Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Y5runwLE32W46dCbQwE20m3avm0.roa
File: Y5runwLE32W46dCbQwE20m3avm0.roa (raw, json)
Hash identifier: K244d63YQTx8glW6rNvBNg6R6mELJ2UoQgjdIVOpCU0=
Subject key identifier: 63:9A:EE:9F:02:C4:DF:65:B8:E9:D0:9B:43:01:36:D2:6D:DA:BE:6D
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 108B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Y5runwLE32W46dCbQwE20m3avm0.roa
Signing time: Tue 16 May 2023 08:36:19 +0000
ROA not before: Tue 16 May 2023 08:36:19 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 16625
IP address blocks: 210.203.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4235 (0x108b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:19 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=639AEE9F02C4DF65B8E9D09B430136D26DDABE6D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:de:b7:01:29:2f:11:97:6c:be:23:c0:a6:3d:
2e:0e:6d:04:65:1f:09:82:41:8a:85:51:2c:3d:cd:
a3:8c:7c:ca:e3:6a:06:5c:f3:04:aa:9b:34:74:20:
5e:cd:5c:86:2b:58:3e:67:32:d8:ee:fd:ef:4b:ea:
3b:d4:a2:83:47:21:aa:37:da:88:d1:b3:50:5f:4b:
56:10:b1:02:d9:6b:8d:68:77:0e:db:0c:3a:12:c6:
af:4f:3c:8c:83:a3:a5:e1:80:27:e9:75:bb:2d:75:
44:01:74:54:71:17:f8:c7:70:8f:1f:cd:26:a2:69:
3f:25:75:c7:5b:40:ca:f5:65:30:2d:c3:fb:aa:04:
56:00:de:38:a5:6d:3e:b1:53:2f:54:31:92:81:11:
f8:72:85:d9:67:15:6c:70:d8:8f:d4:5c:be:15:3d:
83:7e:0a:99:d4:1c:a5:38:ec:a9:b7:82:fa:ca:7d:
14:73:ed:6b:15:45:aa:8b:82:cb:46:b0:af:f1:13:
df:f8:89:4f:bc:ea:10:90:18:30:42:bd:50:09:63:
fc:b1:70:a3:03:af:d5:7a:3b:67:a5:58:59:ce:cf:
4d:da:79:ca:d2:20:0a:ca:f3:a1:f5:bf:2d:11:29:
3b:75:2b:a3:48:88:17:c2:a2:59:38:8f:41:fc:dc:
27:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9A:EE:9F:02:C4:DF:65:B8:E9:D0:9B:43:01:36:D2:6D:DA:BE:6D
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Y5runwLE32W46dCbQwE20m3avm0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.8.0/21
Signature Algorithm: sha256WithRSAEncryption
b0:32:e6:8e:d9:aa:42:27:19:a8:9d:2a:d2:d5:8e:d6:bc:2c:
e5:2a:3a:dd:6f:57:32:c3:53:39:46:c8:3a:a3:67:b9:1c:3a:
89:ca:e8:72:cc:72:56:85:a9:94:e3:d2:c4:8f:2b:88:63:36:
9f:0a:72:ed:96:f2:25:d9:18:0b:eb:94:a1:7a:f7:a6:ca:46:
90:5e:ef:3e:7f:34:0c:5b:cc:f8:59:2b:fe:69:7c:af:7e:9b:
ea:fa:ff:76:9d:84:df:6d:8c:7e:5e:0d:67:b6:61:65:34:cb:
10:83:76:6f:42:61:24:26:1f:9c:29:48:a4:51:5a:42:97:eb:
94:3f:ca:c2:6a:0e:28:4b:d8:d9:ba:d6:51:fa:94:09:57:ca:
ed:fe:45:58:19:6a:45:9d:18:cb:d1:98:12:a4:30:fd:75:98:
f9:45:4e:4c:e8:26:5a:34:12:b5:b8:a5:b5:ef:93:e4:8e:ba:
bc:71:19:20:db:cf:71:25:39:84:54:e8:4c:e3:d4:e3:5b:c9:
ca:d2:0f:15:eb:37:52:00:a2:c6:fe:42:c2:2f:d1:86:9b:e6:
c0:e4:3e:70:1c:69:79:4d:39:56:9c:8a:e5:fb:fc:e8:29:63:
97:e7:d5:e2:94:19:de:79:07:ee:09:54:7a:50:3c:c5:83:46:
74:96:89:82
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYzOUFFRTlGMDJDNERG
NjVCOEU5RDA5QjQzMDEzNkQyNkREQUJFNkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp3rcBKS8Rl2y+I8CmPS4ObQRlHwmCQYqFUSw9zaOMfMrjagZc
8wSqmzR0IF7NXIYrWD5nMtju/e9L6jvUooNHIao32ojRs1BfS1YQsQLZa41odw7b
DDoSxq9PPIyDo6XhgCfpdbstdUQBdFRxF/jHcI8fzSaiaT8ldcdbQMr1ZTAtw/uq
BFYA3jilbT6xUy9UMZKBEfhyhdlnFWxw2I/UXL4VPYN+CpnUHKU47Km3gvrKfRRz
7WsVRaqLgstGsK/xE9/4iU+86hCQGDBCvVAJY/yxcKMDr9V6O2elWFnOz03aecrS
IArK86H1vy0RKTt1K6NIiBfColk4j0H83CeHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUY5runwLE32W46dCbQwE20m3avm0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWTVydW53TEUzMlc0NmRDYlF3RTIw
bTNhdm0wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9LLCDAN
BgkqhkiG9w0BAQsFAAOCAQEAsDLmjtmqQicZqJ0q0tWO1rws5So63W9XMsNTOUbI
OqNnuRw6icrocsxyVoWplOPSxI8riGM2nwpy7ZbyJdkYC+uUoXr3pspGkF7vPn80
DFvM+Fkr/ml8r36b6vr/dp2E322Mfl4NZ7ZhZTTLEIN2b0JhJCYfnClIpFFaQpfr
lD/KwmoOKEvY2brWUfqUCVfK7f5FWBlqRZ0Yy9GYEqQw/XWY+UVOTOgmWjQStbil
te+T5I66vHEZINvPcSU5hFToTOPU41vJytIPFes3UgCixv5Cwi/RhpvmwOQ+cBxp
eU05VpyK5fv86Cljl+fV4pQZ3nkH7glUelA8xYNGdJaJgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org