Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ZfmRHmBt6hbgcjPlpQ9Ra6Q5uqI.roa
File: ZfmRHmBt6hbgcjPlpQ9Ra6Q5uqI.roa (raw, json)
Hash identifier: WokJ0qHxF1we8tJiNpRyJR51Onfd2i/IB3EWo9pePKA=
Subject key identifier: 65:F9:91:1E:60:6D:EA:16:E0:72:33:E5:A5:0F:51:6B:A4:39:BA:A2
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 106F
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ZfmRHmBt6hbgcjPlpQ9Ra6Q5uqI.roa
Signing time: Tue 16 May 2023 08:36:12 +0000
ROA not before: Tue 16 May 2023 08:36:12 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 223.23.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4207 (0x106f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:12 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=65F9911E606DEA16E07233E5A50F516BA439BAA2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:89:d9:37:7c:67:e3:fc:2e:01:be:5e:78:d6:
1d:85:2a:d0:97:cd:b7:b8:ae:e6:ff:9b:1f:ba:00:
5c:75:56:8c:ee:d7:e8:22:d8:08:66:e3:ad:32:e0:
2e:31:8b:47:78:49:3c:b1:be:5c:8c:74:06:5e:0d:
f7:51:75:45:46:23:ee:93:63:c6:f8:2f:7e:85:3e:
b1:4c:69:61:c6:4f:27:96:f7:e9:c3:80:34:89:7d:
eb:29:99:ec:23:ef:02:10:c0:07:f1:0b:9f:ab:6d:
06:18:31:45:71:13:c4:cc:2f:ed:eb:30:9c:1c:b6:
17:f6:63:e1:ec:25:32:7a:1b:f2:63:e7:f5:b3:3c:
6f:84:56:8b:76:33:d2:1a:d3:b6:4d:af:a5:fd:c3:
1a:05:4c:0c:2c:62:b9:52:83:b9:a2:76:14:d9:9b:
22:7b:cb:35:4b:8a:72:44:4d:d8:b1:26:f5:e1:e3:
75:15:89:a0:c9:6f:e3:7c:4b:90:68:64:d7:95:78:
1d:d2:cc:dc:5c:0f:a2:04:3c:76:01:f8:6a:85:67:
e4:f7:cd:a6:99:57:54:47:ad:5a:e9:1a:ae:31:35:
cc:42:41:a4:fb:69:83:c2:26:e3:a6:97:ef:b9:71:
99:a1:be:32:3c:21:59:1c:1f:90:85:1a:57:d4:c7:
df:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F9:91:1E:60:6D:EA:16:E0:72:33:E5:A5:0F:51:6B:A4:39:BA:A2
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ZfmRHmBt6hbgcjPlpQ9Ra6Q5uqI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.23.63.0/24
Signature Algorithm: sha256WithRSAEncryption
12:72:c9:33:f6:2d:a0:21:e7:c7:73:23:ca:aa:10:9a:f1:79:
92:ee:1f:76:bf:58:45:fc:66:7b:64:4e:fc:e2:87:c1:5a:c5:
4f:71:88:2c:5c:57:ea:ad:c5:63:ac:67:60:64:d7:1b:30:78:
a8:21:98:b2:af:07:52:5d:4f:2f:e8:94:58:86:7c:a6:18:27:
71:5d:7e:89:19:94:39:c4:0e:a8:60:85:ed:b5:94:04:55:da:
5a:e9:5b:65:2a:b5:f7:3f:c9:a2:f7:82:04:da:09:53:b7:77:
fa:dc:02:b0:26:25:e3:75:99:67:e3:d5:b1:b0:2b:0e:eb:cb:
e1:f2:48:6e:8f:dc:e4:b8:0e:08:a4:62:bb:66:b6:ce:af:6f:
bb:71:35:39:2c:3a:8b:56:dc:5d:cb:bc:fd:61:d6:fa:5a:33:
6d:00:3b:39:2e:51:82:1e:fb:95:05:91:ba:d3:87:14:03:f3:
d2:fc:8f:1a:46:f7:3f:c0:8c:d6:a5:a8:1b:00:ac:49:95:4e:
66:42:be:8e:1e:51:70:f3:c3:95:c1:2d:29:54:e0:78:c7:95:
f5:6e:1c:ed:e8:aa:2d:aa:c9:7e:05:cd:06:69:30:6f:f2:a6:
7f:01:07:4e:8c:69:ee:62:80:3c:17:16:23:33:2c:62:49:92:
58:ad:67:52
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEG8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY1Rjk5MTFFNjA2REVB
MTZFMDcyMzNFNUE1MEY1MTZCQTQzOUJBQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCRidk3fGfj/C4Bvl541h2FKtCXzbe4rub/mx+6AFx1Vozu1+gi
2Ahm460y4C4xi0d4STyxvlyMdAZeDfdRdUVGI+6TY8b4L36FPrFMaWHGTyeW9+nD
gDSJfespmewj7wIQwAfxC5+rbQYYMUVxE8TML+3rMJwcthf2Y+HsJTJ6G/Jj5/Wz
PG+EVot2M9Ia07ZNr6X9wxoFTAwsYrlSg7midhTZmyJ7yzVLinJETdixJvXh43UV
iaDJb+N8S5BoZNeVeB3SzNxcD6IEPHYB+GqFZ+T3zaaZV1RHrVrpGq4xNcxCQaT7
aYPCJuOml++5cZmhvjI8IVkcH5CFGlfUx98rAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZfmRHmBt6hbgcjPlpQ9Ra6Q5uqIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWmZtUkhtQnQ2aGJnY2pQbHBROVJh
NlE1dXFJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8XPzAN
BgkqhkiG9w0BAQsFAAOCAQEAEnLJM/YtoCHnx3MjyqoQmvF5ku4fdr9YRfxme2RO
/OKHwVrFT3GILFxX6q3FY6xnYGTXGzB4qCGYsq8HUl1PL+iUWIZ8phgncV1+iRmU
OcQOqGCF7bWUBFXaWulbZSq19z/JoveCBNoJU7d3+twCsCYl43WZZ+PVsbArDuvL
4fJIbo/c5LgOCKRiu2a2zq9vu3E1OSw6i1bcXcu8/WHW+lozbQA7OS5Rgh77lQWR
utOHFAPz0vyPGkb3P8CM1qWoGwCsSZVOZkK+jh5RcPPDlcEtKVTgeMeV9W4c7eiq
LarJfgXNBmkwb/KmfwEHToxp7mKAPBcWIzMsYkmSWK1nUg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org