Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/aeraDlTr8LQ9h37ZGP85jyb5kGA.roa
File: aeraDlTr8LQ9h37ZGP85jyb5kGA.roa (raw, json)
Hash identifier: RqOzYRC2+z5BvfILRLOUpgmc2u4rHB8HNmczJIiurkc=
Subject key identifier: 69:EA:DA:0E:54:EB:F0:B4:3D:87:7E:D9:18:FF:39:8F:26:F9:90:60
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/aeraDlTr8LQ9h37ZGP85jyb5kGA.roa
Signing time: Thu 15 Sep 2022 02:40:25 +0000
ROA not before: Thu 15 Sep 2022 02:40:25 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131142
IP address blocks: 203.79.204.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:40:25 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=69EADA0E54EBF0B43D877ED918FF398F26F99060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:20:dc:9e:49:60:bc:0f:5e:12:0d:f4:80:de:
dc:1d:34:9c:a7:e8:52:10:dc:bb:3e:6d:6b:10:1a:
ef:18:6e:a8:57:6a:63:70:37:57:df:57:3d:e6:40:
5a:11:cb:15:1d:ad:54:e7:62:fc:13:92:f0:5f:bb:
44:8b:69:0f:31:c9:40:d2:e3:ab:c6:5e:ba:0a:74:
3f:cb:62:95:23:62:80:77:09:1f:b6:e6:52:d3:ab:
bf:ab:ee:9e:65:53:38:86:95:ef:8f:27:0a:8f:72:
f1:d9:6c:d6:64:eb:43:b4:a4:66:ff:4b:ea:c6:c2:
fc:52:67:eb:82:62:5a:d7:ee:d5:6b:5c:f8:d2:6a:
c8:4c:ad:6d:1d:c6:55:70:6a:68:a6:02:a5:6f:0a:
37:8c:a4:8c:ed:66:20:41:d6:eb:23:98:5f:0e:38:
7b:4b:f1:b5:5d:20:90:00:6f:5a:74:ec:ac:4c:dc:
01:8f:2a:c3:66:12:ce:47:ca:a1:78:5b:2f:89:be:
af:a9:d9:3a:03:5a:59:d9:dc:c4:56:df:4f:41:e3:
fa:ab:d6:97:6b:0a:6c:ad:55:44:c1:64:64:b8:56:
c9:e4:79:14:e2:60:56:bc:00:1a:cb:d2:b3:9b:e4:
f2:11:5f:44:79:f1:78:7d:8c:d8:ed:b2:d5:70:e1:
08:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EA:DA:0E:54:EB:F0:B4:3D:87:7E:D9:18:FF:39:8F:26:F9:90:60
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/aeraDlTr8LQ9h37ZGP85jyb5kGA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.204.0/23
Signature Algorithm: sha256WithRSAEncryption
ae:79:e6:52:31:a4:90:67:3a:b0:8d:9c:c7:be:80:21:71:71:
96:69:96:34:49:55:e0:7d:a1:2b:47:eb:db:43:94:dd:41:7d:
85:35:b8:42:92:55:ac:46:95:4e:c8:2e:ea:80:90:ba:d1:d8:
2f:c7:8a:7c:b7:d4:98:b0:aa:fd:b2:6a:9a:32:f4:f0:39:c2:
64:2b:25:7b:41:e4:e5:53:e1:a6:8a:fc:10:df:7b:0e:e8:10:
15:a7:33:95:55:1b:5c:89:3d:d5:1b:de:fe:19:fa:42:c4:38:
cc:d3:a6:44:f9:d2:74:14:1d:5c:dd:1a:0f:c2:3f:c1:a2:6e:
77:82:d4:f7:78:3b:79:10:0f:94:ac:6c:0a:85:15:b1:31:fa:
5b:6a:8d:7b:dd:08:5c:01:93:58:dc:18:0c:b6:93:fa:bd:4f:
5d:39:a8:51:e1:08:94:d8:ed:e0:03:05:f3:4f:e2:e8:86:f6:
f2:7a:ed:9e:fd:b9:6e:a8:f6:3f:95:51:3a:37:6f:6f:0a:dc:
fa:65:22:0f:d7:26:a1:c3:49:47:de:c9:ca:70:bd:f4:4f:7f:
94:2b:8b:29:85:0a:75:e1:6e:a4:ab:8d:35:40:6c:da:60:b6:
28:88:ae:dc:5e:99:4b:d1:f6:85:73:3f:6a:5b:86:08:7d:7f:
30:65:b7:c3
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMjVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDY5RUFEQTBFNTRFQkYw
QjQzRDg3N0VEOTE4RkYzOThGMjZGOTkwNjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDpINyeSWC8D14SDfSA3twdNJyn6FIQ3Ls+bWsQGu8YbqhXamNw
N1ffVz3mQFoRyxUdrVTnYvwTkvBfu0SLaQ8xyUDS46vGXroKdD/LYpUjYoB3CR+2
5lLTq7+r7p5lUziGle+PJwqPcvHZbNZk60O0pGb/S+rGwvxSZ+uCYlrX7tVrXPjS
ashMrW0dxlVwamimAqVvCjeMpIztZiBB1usjmF8OOHtL8bVdIJAAb1p07KxM3AGP
KsNmEs5HyqF4Wy+Jvq+p2ToDWlnZ3MRW309B4/qr1pdrCmytVUTBZGS4VsnkeRTi
YFa8ABrL0rOb5PIRX0R58Xh9jNjtstVw4QgzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUaeraDlTr8LQ9h37ZGP85jyb5kGAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvYWVyYURsVHI4TFE5aDM3WkdQODVq
eWI1a0dBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEActPzDAN
BgkqhkiG9w0BAQsFAAOCAQEArnnmUjGkkGc6sI2cx76AIXFxlmmWNElV4H2hK0fr
20OU3UF9hTW4QpJVrEaVTsgu6oCQutHYL8eKfLfUmLCq/bJqmjL08DnCZCsle0Hk
5VPhpor8EN97DugQFaczlVUbXIk91Rve/hn6QsQ4zNOmRPnSdBQdXN0aD8I/waJu
d4LU93g7eRAPlKxsCoUVsTH6W2qNe90IXAGTWNwYDLaT+r1PXTmoUeEIlNjt4AMF
80/i6Ib28nrtnv25bqj2P5VROjdvbwrc+mUiD9cmocNJR97JynC99E9/lCuLKYUK
deFupKuNNUBs2mC2KIiu3F6ZS9H2hXM/aluGCH1/MGW3ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org