Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/e3lecqYRiWhOjfN0K2bog9vlozM.roa
File: e3lecqYRiWhOjfN0K2bog9vlozM.roa (raw, json)
Hash identifier: 1NdAtmNHP1XS3PrcqAkmiM7sAxwreUa6H/+e+Pl7NfM=
Subject key identifier: 7B:79:5E:72:A6:11:89:68:4E:8D:F3:74:2B:66:E8:83:DB:E5:A3:33
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 127C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/e3lecqYRiWhOjfN0K2bog9vlozM.roa
Signing time: Fri 01 Sep 2023 08:04:32 +0000
ROA not before: Fri 01 Sep 2023 08:04:32 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 210.201.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4732 (0x127c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:32 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=7B795E72A61189684E8DF3742B66E883DBE5A333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:11:59:e0:9a:09:69:8a:cf:20:40:c4:0b:d7:
fa:7a:dd:ca:a1:f8:41:07:cb:28:e5:65:27:48:d7:
6a:42:22:0b:aa:9f:8e:68:4a:4e:a2:25:93:4d:60:
6b:13:53:d4:97:4b:ea:b3:90:f8:91:fd:c5:17:bf:
96:aa:90:4d:0e:3e:28:5a:ec:ca:d2:27:38:51:81:
86:1e:c4:bb:37:45:c2:69:c7:31:d2:31:ba:88:97:
c5:af:b0:eb:da:d8:e2:2d:85:48:a8:ff:43:4b:df:
9f:1e:57:a0:84:1a:36:20:3d:7e:fe:c2:85:e9:e9:
03:46:cd:d8:34:69:5a:ee:fe:c0:6f:ac:03:9e:b0:
d1:df:6f:aa:ea:8d:41:11:4e:22:9c:ec:27:5d:41:
9b:a6:46:1d:5c:11:21:c0:61:d7:1b:83:db:c6:6c:
f3:7a:bd:25:22:5b:18:84:cd:bd:90:1f:d4:c0:1c:
02:6e:a0:47:8a:4c:c3:4a:46:96:69:0a:9f:f5:0b:
ee:31:40:d9:a5:01:51:09:c3:f0:3f:14:44:32:7d:
3f:36:75:2f:73:e3:24:e2:3c:d6:4b:ad:4e:f0:d1:
a3:42:ca:48:49:07:ec:14:55:3d:ef:39:0e:fa:7a:
74:5a:a1:2b:9d:6d:83:9e:b0:00:90:a7:78:31:3e:
16:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:79:5E:72:A6:11:89:68:4E:8D:F3:74:2B:66:E8:83:DB:E5:A3:33
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/e3lecqYRiWhOjfN0K2bog9vlozM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.0.0/16
Signature Algorithm: sha256WithRSAEncryption
83:e7:10:50:56:e7:cf:e4:e1:9a:4e:d2:2e:64:b1:fc:da:d2:
07:af:c5:1d:7f:f0:06:c8:72:9d:3d:d9:b2:c2:a7:80:4d:45:
88:55:b9:c5:c9:18:05:41:d1:99:53:50:23:e1:da:13:78:76:
5f:30:38:0c:1f:f4:42:52:5c:a6:67:30:98:b6:0c:d8:69:da:
cb:3b:78:ff:61:2e:34:46:1c:ef:ce:93:8c:b5:b0:5d:a2:cd:
d2:6a:4a:3e:77:26:83:7c:db:2d:ad:4f:50:68:a0:a7:cc:24:
59:3f:09:9e:4c:f2:f8:cc:ca:ca:7e:98:5a:93:fe:b7:55:c5:
29:f2:af:3a:bc:25:cf:ae:25:64:5f:00:d9:71:9e:7a:4a:24:
39:54:fd:5e:b3:42:df:06:34:65:d7:61:38:ba:b9:10:bf:e0:
0d:e6:97:1c:97:e5:5c:d7:d9:34:81:81:a7:8a:5c:46:f4:1f:
54:77:38:f5:57:be:a3:c4:3e:a1:f6:11:d5:8f:00:77:8f:b1:
61:dc:b1:6c:99:b3:3b:be:46:0f:50:92:ca:b1:5e:bc:1f:3d:
86:f6:f8:d9:a9:d7:e2:39:48:f3:2c:06:27:a5:c4:b1:f2:be:
56:28:ed:8b:4e:ab:35:a0:bb:19:78:1c:dd:ba:f0:33:b1:25:
d1:3e:86:d1
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEnwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDdCNzk1RTcyQTYxMTg5
Njg0RThERjM3NDJCNjZFODgzREJFNUEzMzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6EVngmglpis8gQMQL1/p63cqh+EEHyyjlZSdI12pCIguqn45o
Sk6iJZNNYGsTU9SXS+qzkPiR/cUXv5aqkE0OPiha7MrSJzhRgYYexLs3RcJpxzHS
MbqIl8WvsOva2OIthUio/0NL358eV6CEGjYgPX7+woXp6QNGzdg0aVru/sBvrAOe
sNHfb6rqjUERTiKc7CddQZumRh1cESHAYdcbg9vGbPN6vSUiWxiEzb2QH9TAHAJu
oEeKTMNKRpZpCp/1C+4xQNmlAVEJw/A/FEQyfT82dS9z4yTiPNZLrU7w0aNCykhJ
B+wUVT3vOQ76enRaoSudbYOesACQp3gxPhbBAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUe3lecqYRiWhOjfN0K2bog9vlozMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZTNsZWNxWVJpV2hPamZOMEsyYm9n
OXZsb3pNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANLJMA0G
CSqGSIb3DQEBCwUAA4IBAQCD5xBQVufP5OGaTtIuZLH82tIHr8Udf/AGyHKdPdmy
wqeATUWIVbnFyRgFQdGZU1Aj4doTeHZfMDgMH/RCUlymZzCYtgzYadrLO3j/YS40
RhzvzpOMtbBdos3Sako+dyaDfNstrU9QaKCnzCRZPwmeTPL4zMrKfphak/63VcUp
8q86vCXPriVkXwDZcZ56SiQ5VP1es0LfBjRl12E4urkQv+AN5pccl+Vc19k0gYGn
ilxG9B9Udzj1V76jxD6h9hHVjwB3j7Fh3LFsmbM7vkYPUJLKsV68Hz2G9vjZqdfi
OUjzLAYnpcSx8r5WKO2LTqs1oLsZeBzduvAzsSXRPobR
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org