:10:26:9c:09:85:a3:ab:e9:35:9c:b8:91:e5:
00:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D6:10:E5:62:DC:57:7C:B4:E0:20:A1:6E:87:6D:11:50:32:1B:A5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/XdYQ5WLcV3y04CChbodtEVAyG6U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.168.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:2d:5e:ca:4e:c8:1c:e8:cf:be:ff:32:7d:f6:ef:0a:c9:b2:
5d:db:87:76:4e:42:60:90:d5:ed:82:19:23:3f:54:4a:fb:1b:
e6:bb:67:df:29:91:68:1a:f5:ad:c3:ae:52:43:4c:34:78:8f:
88:9c:1b:dd:35:04:16:2d:b2:34:cb:ae:b9:ce:b9:7f:4d:a8:
90:56:79:50:49:9a:6b:79:b3:e7:b0:15:81:db:e2:b5:89:f3:
ab:d5:73:f3:b8:11:83:af:1e:de:48:ed:f4:39:af:0d:82:1e:
85:04:4d:56:07:94:30:3e:1b:33:70:b8:f5:a0:cd:f6:4f:1f:
17:ce:77:c6:69:6f:e2:17:79:43:a7:44:cf:7a:f9:10:99:3a:
92:34:a1:49:ac:be:be:b0:37:ce:c1:98:50:0b:2f:a9:62:de:
44:7e:b1:26:93:13:b4:44:98:3b:57:78:aa:87:6c:14:34:bc:
5d:fe:ca:67:bf:fc:3f:bb:42:20:b6:66:01:83:22:f6:09:0d:
da:3e:da:c9:76:27:e6:fe:57:8d:b9:d0:0a:5f:67:82:25:c8:
e0:0e:c8:b9:c4:a7:00:64:7d:bf:e1:b1:e1:22:12:de:d1:91:
73:9a:ea:62:4c:1c:db:b0:33:7f:07:0a:0c:cd:5e:e9:47:f7:
94:30:8d:17
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD/IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzAzMjQw
ODQzMzdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDVERDYxMEU1NjJEQzU3
N0NCNEUwMjBBMTZFODc2RDExNTAzMjFCQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC77/OHA49VixF3HtUGraw7pjqEsBFxgyip8w1TT3bhxhwFLSJo
h/QFkhIz7sLuYI7QhgtmukNMrnUp79D/8dAqhwtnjXpWr5xyqzrTbmmk3co2mnWg
6yfCEykzEdAuX1HDGC+izEEuWqkinGILY21KGEbaDHZsuuHtfJTI7hcAwbpWm3+z
ZfNaVXVlHqIUTYWjw/um2wKfPg2/NIOUqxKgcoBjp7QRnUGWz1a8arVI3LNcHhkL
hUc029Vg2yPDVuQor85IcI1W/obM8DW/PfYbL7vprIYIQFdEGHWkOhALFARWm5hs
jv03v+upDGRFmpeAECacCYWjq+k1nLiR5QAHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUXdYQ5WLcV3y04CChbodtEVAyG6UwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWGRZUTVXTGNWM3kwNENDaGJvZHRF
VkF5RzZVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnzaqDAN
BgkqhkiG9w0BAQsFAAOCAQEAui1eyk7IHOjPvv8yffbvCsmyXduHdk5CYJDV7YIZ
Iz9USvsb5rtn3ymRaBr1rcOuUkNMNHiPiJwb3TUEFi2yNMuuuc65f02okFZ5UEma
a3mz57AVgdvitYnzq9Vz87gRg68e3kjt9DmvDYIehQRNVgeUMD4bM3C49aDN9k8f
F853xmlv4hd5Q6dEz3r5EJk6kjShSay+vrA3zsGYUAsvqWLeRH6xJpMTtESYO1d4
qodsFDS8Xf7KZ7/8P7tCILZmAYMi9gkN2j7ayXYn5v5XjbnQCl9ngiXI4A7IucSn
AGR9v+Gx4SIS3tGRc5rqYkwc27AzfwcKDM1e6Uf3lDCNFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org