Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/fzdxFsk0fsGrG1wSE-in0C8EWOU.roa
File: fzdxFsk0fsGrG1wSE-in0C8EWOU.roa (raw, json)
Hash identifier: nqr1/cnQpgILrTgbbdv9JgfgeHGZ+g7svh8HIf8R8XA=
Subject key identifier: 7F:37:71:16:C9:34:7E:C1:AB:1B:5C:12:13:E8:A7:D0:2F:04:58:E5
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0911
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/fzdxFsk0fsGrG1wSE-in0C8EWOU.roa
Signing time: Tue 29 Sep 2020 10:01:25 +0000
ROA not before: Tue 29 Sep 2020 10:01:25 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 22787
IP address blocks: 210.58.91.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2321 (0x911)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 10:01:25 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=7F377116C9347EC1AB1B5C1213E8A7D02F0458E5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:85:35:e8:6a:23:4c:06:e0:89:66:8b:ee:fe:
a3:06:12:6a:85:c7:a1:b4:48:2f:8d:43:f9:84:8f:
67:f5:d7:e1:02:d8:02:08:80:c2:b6:af:cf:38:6e:
b3:1e:26:4a:76:ba:b8:b2:16:3b:ec:32:ce:bc:e2:
b1:5d:c4:da:06:89:db:ca:0c:9c:f2:67:a4:3b:a9:
00:52:29:55:c5:6a:4a:c3:7e:01:13:5c:14:db:ec:
2d:5a:16:16:02:a2:61:d7:ed:f8:8c:ae:21:b8:00:
a0:9f:bf:0f:43:0b:55:40:fa:fd:99:5b:01:c7:63:
25:47:b4:08:6e:24:0e:bb:04:f1:d3:b5:f8:7e:32:
0d:0f:bf:12:64:64:3b:ba:56:5a:10:1c:90:5c:92:
cf:a2:07:67:c0:21:15:c0:63:aa:3d:b8:ea:5d:09:
eb:28:01:39:9c:5b:b1:8b:80:10:c8:4f:8f:98:f5:
e1:c7:f0:f0:03:54:68:d5:77:1c:90:eb:fe:9d:9b:
dd:00:7d:97:7e:95:24:6c:0a:92:62:39:12:e7:2c:
ec:98:74:33:54:75:ce:ce:9b:f2:d7:10:c0:36:0e:
eb:76:be:61:20:87:e3:35:93:d0:8e:39:cf:e5:67:
98:15:6f:ed:b9:f9:0e:b3:bd:db:93:90:fa:2e:43:
0e:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:37:71:16:C9:34:7E:C1:AB:1B:5C:12:13:E8:A7:D0:2F:04:58:E5
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/fzdxFsk0fsGrG1wSE-in0C8EWOU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.58.91.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:aa:ef:20:34:18:5c:d1:1b:9f:83:12:b0:81:48:db:d0:51:
f4:22:ce:8f:08:c5:60:a2:52:d8:1b:b8:00:d3:13:9f:1e:27:
ed:56:a8:a0:e8:46:3c:50:73:cb:36:b6:26:8d:8d:0f:70:f1:
32:68:04:ea:93:c1:ff:12:6e:57:71:bd:2f:98:e4:55:83:fc:
20:8f:e5:84:2c:8f:34:3f:56:d5:71:a4:40:34:29:e9:20:31:
bb:25:04:eb:32:93:74:19:e4:22:9a:dc:bc:53:b9:05:4f:99:
99:c1:99:c0:49:d5:c5:3e:f8:cb:d8:83:43:be:f1:68:ac:1d:
a1:ee:e7:e7:e8:4b:c7:14:43:44:1d:26:d3:c1:61:26:cb:05:
24:f2:e8:fb:bd:f5:6b:9d:07:82:74:20:49:39:29:ce:2e:4f:
94:e1:06:7b:c2:ed:9a:61:8a:7c:77:7c:53:d1:f0:aa:35:b6:
34:ff:35:ea:0a:3f:73:1f:11:74:9f:f5:9e:c8:41:a1:7e:ea:
f7:81:d9:c8:4e:9a:44:5b:bf:a7:f1:47:d3:4a:92:e2:5c:aa:
40:c8:16:f8:f9:b6:1a:a2:cc:76:e2:95:e7:58:f7:5f:df:09:
ae:fa:da:a9:a8:69:f4:da:94:44:e3:7d:06:b4:73:3c:44:04:
a4:ac:ef:1b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCREwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMDA5Mjkx
MDAxMjVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDdGMzc3MTE2QzkzNDdF
QzFBQjFCNUMxMjEzRThBN0QwMkYwNDU4RTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAhTXoaiNMBuCJZovu/qMGEmqFx6G0SC+NQ/mEj2f11+EC2AII
gMK2r884brMeJkp2uriyFjvsMs684rFdxNoGidvKDJzyZ6Q7qQBSKVXFakrDfgET
XBTb7C1aFhYComHX7fiMriG4AKCfvw9DC1VA+v2ZWwHHYyVHtAhuJA67BPHTtfh+
Mg0PvxJkZDu6VloQHJBcks+iB2fAIRXAY6o9uOpdCesoATmcW7GLgBDIT4+Y9eHH
8PADVGjVdxyQ6/6dm90AfZd+lSRsCpJiORLnLOyYdDNUdc7Om/LXEMA2Dut2vmEg
h+M1k9COOc/lZ5gVb+25+Q6zvduTkPouQw4RAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUfzdxFsk0fsGrG1wSE+in0C8EWOUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZnpkeEZzazBmc0dyRzF3U0UtaW4w
QzhFV09VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI6WzAN
BgkqhkiG9w0BAQsFAAOCAQEAmqrvIDQYXNEbn4MSsIFI29BR9CLOjwjFYKJS2Bu4
ANMTnx4n7VaooOhGPFBzyza2Jo2ND3DxMmgE6pPB/xJuV3G9L5jkVYP8II/lhCyP
ND9W1XGkQDQp6SAxuyUE6zKTdBnkIprcvFO5BU+ZmcGZwEnVxT74y9iDQ77xaKwd
oe7n5+hLxxRDRB0m08FhJssFJPLo+731a50HgnQgSTkpzi5PlOEGe8LtmmGKfHd8
U9HwqjW2NP816go/cx8RdJ/1nshBoX7q94HZyE6aRFu/p/FH00qS4lyqQMgW+Pm2
GqLMduKV51j3X98Jrvraqahp9NqURON9BrRzPEQEpKzvGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org