Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/Z28MXNGMwxU1Rs11aBmJJKjgNE8.roa
File: Z28MXNGMwxU1Rs11aBmJJKjgNE8.roa (raw, json)
Hash identifier: k4iri0HfuHjxDrAGadvRL9QLqS5Ace64MIdKyZgcW2Q=
Subject key identifier: 67:6F:0C:5C:D1:8C:C3:15:35:46:CD:75:68:19:89:24:A8:E0:34:4F
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0C83
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Z28MXNGMwxU1Rs11aBmJJKjgNE8.roa
Signing time: Sun 07 Feb 2021 11:39:53 +0000
ROA not before: Sun 07 Feb 2021 11:39:53 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9311
IP address blocks: 210.203.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3203 (0xc83)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:39:53 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=676F0C5CD18CC3153546CD7568198924A8E0344F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:66:e1:df:08:26:2f:19:93:57:6f:8a:60:7c:
a9:71:9d:fa:2e:98:5c:e8:53:c5:4c:8e:77:35:95:
4d:53:48:13:f8:4a:0e:38:a5:9f:5b:3a:4f:64:1c:
0d:5c:57:fa:62:2d:79:59:ce:9c:ba:e5:fd:31:ee:
39:95:6e:a6:29:48:62:cd:07:11:d9:fd:be:c6:1c:
c5:b7:0f:11:5a:4f:95:1d:66:79:64:1f:b2:fe:d0:
15:10:8f:71:fa:ab:c6:93:e4:69:43:14:ee:f6:35:
02:54:15:89:80:1b:7b:d5:64:64:92:25:2a:7a:0e:
a2:b3:40:db:0e:e1:a8:f8:35:12:27:3b:69:be:a8:
97:81:a1:9e:b1:24:19:84:a7:55:be:87:72:96:76:
24:d6:cd:e4:aa:67:47:57:98:d8:74:dc:39:db:1f:
9f:97:92:1f:1a:97:c2:35:9e:6a:e4:34:24:3d:9b:
c1:4a:cc:fa:e5:a9:26:6f:9b:60:0f:c0:93:0f:23:
b2:fd:76:2e:77:b7:85:c3:88:eb:10:0e:c9:22:59:
4b:de:13:99:2e:05:11:eb:80:a6:3e:24:a1:93:51:
74:b8:69:d7:6d:c7:a9:00:2b:a1:dd:d8:e1:07:0a:
e3:f4:cc:85:53:df:cd:5e:ed:62:b9:e6:c7:f6:10:
c9:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6F:0C:5C:D1:8C:C3:15:35:46:CD:75:68:19:89:24:A8:E0:34:4F
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/Z28MXNGMwxU1Rs11aBmJJKjgNE8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/17
Signature Algorithm: sha256WithRSAEncryption
be:7c:ec:20:a7:02:46:13:08:29:5c:60:68:56:17:e1:b9:13:
24:28:57:39:ea:ba:02:f9:b6:9d:02:94:5e:7e:6a:cd:f3:2c:
ff:39:04:c4:11:81:d5:d4:ec:3d:09:f2:ce:9f:1d:fb:e8:d1:
02:ce:83:a8:8e:bf:93:5f:52:5e:16:c7:d6:7a:6b:61:2c:ce:
1d:0f:05:52:ce:3f:57:a6:b2:03:98:c4:94:60:45:cc:80:8b:
9e:66:a4:e1:7d:e9:8f:ac:bd:a1:ff:84:91:11:77:ee:32:8f:
e0:6a:25:9a:05:3a:88:a4:e1:1b:65:36:c2:a5:d5:bd:de:a8:
53:f6:65:4b:81:87:35:e4:d4:6d:63:35:ca:e0:35:0e:21:f6:
05:99:03:70:f2:86:cb:fa:bf:a5:db:0e:f6:8d:d0:a0:40:db:
34:46:24:5d:af:b0:10:89:7e:cf:29:05:a7:ce:7d:0f:76:b7:
7a:13:8a:9f:ba:ea:ef:1d:45:2c:04:02:cb:a6:d0:65:87:c9:
d6:92:77:dd:64:ef:dd:7c:e1:1e:e4:40:3c:ff:96:45:52:d0:
af:34:88:5c:3e:49:28:89:5e:d5:eb:43:aa:a3:2c:f3:a9:67:
64:07:3e:6f:f0:28:cc:a9:29:03:1e:48:9d:c3:ab:e2:be:74:
03:33:e4:ee
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDIMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM5NTNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDY3NkYwQzVDRDE4Q0Mz
MTUzNTQ2Q0Q3NTY4MTk4OTI0QThFMDM0NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKZuHfCCYvGZNXb4pgfKlxnfoumFzoU8VMjnc1lU1TSBP4Sg44
pZ9bOk9kHA1cV/piLXlZzpy65f0x7jmVbqYpSGLNBxHZ/b7GHMW3DxFaT5UdZnlk
H7L+0BUQj3H6q8aT5GlDFO72NQJUFYmAG3vVZGSSJSp6DqKzQNsO4aj4NRInO2m+
qJeBoZ6xJBmEp1W+h3KWdiTWzeSqZ0dXmNh03DnbH5+Xkh8al8I1nmrkNCQ9m8FK
zPrlqSZvm2APwJMPI7L9di53t4XDiOsQDskiWUveE5kuBRHrgKY+JKGTUXS4addt
x6kAK6Hd2OEHCuP0zIVT381e7WK55sf2EMknAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZ28MXNGMwxU1Rs11aBmJJKjgNE8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWjI4TVhOR013eFUxUnMxMWFCbUpK
S2pnTkU4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LLADAN
BgkqhkiG9w0BAQsFAAOCAQEAvnzsIKcCRhMIKVxgaFYX4bkTJChXOeq6Avm2nQKU
Xn5qzfMs/zkExBGB1dTsPQnyzp8d++jRAs6DqI6/k19SXhbH1nprYSzOHQ8FUs4/
V6ayA5jElGBFzICLnmak4X3pj6y9of+EkRF37jKP4GolmgU6iKThG2U2wqXVvd6o
U/ZlS4GHNeTUbWM1yuA1DiH2BZkDcPKGy/q/pdsO9o3QoEDbNEYkXa+wEIl+zykF
p859D3a3ehOKn7rq7x1FLAQCy6bQZYfJ1pJ33WTv3XzhHuRAPP+WRVLQrzSIXD5J
KIle1etDqqMs86lnZAc+b/AozKkpAx5IncOr4r50AzPk7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org