Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/f3X5cuVB-NnqG3sCBok4iwBrpsI.roa
File: f3X5cuVB-NnqG3sCBok4iwBrpsI.roa (raw, json)
Hash identifier: 3zvmKS25S2dAGvnKhZeIup7B48cccsWmix42N0+NLHc=
Subject key identifier: 7F:75:F9:72:E5:41:F8:D9:EA:1B:7B:02:06:89:38:8B:00:6B:A6:C2
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1303
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/f3X5cuVB-NnqG3sCBok4iwBrpsI.roa
Signing time: Fri 01 Sep 2023 08:05:17 +0000
ROA not before: Fri 01 Sep 2023 08:05:17 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 210.63.192.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4867 (0x1303)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:17 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=7F75F972E541F8D9EA1B7B020689388B006BA6C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:0c:cb:52:37:a7:97:2d:7f:c5:ba:02:27:c0:
d3:20:2a:21:63:6e:a1:57:75:2b:cd:02:00:8f:59:
8e:b8:74:ad:01:d5:1b:ab:1f:d0:d8:e5:38:3f:a7:
53:3c:22:37:a2:1d:5c:56:83:f1:ba:b9:0a:12:fe:
20:a7:35:a0:82:c6:14:ba:72:33:7d:95:c4:62:c4:
3f:03:5d:05:71:07:7a:77:08:c8:85:44:2e:f8:0d:
90:bc:ce:6b:a3:38:1f:eb:43:b0:30:ba:95:e6:35:
5d:2c:e6:46:10:6f:e8:48:f3:25:36:13:f7:35:72:
29:38:84:d4:da:0e:ee:df:2e:49:c5:91:74:de:42:
ff:05:72:09:da:5a:68:48:00:0e:ca:c3:9d:15:ce:
b2:6a:05:d0:61:9f:8f:98:34:38:a5:5f:93:16:07:
8d:e6:73:b1:bc:69:7d:fb:1f:e6:99:b8:5e:f3:5b:
65:34:bc:77:0a:80:d4:f0:4c:e5:f5:0c:0d:8b:c5:
94:54:7c:b4:92:b1:eb:4b:11:88:1d:74:4a:21:e2:
5f:3f:31:54:e7:e0:9e:a1:0f:09:72:0b:07:ef:c3:
c4:31:d5:b5:99:82:83:5b:ac:e6:42:bb:2b:f2:51:
10:31:60:0c:c8:4e:a1:82:18:ac:d4:47:75:94:0e:
d6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:75:F9:72:E5:41:F8:D9:EA:1B:7B:02:06:89:38:8B:00:6B:A6:C2
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/f3X5cuVB-NnqG3sCBok4iwBrpsI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.192.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:62:76:3f:7d:cd:56:74:b7:ef:16:66:b2:4c:1c:de:b6:94:
26:cf:40:09:37:03:91:cf:37:81:06:92:6c:ad:b5:5d:50:c0:
5b:c7:03:bf:76:47:56:5a:35:03:44:12:1e:66:0b:81:c1:86:
45:fd:26:e2:32:a6:8b:30:60:11:a7:e3:7f:c0:b2:bb:3e:70:
01:da:c6:c4:4c:a0:29:67:ad:c2:de:58:1b:c1:d3:22:38:f6:
e4:93:e2:06:6b:28:8f:ba:2e:21:59:9e:b0:4e:21:1e:9a:ea:
16:8d:02:4d:d4:3c:05:75:d6:80:90:b0:51:ce:ce:ac:22:40:
63:51:bc:cd:4b:85:7a:15:7e:1c:4b:55:87:6b:1c:e6:56:b0:
15:25:b5:36:32:13:ca:e6:37:a7:67:f0:7e:fe:da:15:e4:0c:
4d:c0:22:55:41:24:72:9c:bd:89:1d:cb:ef:0b:b0:43:e0:0a:
07:1c:de:62:94:51:57:3e:ca:36:f8:9f:53:7a:49:98:e0:29:
67:02:96:5c:67:c8:76:8a:c9:de:d5:d8:64:4e:b9:b1:86:f0:
5c:6c:6d:82:06:13:2b:d1:c1:75:53:8e:95:88:2e:01:16:be:
fe:3c:8f:7f:fc:f6:67:a6:39:26:7f:7a:02:c6:24:50:0f:5f:
47:34:0c:9e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEwMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDdGNzVGOTcyRTU0MUY4
RDlFQTFCN0IwMjA2ODkzODhCMDA2QkE2QzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxDMtSN6eXLX/FugInwNMgKiFjbqFXdSvNAgCPWY64dK0B1Rur
H9DY5Tg/p1M8IjeiHVxWg/G6uQoS/iCnNaCCxhS6cjN9lcRixD8DXQVxB3p3CMiF
RC74DZC8zmujOB/rQ7AwupXmNV0s5kYQb+hI8yU2E/c1cik4hNTaDu7fLknFkXTe
Qv8FcgnaWmhIAA7Kw50VzrJqBdBhn4+YNDilX5MWB43mc7G8aX37H+aZuF7zW2U0
vHcKgNTwTOX1DA2LxZRUfLSSsetLEYgddEoh4l8/MVTn4J6hDwlyCwfvw8Qx1bWZ
goNbrOZCuyvyURAxYAzITqGCGKzUR3WUDtbDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUf3X5cuVB+NnqG3sCBok4iwBrpsIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZjNYNWN1VkItTm5xRzNzQ0JvazRp
d0JycHNJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I/wDAN
BgkqhkiG9w0BAQsFAAOCAQEAO2J2P33NVnS37xZmskwc3raUJs9ACTcDkc83gQaS
bK21XVDAW8cDv3ZHVlo1A0QSHmYLgcGGRf0m4jKmizBgEafjf8Cyuz5wAdrGxEyg
KWetwt5YG8HTIjj25JPiBmsoj7ouIVmesE4hHprqFo0CTdQ8BXXWgJCwUc7OrCJA
Y1G8zUuFehV+HEtVh2sc5lawFSW1NjITyuY3p2fwfv7aFeQMTcAiVUEkcpy9iR3L
7wuwQ+AKBxzeYpRRVz7KNvifU3pJmOApZwKWXGfIdorJ3tXYZE65sYbwXGxtggYT
K9HBdVOOlYguARa+/jyPf/z2Z6Y5Jn96AsYkUA9fRzQMng==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org