Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/_NAbfs31bZs8PgBmlB9BbnDledU.roa
File: _NAbfs31bZs8PgBmlB9BbnDledU.roa (raw, json)
Hash identifier: 70J8Uvg1Q+kB1FqfKD7YV1BVmvHoUM1BJF+DdQicBh0=
Subject key identifier: FC:D0:1B:7E:CD:F5:6D:9B:3C:3E:00:66:94:1F:41:6E:70:E5:79:D5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 124F
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/_NAbfs31bZs8PgBmlB9BbnDledU.roa
Signing time: Fri 01 Sep 2023 08:04:19 +0000
ROA not before: Fri 01 Sep 2023 08:04:19 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 210.203.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4687 (0x124f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:19 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=FCD01B7ECDF56D9B3C3E0066941F416E70E579D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:19:57:f7:e8:62:04:a2:b2:58:94:c3:fe:94:
c2:f6:16:e7:9d:8c:5f:96:f0:3b:63:00:43:86:78:
8f:e0:88:ff:ec:68:b1:03:1d:84:54:61:f1:08:e8:
43:ad:0e:93:fa:7f:d5:b6:19:fb:8d:2f:9a:fa:74:
a6:2a:12:40:6f:67:92:78:ac:ea:87:a3:ea:31:ca:
5b:b2:15:7f:4d:dc:fd:57:06:f7:27:84:34:0d:ca:
ac:b2:f0:66:79:1f:7f:90:a3:61:8d:ed:ca:6d:5f:
59:1c:06:25:6c:cf:5b:ee:81:68:29:bf:2c:a3:e6:
d3:f6:d2:8b:7b:97:bf:c7:a7:df:16:a2:dd:7a:4c:
73:e8:e7:89:74:b3:e9:8c:2a:19:ec:d6:89:50:30:
9a:9d:1f:f6:ab:74:53:89:d6:c4:e9:9c:f9:c1:79:
66:f3:25:9a:f6:99:a5:44:7d:07:af:44:3c:92:45:
ca:61:f7:7f:05:96:c9:77:4d:16:a6:9d:8f:08:01:
10:92:33:fe:d1:f9:e6:7c:b3:36:5d:01:fa:cb:dd:
11:0d:0d:67:42:db:e8:4c:a7:60:b6:9f:cb:5b:6d:
c2:e1:36:b1:29:76:26:8d:6d:f4:39:16:16:4d:85:
af:4e:c7:3c:16:a2:9f:f2:4a:40:cb:a6:9c:b5:58:
18:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:D0:1B:7E:CD:F5:6D:9B:3C:3E:00:66:94:1F:41:6E:70:E5:79:D5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/_NAbfs31bZs8PgBmlB9BbnDledU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/17
Signature Algorithm: sha256WithRSAEncryption
64:08:17:a4:27:82:13:e9:4f:15:bb:8a:7d:22:f7:ea:0f:ec:
9b:c0:34:d9:28:3f:17:32:5f:cb:1e:9e:60:7d:ef:45:ca:ec:
8f:c2:df:41:9f:fd:6e:99:53:e5:88:b8:67:c4:5b:a8:d0:6e:
01:b2:74:6e:62:e3:a0:c2:b1:29:2b:e5:57:d1:10:e9:3f:e4:
69:0c:2a:70:13:1c:18:c0:24:6a:93:62:9e:46:cc:6e:43:26:
4a:5b:77:8a:7a:93:28:36:12:e9:e1:5a:7a:6a:a3:38:9f:69:
e5:15:86:46:17:be:47:01:8e:33:dd:ec:8d:48:d6:64:52:83:
22:05:d9:fb:d2:81:49:5b:73:97:46:1e:b5:0f:d3:f3:31:aa:
cc:d4:b7:1d:60:15:9f:20:c9:79:6c:56:82:2e:de:18:7c:5c:
99:31:aa:ab:02:25:8a:74:fe:26:ec:20:95:dc:97:44:46:1f:
c5:30:34:94:81:0c:15:23:c4:55:38:1b:cf:81:6f:d9:eb:a5:
df:49:e1:b6:d4:cb:be:d8:29:75:e4:89:08:9a:89:02:90:f3:
06:75:cc:5e:0d:c6:db:49:88:5e:c4:cd:fd:81:53:ce:d0:b0:
66:e1:99:fc:15:07:ac:74:23:56:68:df:f3:a9:58:eb:2c:af:
38:2a:cc:c1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEk8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MTlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEZDRDAxQjdFQ0RGNTZE
OUIzQzNFMDA2Njk0MUY0MTZFNzBFNTc5RDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCjGVf36GIEorJYlMP+lML2FuedjF+W8DtjAEOGeI/giP/saLED
HYRUYfEI6EOtDpP6f9W2GfuNL5r6dKYqEkBvZ5J4rOqHo+oxyluyFX9N3P1XBvcn
hDQNyqyy8GZ5H3+Qo2GN7cptX1kcBiVsz1vugWgpvyyj5tP20ot7l7/Hp98Wot16
THPo54l0s+mMKhns1olQMJqdH/ardFOJ1sTpnPnBeWbzJZr2maVEfQevRDySRcph
938Flsl3TRamnY8IARCSM/7R+eZ8szZdAfrL3RENDWdC2+hMp2C2n8tbbcLhNrEp
diaNbfQ5FhZNha9OxzwWop/ySkDLppy1WBj1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQU/NAbfs31bZs8PgBmlB9BbnDledUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvX05BYmZzMzFiWnM4UGdCbWxCOUJi
bkRsZWRVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9LLADAN
BgkqhkiG9w0BAQsFAAOCAQEAZAgXpCeCE+lPFbuKfSL36g/sm8A02Sg/FzJfyx6e
YH3vRcrsj8LfQZ/9bplT5Yi4Z8RbqNBuAbJ0bmLjoMKxKSvlV9EQ6T/kaQwqcBMc
GMAkapNinkbMbkMmSlt3inqTKDYS6eFaemqjOJ9p5RWGRhe+RwGOM93sjUjWZFKD
IgXZ+9KBSVtzl0YetQ/T8zGqzNS3HWAVnyDJeWxWgi7eGHxcmTGqqwIlinT+Juwg
ldyXREYfxTA0lIEMFSPEVTgbz4Fv2eul30nhttTLvtgpdeSJCJqJApDzBnXMXg3G
20mIXsTN/YFTztCwZuGZ/BUHrHQjVmjf86lY6yyvOCrMwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org