Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/_DscL-tS8tztwLIuwoLcAuzZsWs.roa
File: _DscL-tS8tztwLIuwoLcAuzZsWs.roa (raw, json)
Hash identifier: yKy+K5FcDZ18xtQ27V+Ky353BaqItFO9S6v/7ZJESZY=
Subject key identifier: FC:3B:1C:2F:EB:52:F2:DC:ED:C0:B2:2E:C2:82:DC:02:EC:D9:B1:6B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12ED
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/_DscL-tS8tztwLIuwoLcAuzZsWs.roa
Signing time: Fri 01 Sep 2023 08:05:10 +0000
ROA not before: Fri 01 Sep 2023 08:05:10 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9311
IP address blocks: 210.200.106.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4845 (0x12ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:10 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=FC3B1C2FEB52F2DCEDC0B22EC282DC02ECD9B16B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:47:dd:a4:da:3d:f5:12:11:b0:24:88:37:a2:
85:e6:0e:4f:c7:c1:ca:67:c2:dd:8f:33:92:c5:41:
17:96:35:f1:27:26:8e:0a:90:f4:d7:ec:93:93:1b:
ab:0f:16:3f:e8:ce:3a:f5:f1:77:60:ea:44:1f:16:
5f:db:80:53:34:ce:99:47:f3:2c:7d:a5:57:8f:f2:
a5:0e:ba:95:a6:74:65:f2:58:1d:0c:03:20:3d:d2:
8e:1f:6d:4c:05:0e:06:9a:26:0d:63:75:67:e9:22:
f0:fc:76:e6:a5:18:7d:a6:0b:20:91:e5:af:33:96:
b4:66:94:1b:69:5d:30:03:18:91:17:4f:ac:a4:f7:
b1:96:ee:ed:aa:0f:54:fc:4a:1e:aa:fd:55:50:e5:
d4:81:d0:ba:d5:65:d5:88:67:38:ba:04:b4:3a:3e:
12:24:26:2d:7a:05:7b:06:2e:1b:b2:46:62:de:af:
f3:ee:c4:35:7a:d3:33:cc:9f:85:20:35:6d:28:d8:
17:0f:70:b6:89:86:72:b5:82:36:30:7b:1c:3c:88:
c4:6f:37:4a:09:14:79:47:14:7f:00:cc:91:63:31:
a6:ba:01:24:f2:60:85:b5:37:a2:63:e0:25:56:2d:
53:90:b7:9a:69:1e:ec:c3:bc:a0:40:53:51:27:f6:
0a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:3B:1C:2F:EB:52:F2:DC:ED:C0:B2:2E:C2:82:DC:02:EC:D9:B1:6B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/_DscL-tS8tztwLIuwoLcAuzZsWs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.106.0/24
Signature Algorithm: sha256WithRSAEncryption
04:88:aa:97:78:c5:8d:cd:3f:7c:6c:6f:4d:3f:f9:d9:ff:8f:
35:f3:2c:dc:21:a4:42:b7:41:d7:7f:4e:25:9d:14:3c:ed:dd:
7e:73:d4:60:b2:34:04:ad:4a:a9:0f:af:59:39:8d:31:3e:8c:
35:5a:dc:f1:c4:0b:8e:8f:93:40:f9:36:69:93:f3:d4:89:9c:
23:91:6b:54:68:47:ab:7b:9c:b0:22:36:80:ba:76:f8:8d:ca:
9c:a2:e8:41:95:05:fb:97:e1:70:a7:9b:83:ff:9f:5d:af:33:
c5:b4:80:57:da:71:0d:a0:f6:9b:73:87:6c:4d:83:20:32:ad:
2a:4b:f7:d9:6e:4b:94:24:75:93:fd:c1:95:1d:e6:44:93:f1:
0a:16:1e:ba:0d:ac:65:34:55:61:aa:6a:3c:9a:c5:0a:87:b4:
80:96:77:13:56:a7:60:ac:46:65:b3:15:8b:35:2b:00:50:00:
1d:bb:7e:c0:e5:64:15:8e:b7:27:9f:c6:18:cc:0d:5a:9f:84:
5a:17:6c:ab:8d:ff:7d:13:21:4b:6b:da:4d:43:c5:cb:f9:df:
24:79:22:6d:6e:5a:ac:f6:41:ec:17:1e:2e:06:e9:49:83:06:
e0:3a:d4:49:68:52:43:f0:17:12:e0:65:dd:7b:df:bc:90:c5:
7a:70:f1:43
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEu0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEZDM0IxQzJGRUI1MkYy
RENFREMwQjIyRUMyODJEQzAyRUNEOUIxNkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTR92k2j31EhGwJIg3ooXmDk/Hwcpnwt2PM5LFQReWNfEnJo4K
kPTX7JOTG6sPFj/ozjr18Xdg6kQfFl/bgFM0zplH8yx9pVeP8qUOupWmdGXyWB0M
AyA90o4fbUwFDgaaJg1jdWfpIvD8dualGH2mCyCR5a8zlrRmlBtpXTADGJEXT6yk
97GW7u2qD1T8Sh6q/VVQ5dSB0LrVZdWIZzi6BLQ6PhIkJi16BXsGLhuyRmLer/Pu
xDV60zPMn4UgNW0o2BcPcLaJhnK1gjYwexw8iMRvN0oJFHlHFH8AzJFjMaa6ASTy
YIW1N6Jj4CVWLVOQt5ppHuzDvKBAU1En9gqvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU/DscL+tS8tztwLIuwoLcAuzZsWswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvX0RzY0wtdFM4dHp0d0xJdXdvTGNB
dXpac1dzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANLIajAN
BgkqhkiG9w0BAQsFAAOCAQEABIiql3jFjc0/fGxvTT/52f+PNfMs3CGkQrdB139O
JZ0UPO3dfnPUYLI0BK1KqQ+vWTmNMT6MNVrc8cQLjo+TQPk2aZPz1ImcI5FrVGhH
q3ucsCI2gLp2+I3KnKLoQZUF+5fhcKebg/+fXa8zxbSAV9pxDaD2m3OHbE2DIDKt
Kkv32W5LlCR1k/3BlR3mRJPxChYeug2sZTRVYapqPJrFCoe0gJZ3E1anYKxGZbMV
izUrAFAAHbt+wOVkFY63J5/GGMwNWp+EWhdsq43/fRMhS2vaTUPFy/nfJHkibW5a
rPZB7BceLgbpSYMG4DrUSWhSQ/AXEuBl3XvfvJDFenDxQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org