Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Z0WFJh7s1VcJo0VivC1IpcixzAk.roa
File: Z0WFJh7s1VcJo0VivC1IpcixzAk.roa (raw, json)
Hash identifier: vXRuACmh4eYOtbuxcG6vOdOpftx1dLktS66Iuc6BUE0=
Subject key identifier: 67:45:85:26:1E:EC:D5:57:09:A3:45:62:BC:2D:48:A5:C8:B1:CC:09
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12F1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Z0WFJh7s1VcJo0VivC1IpcixzAk.roa
Signing time: Fri 01 Sep 2023 08:05:12 +0000
ROA not before: Fri 01 Sep 2023 08:05:12 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.251.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4849 (0x12f1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:12 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=674585261EECD55709A34562BC2D48A5C8B1CC09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5d:f6:5f:21:8d:d5:f6:a1:bb:4c:67:78:fb:
95:c9:db:ed:d1:ef:0d:29:8a:16:43:f3:d4:31:7c:
0c:2d:ee:8c:ad:e6:cc:1a:3d:f2:ae:40:af:42:a9:
09:c6:11:53:31:36:57:1a:45:79:34:3a:b6:57:7d:
cb:82:f9:61:a8:b5:49:27:e9:cc:b0:3f:c3:98:57:
c1:95:0b:0f:bc:c9:84:48:3c:e1:1e:28:2b:60:66:
44:64:f8:da:18:31:a6:57:67:50:0e:9d:da:41:f3:
15:69:b0:3c:87:6f:98:f9:91:01:f6:65:88:aa:8e:
7a:3c:7b:fa:24:42:fa:13:41:21:d9:fa:70:5e:ac:
ea:24:58:d5:95:2c:31:93:b5:55:e9:63:17:25:2f:
4e:b1:1c:4a:cb:f7:ff:9a:43:70:c7:03:a1:09:72:
6d:c0:dd:d1:a6:9a:9c:08:d9:94:06:1d:d7:d7:6d:
a9:1a:0b:93:46:db:8f:51:2f:ac:ce:da:ef:2c:37:
37:58:03:fc:c8:87:89:eb:d3:61:ba:05:31:3f:19:
40:51:9e:db:db:9d:0e:cb:02:59:8b:7d:f5:e3:52:
98:eb:f7:31:61:30:26:6f:2d:92:f3:a9:39:3d:4c:
32:53:62:a9:8b:bc:18:90:e3:55:70:79:3f:20:42:
b0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:45:85:26:1E:EC:D5:57:09:A3:45:62:BC:2D:48:A5:C8:B1:CC:09
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Z0WFJh7s1VcJo0VivC1IpcixzAk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.251.0.0/17
Signature Algorithm: sha256WithRSAEncryption
3a:ea:31:b8:85:48:3f:9c:9c:6b:0d:ad:ad:78:b8:10:f0:88:
0a:0e:4f:0e:d6:d1:e5:1d:b9:71:85:eb:e3:3a:52:b2:58:b3:
81:55:50:c6:60:86:41:8d:3e:96:0c:09:47:f9:0a:55:92:23:
5e:c9:9c:6d:44:d3:6a:00:2e:a2:0b:56:b1:84:6a:55:8a:a4:
73:53:b3:e0:53:65:d6:b0:fb:4e:d8:b4:9a:ec:bf:49:37:1c:
42:a2:ef:f7:7b:37:da:fd:eb:7e:47:53:9f:60:6f:a9:87:3b:
8d:16:af:f6:2d:58:98:1b:03:39:73:7c:64:e7:de:06:fd:79:
c3:f0:8e:84:ba:9b:85:2f:92:32:6e:73:e8:e6:e0:d7:f5:65:
b7:af:e9:fa:84:43:73:08:89:11:f0:99:74:d0:3f:b9:9c:e1:
5e:fa:1c:c2:bd:ae:3c:86:c0:9b:af:23:6a:d0:05:89:81:ef:
53:66:a6:47:35:2e:ec:9a:c4:18:04:79:27:78:4a:40:9c:ed:
2e:db:90:c9:02:2a:70:af:b0:c2:25:67:17:b5:9e:c9:89:ae:
e9:c3:87:47:f7:04:05:13:01:b1:8a:97:83:37:93:32:ce:8a:
d7:81:68:79:82:0d:5a:60:49:70:57:26:ae:87:52:ad:c3:a1:
cb:57:07:61
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY3NDU4NTI2MUVFQ0Q1
NTcwOUEzNDU2MkJDMkQ0OEE1QzhCMUNDMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfXfZfIY3V9qG7TGd4+5XJ2+3R7w0pihZD89QxfAwt7oyt5swa
PfKuQK9CqQnGEVMxNlcaRXk0OrZXfcuC+WGotUkn6cywP8OYV8GVCw+8yYRIPOEe
KCtgZkRk+NoYMaZXZ1AOndpB8xVpsDyHb5j5kQH2ZYiqjno8e/okQvoTQSHZ+nBe
rOokWNWVLDGTtVXpYxclL06xHErL9/+aQ3DHA6EJcm3A3dGmmpwI2ZQGHdfXbaka
C5NG249RL6zO2u8sNzdYA/zIh4nr02G6BTE/GUBRntvbnQ7LAlmLffXjUpjr9zFh
MCZvLZLzqTk9TDJTYqmLvBiQ41VweT8gQrDjAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZ0WFJh7s1VcJo0VivC1IpcixzAkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWjBXRkpoN3MxVmNKbzBWaXZDMUlw
Y2l4ekFrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB977ADAN
BgkqhkiG9w0BAQsFAAOCAQEAOuoxuIVIP5ycaw2trXi4EPCICg5PDtbR5R25cYXr
4zpSslizgVVQxmCGQY0+lgwJR/kKVZIjXsmcbUTTagAuogtWsYRqVYqkc1Oz4FNl
1rD7Tti0muy/STccQqLv93s32v3rfkdTn2BvqYc7jRav9i1YmBsDOXN8ZOfeBv15
w/COhLqbhS+SMm5z6Obg1/Vlt6/p+oRDcwiJEfCZdNA/uZzhXvocwr2uPIbAm68j
atAFiYHvU2amRzUu7JrEGAR5J3hKQJztLtuQyQIqcK+wwiVnF7WeyYmu6cOHR/cE
BRMBsYqXgzeTMs6K14FoeYINWmBJcFcmrodSrcOhy1cHYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org