Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/bmgIHZcHQbOCkZA9u1QfbQtvOEc.roa
File: bmgIHZcHQbOCkZA9u1QfbQtvOEc.roa (raw, json)
Hash identifier: KnprOFMvVwarN5j98kDHgDuoC+euR2zETVMq6MH/tOM=
Subject key identifier: 6E:68:08:1D:97:07:41:B3:82:91:90:3D:BB:54:1F:6D:0B:6F:38:47
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0CDF
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/bmgIHZcHQbOCkZA9u1QfbQtvOEc.roa
Signing time: Sun 07 Feb 2021 13:05:58 +0000
ROA not before: Sun 07 Feb 2021 13:05:58 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17709
IP address blocks: 210.201.32.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3295 (0xcdf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 13:05:58 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=6E68081D970741B38291903DBB541F6D0B6F3847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5b:cb:6c:9c:2f:ee:bd:f6:70:fd:71:25:21:
61:2f:dc:dc:87:35:8f:0b:91:83:61:ca:8a:f6:d4:
f2:8d:41:53:3c:a3:1c:5d:d9:55:a6:74:10:0e:8b:
5a:af:ed:ca:57:bd:68:51:92:80:fd:5c:04:18:75:
f9:81:69:31:91:c2:ed:dd:91:d0:9b:06:98:b5:00:
2b:56:c8:5f:be:7e:d1:f9:a7:54:4e:24:8f:27:81:
b7:e8:0c:a2:cc:fa:6e:4d:c7:91:0b:f6:15:40:f7:
28:ae:6e:31:1d:56:9c:09:e8:11:c9:c9:e8:24:5e:
7d:f7:51:c5:aa:f4:ca:11:a0:d3:8b:61:82:b3:46:
99:74:2d:47:99:a1:d0:ff:08:e0:6f:fc:5f:b0:b7:
ef:73:0b:d0:8f:97:3e:59:e6:5b:e0:5f:90:7b:2e:
8e:62:27:10:f2:86:a0:72:fb:81:52:60:9d:43:f2:
92:69:ea:a4:45:94:c0:9e:8d:ab:59:14:4b:03:c2:
7f:a1:79:a0:db:d6:13:76:3f:ea:b4:8e:b8:62:0d:
a8:8e:4f:40:29:4d:15:35:54:a0:d0:4a:b3:38:b4:
e1:07:51:01:34:a6:7c:37:57:c1:4e:9a:65:0b:b7:
c1:b8:b4:cb:d6:de:7c:b9:7f:60:74:95:c0:36:2a:
61:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:68:08:1D:97:07:41:B3:82:91:90:3D:BB:54:1F:6D:0B:6F:38:47
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/bmgIHZcHQbOCkZA9u1QfbQtvOEc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:df:d0:8f:fa:33:ae:dd:74:51:da:23:fe:f1:98:91:33:20:
56:83:6d:80:7a:3f:b7:f7:3b:c6:3e:04:02:7d:3c:00:13:81:
d0:59:31:19:5a:f4:e7:3d:88:b3:ad:4c:f4:4a:87:68:1e:5f:
e2:77:c5:4c:2b:dd:fb:b8:55:b1:04:6d:7a:40:bb:29:6b:5b:
6c:c8:e2:ca:91:29:66:d2:f3:24:a4:1d:ca:18:9d:e9:84:b4:
0f:c5:3a:ac:b0:18:3e:d1:16:fe:a0:8a:67:5e:42:03:9c:f5:
d2:93:1d:78:c5:a1:5a:92:a3:3e:8b:71:08:16:2f:6e:22:de:
9f:51:7c:7f:22:ff:ad:af:d2:b2:4f:c3:dc:db:2b:d8:9a:41:
c4:b3:4a:dc:24:e4:d9:8c:86:b3:55:b1:bb:61:85:76:3f:1c:
84:80:3f:d3:3b:8f:44:b0:27:14:a6:33:59:71:05:60:f5:f4:
10:49:c8:2e:d1:a2:21:56:83:81:b7:d0:ef:b9:93:91:b5:7e:
20:15:4a:29:98:2f:e1:1f:95:d2:2d:52:0f:0a:fd:a2:94:53:
45:38:0c:e5:c9:2d:c9:78:5d:38:4c:f8:7b:87:0d:c6:7c:1a:
21:55:44:3b:43:ea:fa:ec:76:0c:c8:df:ab:c6:ad:d3:30:4f:
29:03:d4:cf
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDN8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MzA1NThaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZFNjgwODFEOTcwNzQx
QjM4MjkxOTAzREJCNTQxRjZEMEI2RjM4NDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpW8tsnC/uvfZw/XElIWEv3NyHNY8LkYNhyor21PKNQVM8oxxd
2VWmdBAOi1qv7cpXvWhRkoD9XAQYdfmBaTGRwu3dkdCbBpi1ACtWyF++ftH5p1RO
JI8ngbfoDKLM+m5Nx5EL9hVA9yiubjEdVpwJ6BHJyegkXn33UcWq9MoRoNOLYYKz
Rpl0LUeZodD/COBv/F+wt+9zC9CPlz5Z5lvgX5B7Lo5iJxDyhqBy+4FSYJ1D8pJp
6qRFlMCejatZFEsDwn+heaDb1hN2P+q0jrhiDaiOT0ApTRU1VKDQSrM4tOEHUQE0
pnw3V8FOmmULt8G4tMvW3ny5f2B0lcA2KmF9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUbmgIHZcHQbOCkZA9u1QfbQtvOEcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvYm1nSUhaY0hRYk9Da1pBOXUxUWZi
UXR2T0VjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLJIDAN
BgkqhkiG9w0BAQsFAAOCAQEAot/Qj/ozrt10Udoj/vGYkTMgVoNtgHo/t/c7xj4E
An08ABOB0FkxGVr05z2Is61M9EqHaB5f4nfFTCvd+7hVsQRtekC7KWtbbMjiypEp
ZtLzJKQdyhid6YS0D8U6rLAYPtEW/qCKZ15CA5z10pMdeMWhWpKjPotxCBYvbiLe
n1F8fyL/ra/Ssk/D3Nsr2JpBxLNK3CTk2YyGs1Wxu2GFdj8chIA/0zuPRLAnFKYz
WXEFYPX0EEnILtGiIVaDgbfQ77mTkbV+IBVKKZgv4R+V0i1SDwr9opRTRTgM5ckt
yXhdOEz4e4cNxnwaIVVEO0Pq+ux2DMjfq8at0zBPKQPUzw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org