Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/YKN5iAFTVT7cmuTIE1N9GOjAiw0.roa
File: YKN5iAFTVT7cmuTIE1N9GOjAiw0.roa (raw, json)
Hash identifier: HUkIGC5Xi/CZ7MV40xEEIr7bimgM6mcfKMAFMofC1No=
Subject key identifier: 60:A3:79:88:01:53:55:3E:DC:9A:E4:C8:13:53:7D:18:E8:C0:8B:0D
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 10CF
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YKN5iAFTVT7cmuTIE1N9GOjAiw0.roa
Signing time: Tue 16 May 2023 08:36:40 +0000
ROA not before: Tue 16 May 2023 08:36:40 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24154
IP address blocks: 210.63.192.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4303 (0x10cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:40 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=60A379880153553EDC9AE4C813537D18E8C08B0D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:6f:bb:87:92:c4:6b:76:9b:24:d0:4b:97:04:
66:46:06:e0:18:e8:2c:25:2c:62:e6:db:29:a0:40:
2f:61:51:0b:09:f9:80:70:73:36:65:07:56:59:7b:
8f:f9:8e:e0:d0:3d:42:4a:f7:c7:8e:e6:54:8a:ff:
fa:56:61:9c:7e:c5:eb:6b:38:3e:38:2a:cc:d2:87:
1c:97:ef:0b:6e:8b:e2:04:fd:e7:35:c5:7f:14:38:
55:b9:2e:b1:cf:d9:c4:74:82:98:83:5d:a5:90:19:
61:b2:a3:d3:f7:1f:ae:dd:a7:3c:90:dd:12:89:9e:
89:7f:1d:c1:c5:44:f9:b1:82:42:8b:e0:bc:78:89:
05:20:1d:c6:ef:af:e2:7e:63:35:40:c5:7f:1e:21:
6c:2b:46:9e:82:16:5b:61:58:24:46:5c:55:78:77:
cc:a0:6a:9a:97:2a:4a:39:3d:7b:3f:2d:0a:1c:05:
92:fb:52:0a:02:bd:4a:b7:d9:76:84:3a:1a:f0:79:
6c:5a:18:40:a9:f0:d7:79:89:1d:6a:57:d7:32:67:
2e:43:94:fa:8a:25:4d:96:e2:84:79:ed:27:d6:c9:
5b:54:bb:3d:2f:06:20:5b:c2:d3:dc:20:f0:06:59:
cb:b1:40:33:6f:58:60:ef:16:b8:8e:b1:f9:ec:21:
3f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:A3:79:88:01:53:55:3E:DC:9A:E4:C8:13:53:7D:18:E8:C0:8B:0D
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/YKN5iAFTVT7cmuTIE1N9GOjAiw0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.192.0/21
Signature Algorithm: sha256WithRSAEncryption
20:7d:aa:e9:76:be:08:30:09:03:e2:cd:61:ef:0f:64:86:ef:
67:bd:c3:2f:ff:12:33:d9:29:48:38:7b:00:7d:ba:ae:1e:ac:
6a:dc:e9:95:fb:e9:f3:c2:b5:38:7d:a7:cc:eb:f1:14:f1:34:
36:b6:d3:83:3d:96:53:d0:a4:d7:79:3d:20:ca:7f:7c:53:e5:
88:a9:91:10:be:50:1a:eb:a2:c8:10:ff:d1:1c:54:7e:87:b1:
be:46:c7:91:27:14:e2:fb:5f:18:71:70:58:83:42:88:ad:e4:
8f:12:54:23:9b:45:39:78:a3:f0:06:38:ae:5e:c8:17:fe:18:
a5:28:07:b5:74:c9:1a:fa:ed:b8:b0:c7:18:77:4d:5b:be:d7:
14:53:31:1f:f1:6b:0c:90:b1:25:82:99:2d:13:9e:2a:72:ce:
a5:e7:00:02:8e:8b:1a:03:8a:77:10:56:4b:f6:ef:91:cf:e7:
ee:42:f0:a3:b2:35:db:55:4a:cc:2e:b8:74:ae:10:2d:f7:60:
2c:62:aa:7f:be:96:56:d9:78:d4:17:6d:4a:af:5d:b3:c4:ee:
39:e8:09:8e:89:27:63:1d:f6:e5:d7:fd:87:4d:16:14:36:b5:
e3:31:a2:64:23:ca:68:5b:35:71:14:f2:24:0e:35:4b:bd:46:
77:7f:8b:bf
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEM8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2NDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDYwQTM3OTg4MDE1MzU1
M0VEQzlBRTRDODEzNTM3RDE4RThDMDhCMEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpb7uHksRrdpsk0EuXBGZGBuAY6CwlLGLm2ymgQC9hUQsJ+YBw
czZlB1ZZe4/5juDQPUJK98eO5lSK//pWYZx+xetrOD44KszShxyX7wtui+IE/ec1
xX8UOFW5LrHP2cR0gpiDXaWQGWGyo9P3H67dpzyQ3RKJnol/HcHFRPmxgkKL4Lx4
iQUgHcbvr+J+YzVAxX8eIWwrRp6CFlthWCRGXFV4d8ygapqXKko5PXs/LQocBZL7
UgoCvUq32XaEOhrweWxaGECp8Nd5iR1qV9cyZy5DlPqKJU2W4oR57SfWyVtUuz0v
BiBbwtPcIPAGWcuxQDNvWGDvFriOsfnsIT8jAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYKN5iAFTVT7cmuTIE1N9GOjAiw0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWUtONWlBRlRWVDdjbXVUSUUxTjlH
T2pBaXcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I/wDAN
BgkqhkiG9w0BAQsFAAOCAQEAIH2q6Xa+CDAJA+LNYe8PZIbvZ73DL/8SM9kpSDh7
AH26rh6satzplfvp88K1OH2nzOvxFPE0NrbTgz2WU9Ck13k9IMp/fFPliKmREL5Q
GuuiyBD/0RxUfoexvkbHkScU4vtfGHFwWINCiK3kjxJUI5tFOXij8AY4rl7IF/4Y
pSgHtXTJGvrtuLDHGHdNW77XFFMxH/FrDJCxJYKZLROeKnLOpecAAo6LGgOKdxBW
S/bvkc/n7kLwo7I121VKzC64dK4QLfdgLGKqf76WVtl41BdtSq9ds8TuOegJjokn
Yx325df9h00WFDa14zGiZCPKaFs1cRTyJA41S71Gd3+Lvw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org