Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/_25hTZgXdBYR6f7G8u3YGjPnhsA.roa
File: _25hTZgXdBYR6f7G8u3YGjPnhsA.roa (raw, json)
Hash identifier: oG8HAIeN3vdVCKWEdFl6BMJ+65v5Lf9rEbz/G374skM=
Subject key identifier: FF:6E:61:4D:98:17:74:16:11:E9:FE:C6:F2:ED:D8:1A:33:E7:86:C0
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/_25hTZgXdBYR6f7G8u3YGjPnhsA.roa
Signing time: Thu 15 Sep 2022 02:40:30 +0000
ROA not before: Thu 15 Sep 2022 02:40:30 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 210.58.88.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:40:30 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=FF6E614D9817741611E9FEC6F2EDD81A33E786C0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:da:f1:fd:ce:30:a8:4f:28:9d:9a:a2:74:91:
6d:26:13:1c:9b:ba:6d:16:7b:24:2d:d3:4c:2d:51:
8a:49:80:35:67:11:f6:7c:b5:2b:f6:56:75:b7:13:
5c:09:7a:64:d1:7d:3f:72:76:ed:75:20:ef:f3:3a:
73:00:28:a5:27:26:07:29:84:5f:cf:8e:fb:24:c5:
92:74:6e:2f:63:f8:8d:51:b3:95:69:a4:01:8c:ec:
50:89:26:03:d2:c0:98:62:08:52:6b:d3:53:41:1b:
80:0c:81:d2:e8:91:77:3a:b7:7b:55:4e:bf:0a:13:
d8:ca:75:81:7e:b7:d9:58:05:cd:64:97:6e:40:8e:
32:7b:71:eb:7c:02:e5:fd:ae:9d:92:32:07:b0:9c:
01:40:c7:84:41:0f:6e:6d:01:45:00:90:70:38:d1:
0b:f8:f4:dc:35:f4:17:de:47:d9:91:fa:11:ae:57:
7e:a2:3f:39:f7:97:18:eb:0a:2c:9a:e4:c0:50:ce:
e7:d4:80:80:de:4c:96:d9:75:fd:a6:1b:eb:3c:78:
24:6f:a5:f1:b3:e2:db:7c:ea:ba:63:d0:76:18:ed:
5a:48:f1:75:59:d8:7e:4d:22:fc:5a:6f:f8:7a:02:
4a:1e:09:f9:f3:24:f3:2c:48:20:3d:02:e1:9b:c6:
41:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:6E:61:4D:98:17:74:16:11:E9:FE:C6:F2:ED:D8:1A:33:E7:86:C0
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/_25hTZgXdBYR6f7G8u3YGjPnhsA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.88.0/24
Signature Algorithm: sha256WithRSAEncryption
73:e1:96:7a:34:09:21:cd:03:55:42:5b:5b:38:c7:bf:5e:50:
64:54:be:f0:aa:5c:7e:3e:8d:a8:31:8e:5d:ff:71:ad:d9:e8:
d0:be:3b:2c:58:46:61:18:df:2e:53:ee:66:54:f7:6a:53:97:
cb:37:05:54:76:2d:fb:2e:04:4d:40:71:ef:f3:1d:a0:da:ec:
39:70:4c:b4:02:3d:97:1f:01:5f:67:97:da:87:1d:72:07:f0:
94:3d:f4:8c:64:fe:4d:76:60:d9:13:53:ec:8f:0f:6c:c1:37:
79:33:15:69:c3:4c:8b:04:74:24:06:46:67:0a:71:f7:c8:07:
74:34:05:15:5a:fd:7e:f6:9a:66:8c:62:56:24:80:a4:03:89:
ef:5d:58:5d:b6:e3:f1:d7:e1:89:56:da:fb:04:96:b4:ef:39:
7c:35:87:a8:e7:a5:96:3c:de:b4:7a:eb:9f:65:a9:8f:0a:54:
0e:3d:5a:4f:df:23:84:b9:0e:40:6e:48:26:01:83:0e:e6:10:
7b:c0:fc:1a:a5:db:a4:78:90:74:bb:e1:ef:42:ab:3c:35:2f:
44:f5:97:b6:02:b3:3c:d5:54:2b:e0:ab:75:c8:c5:09:d0:23:
9c:e4:22:a5:db:6f:80:a5:ff:2b:b0:24:e2:b1:fb:8e:a0:40:
07:39:3a:17
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMzBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZGNkU2MTREOTgxNzc0
MTYxMUU5RkVDNkYyRUREODFBMzNFNzg2QzAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz2vH9zjCoTyidmqJ0kW0mExybum0WeyQt00wtUYpJgDVnEfZ8
tSv2VnW3E1wJemTRfT9ydu11IO/zOnMAKKUnJgcphF/PjvskxZJ0bi9j+I1Rs5Vp
pAGM7FCJJgPSwJhiCFJr01NBG4AMgdLokXc6t3tVTr8KE9jKdYF+t9lYBc1kl25A
jjJ7cet8AuX9rp2SMgewnAFAx4RBD25tAUUAkHA40Qv49Nw19BfeR9mR+hGuV36i
Pzn3lxjrCiya5MBQzufUgIDeTJbZdf2mG+s8eCRvpfGz4tt86rpj0HYY7VpI8XVZ
2H5NIvxab/h6AkoeCfnzJPMsSCA9AuGbxkF7AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU/25hTZgXdBYR6f7G8u3YGjPnhsAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvXzI1aFRaZ1hkQllSNmY3Rzh1M1lH
alBuaHNBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6WDAN
BgkqhkiG9w0BAQsFAAOCAQEAc+GWejQJIc0DVUJbWzjHv15QZFS+8Kpcfj6NqDGO
Xf9xrdno0L47LFhGYRjfLlPuZlT3alOXyzcFVHYt+y4ETUBx7/MdoNrsOXBMtAI9
lx8BX2eX2ocdcgfwlD30jGT+TXZg2RNT7I8PbME3eTMVacNMiwR0JAZGZwpx98gH
dDQFFVr9fvaaZoxiViSApAOJ711YXbbj8dfhiVba+wSWtO85fDWHqOelljzetHrr
n2WpjwpUDj1aT98jhLkOQG5IJgGDDuYQe8D8GqXbpHiQdLvh70KrPDUvRPWXtgKz
PNVUK+CrdcjFCdAjnOQipdtvgKX/K7Ak4rH7jqBABzk6Fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org