Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/YAodfjUZGoB4MvjlqfwRGDx26i0.roa
File: YAodfjUZGoB4MvjlqfwRGDx26i0.roa (raw, json)
Hash identifier: fKDmu7MtuqBvHzOgUa9CeP5Z7ruuHRrLbCppRMK97NQ=
Subject key identifier: 60:0A:1D:7E:35:19:1A:80:78:32:F8:E5:A9:FC:11:18:3C:76:EA:2D
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DC3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YAodfjUZGoB4MvjlqfwRGDx26i0.roa
Signing time: Wed 29 Sep 2021 02:39:32 +0000
ROA not before: Wed 29 Sep 2021 02:39:32 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9311
IP address blocks: 203.79.235.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3523 (0xdc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:32 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=600A1D7E35191A807832F8E5A9FC11183C76EA2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2d:d7:7d:20:35:ac:73:13:98:a8:ad:96:86:
00:f8:dc:c3:e5:97:64:15:66:49:70:3e:3d:e8:8f:
4a:70:fe:92:ea:9a:fe:ad:56:ef:4a:41:bb:0a:44:
fd:a4:9e:03:10:bc:66:49:ee:3b:35:25:8a:30:2c:
7a:bb:b6:09:72:0b:78:93:5a:25:eb:50:18:26:54:
c1:63:39:49:00:78:c3:35:19:81:7a:06:67:2d:a0:
b3:fc:60:6a:c5:7f:db:fb:2a:ab:a3:14:aa:98:39:
86:a0:72:dd:0a:b1:ad:1b:86:b5:9e:ad:12:4d:c5:
20:7a:47:7a:56:42:95:c9:6c:b5:2c:07:73:6f:96:
79:19:3b:eb:0c:2a:03:75:55:48:f0:cc:8a:72:48:
5c:80:48:77:e9:aa:d6:a2:1b:5a:05:2e:31:df:68:
7c:cc:2f:19:93:d4:6b:9f:c6:76:11:b3:f7:32:b5:
6a:b0:83:cc:b5:78:48:4c:a4:cd:7a:64:b4:f8:f3:
2b:92:64:45:f6:10:0c:bd:b3:b8:d1:a7:6c:9e:cd:
71:98:f6:38:5b:b0:f8:c0:2c:93:22:c7:25:cd:c1:
1b:7d:df:00:ce:34:39:87:e7:c6:e0:db:9f:d4:57:
d8:c5:fa:9a:b5:68:6f:25:de:6f:f6:83:70:5c:3e:
08:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:0A:1D:7E:35:19:1A:80:78:32:F8:E5:A9:FC:11:18:3C:76:EA:2D
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YAodfjUZGoB4MvjlqfwRGDx26i0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.235.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:13:d7:b0:ea:58:82:b0:b6:b7:7b:72:a6:d0:a6:61:81:1d:
5e:a9:ff:c5:9d:02:27:9b:86:1d:07:c1:71:12:ea:56:49:ed:
6a:0b:fe:f7:4e:96:79:0d:b3:d0:19:fc:7d:3d:fa:33:e3:e9:
12:20:68:49:ab:a9:39:2f:92:80:22:97:ff:30:a6:3a:4c:7e:
2b:94:7e:53:82:d8:b7:46:73:bb:c7:c5:96:93:8a:c4:54:c8:
7c:ba:40:02:1e:0a:ad:b4:72:9e:a3:5c:5d:01:c2:25:65:14:
ee:f1:06:b2:67:8a:f4:b5:cd:1a:a2:6b:f5:d5:0b:d5:fb:bb:
18:4f:05:01:01:50:93:c9:df:35:2e:d7:af:37:4b:04:11:66:
5e:86:ba:85:2c:41:80:6a:e4:f0:0e:0b:09:c7:4b:be:85:31:
75:7f:ac:19:9b:4f:14:cc:34:b7:63:d7:27:d9:7a:3f:00:ed:
ba:1c:5a:d9:22:a7:94:e0:ff:4e:5b:5b:e5:8e:0e:da:9b:64:
06:4c:66:d5:4c:9f:00:ca:0d:c8:1e:1e:27:92:a8:6d:4f:39:
93:6c:d5:69:9e:99:75:f6:4a:ba:aa:9e:6c:51:83:d8:29:90:
a4:c8:51:96:83:f0:4d:0f:70:57:93:22:e3:7f:28:7f:18:3a:
e0:09:a5:d0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDcMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5MzJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDYwMEExRDdFMzUxOTFB
ODA3ODMyRjhFNUE5RkMxMTE4M0M3NkVBMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWLdd9IDWscxOYqK2WhgD43MPll2QVZklwPj3oj0pw/pLqmv6t
Vu9KQbsKRP2kngMQvGZJ7js1JYowLHq7tglyC3iTWiXrUBgmVMFjOUkAeMM1GYF6
BmctoLP8YGrFf9v7KqujFKqYOYagct0Ksa0bhrWerRJNxSB6R3pWQpXJbLUsB3Nv
lnkZO+sMKgN1VUjwzIpySFyASHfpqtaiG1oFLjHfaHzMLxmT1GufxnYRs/cytWqw
g8y1eEhMpM16ZLT48yuSZEX2EAy9s7jRp2yezXGY9jhbsPjALJMixyXNwRt93wDO
NDmH58bg25/UV9jF+pq1aG8l3m/2g3BcPgg/AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYAodfjUZGoB4MvjlqfwRGDx26i0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWUFvZGZqVVpHb0I0TXZqbHFmd1JH
RHgyNmkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMtP6zAN
BgkqhkiG9w0BAQsFAAOCAQEAthPXsOpYgrC2t3typtCmYYEdXqn/xZ0CJ5uGHQfB
cRLqVkntagv+906WeQ2z0Bn8fT36M+PpEiBoSaupOS+SgCKX/zCmOkx+K5R+U4LY
t0Zzu8fFlpOKxFTIfLpAAh4KrbRynqNcXQHCJWUU7vEGsmeK9LXNGqJr9dUL1fu7
GE8FAQFQk8nfNS7XrzdLBBFmXoa6hSxBgGrk8A4LCcdLvoUxdX+sGZtPFMw0t2PX
J9l6PwDtuhxa2SKnlOD/Tltb5Y4O2ptkBkxm1UyfAMoNyB4eJ5KobU85k2zVaZ6Z
dfZKuqqebFGD2CmQpMhRloPwTQ9wV5Mi438ofxg64Aml0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org