Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ZtHZsjWDv0E4GwdJ7vtFIpIvHOY.roa
File: ZtHZsjWDv0E4GwdJ7vtFIpIvHOY.roa (raw, json)
Hash identifier: z3B7nCYLH3zTOxbnBq17lSTeBuckLif1ALMp/VM1yJQ=
Subject key identifier: 66:D1:D9:B2:35:83:BF:41:38:1B:07:49:EE:FB:45:22:92:2F:1C:E6
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1329
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ZtHZsjWDv0E4GwdJ7vtFIpIvHOY.roa
Signing time: Fri 01 Sep 2023 08:05:27 +0000
ROA not before: Fri 01 Sep 2023 08:05:27 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 124.219.0.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4905 (0x1329)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:27 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=66D1D9B23583BF41381B0749EEFB4522922F1CE6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8b:ac:49:4b:2e:dc:5a:c7:a0:d6:e8:ea:1b:
f9:bf:39:46:f7:be:b4:93:00:70:f6:dc:83:a6:45:
7c:be:6f:84:29:a6:2b:3b:01:74:b4:e4:51:9f:f9:
07:65:45:ce:3d:2d:62:8b:3e:a3:3c:69:df:3f:7e:
01:e1:88:30:97:7f:b9:df:4b:1d:fc:eb:f8:c3:c0:
35:ea:ce:c6:c7:78:c7:f1:d4:46:0b:f4:0a:c9:ce:
6c:70:2e:2b:1a:56:4f:e8:22:7f:a2:69:92:65:8d:
e7:71:00:0e:c4:70:98:47:90:90:a7:00:ca:2f:e6:
40:39:69:ac:41:f7:b9:39:b3:4b:d7:19:ca:26:e5:
4d:4a:9b:a7:76:3f:f0:49:d9:1c:c2:75:77:18:2d:
88:25:9a:ee:71:8c:98:9e:d8:03:cb:40:15:10:de:
06:eb:20:0a:79:ac:8e:d3:34:c0:c4:f0:c6:1a:f7:
cf:93:54:0d:98:d2:99:31:a1:bd:50:f8:07:c3:7e:
e7:2d:3f:61:91:5a:2b:8d:7a:c5:f2:16:ed:88:81:
fb:ac:dd:90:10:9f:e0:e2:e8:89:f8:64:84:a6:e0:
9c:8c:0f:b7:5b:e9:85:ae:88:7c:ca:08:e4:9c:06:
57:c4:e4:0b:43:1b:16:04:43:fb:92:e9:a0:34:df:
37:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D1:D9:B2:35:83:BF:41:38:1B:07:49:EE:FB:45:22:92:2F:1C:E6
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ZtHZsjWDv0E4GwdJ7vtFIpIvHOY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.219.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1f:3b:e3:61:14:cd:0e:1d:a1:3b:81:0f:27:84:94:c3:fb:07:
23:f3:33:bc:d9:d3:e5:01:ae:4f:c0:61:84:b0:71:5e:ef:64:
9b:47:62:9d:a1:fd:44:01:d9:00:a0:6e:b7:33:6d:99:b6:a6:
fe:5d:df:cb:d7:ed:8a:51:7c:6f:ee:cd:39:3e:02:71:e9:0d:
4c:50:0d:8b:16:8e:23:38:a2:df:d1:11:f8:bd:bf:72:b0:f3:
6e:4f:26:fe:43:90:e7:f3:ea:99:fe:8d:a2:1f:01:95:8f:26:
20:58:b7:b2:a1:99:39:e9:f4:e1:70:03:68:4a:e0:64:5f:dd:
3d:aa:6b:fb:a7:24:07:fd:93:c3:b6:e1:8a:66:34:75:be:40:
e8:dc:3d:94:48:cd:90:e3:01:ab:13:79:41:27:eb:57:e0:67:
2d:6b:37:99:a7:84:06:8f:f3:64:92:c3:15:b2:2e:1c:a2:d1:
ed:3c:29:27:8a:44:65:5f:6a:4c:85:55:ae:4e:05:d8:be:2e:
1c:7d:4a:81:78:8f:6f:4c:63:45:5f:fa:5e:18:eb:91:ea:ef:
55:61:44:98:49:22:5a:5e:d1:a7:1b:ec:24:68:14:ab:d0:ef:
99:64:25:5b:72:3d:31:de:f4:62:69:fa:e8:8d:c7:e3:79:99:
f5:e1:90:7e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEykwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY2RDFEOUIyMzU4M0JG
NDEzODFCMDc0OUVFRkI0NTIyOTIyRjFDRTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGi6xJSy7cWseg1ujqG/m/OUb3vrSTAHD23IOmRXy+b4Qppis7
AXS05FGf+QdlRc49LWKLPqM8ad8/fgHhiDCXf7nfSx386/jDwDXqzsbHeMfx1EYL
9ArJzmxwLisaVk/oIn+iaZJljedxAA7EcJhHkJCnAMov5kA5aaxB97k5s0vXGcom
5U1Km6d2P/BJ2RzCdXcYLYglmu5xjJie2APLQBUQ3gbrIAp5rI7TNMDE8MYa98+T
VA2Y0pkxob1Q+AfDfuctP2GRWiuNesXyFu2Igfus3ZAQn+Di6In4ZISm4JyMD7db
6YWuiHzKCOScBlfE5AtDGxYEQ/uS6aA03zcVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZtHZsjWDv0E4GwdJ7vtFIpIvHOYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvWnRIWnNqV0R2MEU0R3dkSjd2dEZJ
cEl2SE9ZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3zbADAN
BgkqhkiG9w0BAQsFAAOCAQEAHzvjYRTNDh2hO4EPJ4SUw/sHI/MzvNnT5QGuT8Bh
hLBxXu9km0dinaH9RAHZAKButzNtmbam/l3fy9ftilF8b+7NOT4CcekNTFANixaO
Izii39ER+L2/crDzbk8m/kOQ5/Pqmf6Noh8BlY8mIFi3sqGZOen04XADaErgZF/d
Papr+6ckB/2Tw7bhimY0db5A6Nw9lEjNkOMBqxN5QSfrV+BnLWs3maeEBo/zZJLD
FbIuHKLR7TwpJ4pEZV9qTIVVrk4F2L4uHH1KgXiPb0xjRV/6XhjrkervVWFEmEki
Wl7RpxvsJGgUq9DvmWQlW3I9Md70Ymn66I3H43mZ9eGQfg==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org