Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/dc-oiQstu0hSYeR-99G_W95IN3I.roa
File: dc-oiQstu0hSYeR-99G_W95IN3I.roa (raw, json)
Hash identifier: fE4brColaIHClo8iuUPZboniVJNmZUNKYJ5FG7L2nWk=
Subject key identifier: 75:CF:A8:89:0B:2D:BB:48:52:61:E4:7E:F7:D1:BF:5B:DE:48:37:72
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1315
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/dc-oiQstu0hSYeR-99G_W95IN3I.roa
Signing time: Fri 01 Sep 2023 08:05:21 +0000
ROA not before: Fri 01 Sep 2023 08:05:21 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 202.178.128.0/17 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4885 (0x1315)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:21 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=75CFA8890B2DBB485261E47EF7D1BF5BDE483772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:5f:99:06:58:8a:2d:6a:3f:c2:bd:00:a2:05:
8f:5e:f2:62:ac:11:68:81:b1:51:f8:07:8e:b4:71:
d7:8b:5a:67:18:01:32:33:36:ac:ca:29:cf:69:eb:
8f:2a:62:03:36:3c:b8:23:1b:06:13:1a:d4:20:3c:
a6:4e:54:85:b6:7b:79:f7:b5:b8:1f:24:88:79:f2:
4f:af:13:06:74:7f:ad:ec:bd:39:5a:ff:1d:c0:25:
40:b3:df:bc:05:6b:5b:26:fc:46:df:05:fa:f6:df:
9e:bc:77:52:5b:02:45:04:ba:ce:85:a4:6f:5c:f2:
b7:38:b5:e7:2e:4b:1f:20:d8:3a:ab:1e:a1:1b:1e:
75:d0:20:59:4e:66:2c:97:d4:62:95:5b:66:ee:b0:
bb:d1:97:37:6e:32:e9:24:c2:15:e8:0a:95:86:20:
be:22:a4:e8:06:56:da:48:0f:7c:c6:e3:f1:dc:78:
4d:62:9a:79:58:b9:5a:2e:bd:f4:67:55:5a:ed:11:
82:56:57:40:02:18:50:71:a4:8b:98:9d:2d:98:b1:
c9:e6:29:c3:ab:aa:d1:39:3d:82:65:e9:e6:7d:b7:
d0:e9:be:50:0a:b7:75:80:f4:cb:7e:8b:97:9e:1a:
c2:92:d4:e5:d4:fb:07:da:53:25:03:41:5e:0b:fa:
f2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CF:A8:89:0B:2D:BB:48:52:61:E4:7E:F7:D1:BF:5B:DE:48:37:72
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/dc-oiQstu0hSYeR-99G_W95IN3I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.178.128.0/17
Signature Algorithm: sha256WithRSAEncryption
88:52:2b:02:4b:e4:1d:e2:37:ab:88:b6:af:27:37:0a:6d:78:
ef:56:e0:17:c4:01:8c:61:e0:9c:1e:5f:2d:b0:b4:91:98:46:
9a:f7:e5:18:30:b8:05:c8:c9:15:b4:3a:92:73:1e:e5:92:0a:
e3:f8:18:18:e5:4e:9f:7e:f8:96:ef:f1:d5:38:e6:d4:34:cf:
45:aa:60:52:88:e7:46:a3:b2:11:94:1d:14:83:65:b6:a8:f6:
04:4b:4d:b1:5a:9f:be:db:a9:34:22:6a:a7:39:ed:34:e5:b2:
5d:60:51:3a:da:33:12:f1:54:3c:c8:98:ff:d1:cf:b0:ed:1b:
80:27:e6:ff:d5:74:d0:b4:12:2c:26:01:26:27:3e:36:72:30:
77:f3:f9:0e:a8:0d:a2:41:2a:27:94:dc:ea:28:9a:9f:14:e3:
20:89:70:4f:1b:bf:0b:44:a5:3d:ad:77:c2:a0:09:9b:22:d8:
09:77:1e:24:33:da:62:1d:57:3e:45:e8:ba:c9:49:6a:43:62:
e6:40:8e:2f:74:21:42:bd:d8:02:25:b2:cb:42:74:f5:fe:8c:
34:1f:de:9b:38:ed:56:de:30:ec:73:b3:81:37:e2:e2:4a:3b:
1d:0c:0c:41:e6:69:21:fe:c7:52:6a:7f:2b:12:2b:32:f8:16:
fb:c7:84:08
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICExUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDc1Q0ZBODg5MEIyREJC
NDg1MjYxRTQ3RUY3RDFCRjVCREU0ODM3NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGX5kGWIotaj/CvQCiBY9e8mKsEWiBsVH4B460cdeLWmcYATIz
NqzKKc9p648qYgM2PLgjGwYTGtQgPKZOVIW2e3n3tbgfJIh58k+vEwZ0f63svTla
/x3AJUCz37wFa1sm/EbfBfr23568d1JbAkUEus6FpG9c8rc4tecuSx8g2DqrHqEb
HnXQIFlOZiyX1GKVW2busLvRlzduMukkwhXoCpWGIL4ipOgGVtpID3zG4/HceE1i
mnlYuVouvfRnVVrtEYJWV0ACGFBxpIuYnS2YscnmKcOrqtE5PYJl6eZ9t9DpvlAK
t3WA9Mt+i5eeGsKS1OXU+wfaUyUDQV4L+vIDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUdc+oiQstu0hSYeR+99G/W95IN3IwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZGMtb2lRc3R1MGhTWWVSLTk5R19X
OTVJTjNJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8qygDAN
BgkqhkiG9w0BAQsFAAOCAQEAiFIrAkvkHeI3q4i2ryc3Cm1471bgF8QBjGHgnB5f
LbC0kZhGmvflGDC4BcjJFbQ6knMe5ZIK4/gYGOVOn374lu/x1Tjm1DTPRapgUojn
RqOyEZQdFINltqj2BEtNsVqfvtupNCJqpzntNOWyXWBROtozEvFUPMiY/9HPsO0b
gCfm/9V00LQSLCYBJic+NnIwd/P5DqgNokEqJ5Tc6iianxTjIIlwTxu/C0SlPa13
wqAJmyLYCXceJDPaYh1XPkXouslJakNi5kCOL3QhQr3YAiWyy0J09f6MNB/emzjt
Vt4w7HOzgTfi4ko7HQwMQeZpIf7HUmp/KxIrMvgW+8eECA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org