Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/g3LW_hseBRrDRJPcmrD7kehmX-A.roa
File: g3LW_hseBRrDRJPcmrD7kehmX-A.roa (raw, json)
Hash identifier: AIXSo3kFtyoyc1KHNXJ062AfARsDDjN0U7/GPthBHZc=
Subject key identifier: 83:72:D6:FE:1B:1E:05:1A:C3:44:93:DC:9A:B0:FB:91:E8:66:5F:E0
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0DE8
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/g3LW_hseBRrDRJPcmrD7kehmX-A.roa
Signing time: Wed 29 Sep 2021 02:39:44 +0000
ROA not before: Wed 29 Sep 2021 02:39:44 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 24154
IP address blocks: 210.202.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3560 (0xde8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 29 02:39:44 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=8372D6FE1B1E051AC34493DC9AB0FB91E8665FE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:00:0a:a5:07:89:f8:09:fb:83:de:2d:32:62:
fc:c5:6b:ed:dc:d4:5c:1e:d5:f9:d7:71:16:43:de:
af:ed:c8:57:8f:1b:0d:3e:66:15:b2:46:e6:cb:55:
bc:5a:bf:3e:02:91:b3:e1:c8:a8:3e:55:79:a7:f0:
0d:7a:42:14:a4:0f:d5:66:bf:f2:02:33:b0:95:39:
a1:a3:99:04:d4:94:09:11:24:77:e2:19:1f:2a:22:
3c:62:bb:c3:6b:6c:93:c0:bb:d0:40:61:9a:1d:50:
ad:0c:89:5a:6c:31:a4:02:57:66:76:22:32:24:f8:
cf:a7:9a:6b:ab:32:0f:b0:b4:e7:17:56:a5:c0:d0:
58:99:19:59:12:e2:60:c0:f3:96:b7:e1:6a:17:9b:
24:01:8b:92:dd:8d:9e:0e:dc:38:62:78:ee:34:c5:
74:a9:dd:13:af:0a:c8:14:5b:e5:9d:e0:b9:8a:3b:
52:76:ee:93:b0:be:8a:7b:cc:d6:1d:06:5c:d3:a6:
18:8c:b4:25:61:ae:71:18:45:2f:c8:50:1f:b5:f9:
28:db:7f:9c:c5:f1:42:a4:d5:03:47:d9:c7:cb:7b:
ef:2e:96:bd:34:d7:03:66:0a:c6:55:71:77:e1:4c:
d2:e0:4a:20:64:d1:6b:c6:50:92:7f:f3:b7:1f:9d:
66:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:72:D6:FE:1B:1E:05:1A:C3:44:93:DC:9A:B0:FB:91:E8:66:5F:E0
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/g3LW_hseBRrDRJPcmrD7kehmX-A.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.32.0/20
Signature Algorithm: sha256WithRSAEncryption
88:c1:c1:ab:57:3b:9f:65:e1:ad:51:fd:db:9d:c0:87:7e:af:
2a:1e:e0:3f:d0:fd:15:25:7a:65:12:72:c3:40:ae:17:93:5d:
80:f6:c2:14:b4:bc:40:a0:f9:d8:45:0d:a5:1b:7c:01:54:8b:
e5:c5:de:82:52:57:a6:76:98:52:8f:9e:16:ae:a2:0d:c7:88:
d2:83:47:e9:84:6e:24:f8:b2:18:e3:74:df:61:f2:0f:50:32:
b0:09:23:10:c3:78:6a:30:c9:42:c9:47:80:bd:76:88:ec:f0:
34:2a:5c:4f:a2:c4:1e:1b:9f:9b:ea:51:c7:4c:f1:41:d7:ce:
3c:ba:98:f1:e8:37:60:a9:f4:b7:e7:1f:4c:9d:3b:06:45:3c:
c6:2c:67:4c:d1:2e:2a:59:ef:3d:71:eb:7a:f6:f9:52:13:17:
75:33:e0:3b:d3:85:02:5a:34:fe:31:3d:01:46:47:5a:8d:90:
26:07:f2:3e:32:46:b1:ea:90:ec:e4:a7:47:bd:3e:a8:c4:3c:
0f:b0:bd:4e:26:93:23:26:d4:72:c8:0a:c6:22:bc:83:9e:7a:
36:cc:ef:54:cc:6c:45:95:0f:b1:2c:eb:42:28:28:6b:de:5e:
20:59:99:65:fb:47:81:a3:90:87:fd:40:5e:10:28:2f:e9:9d:
87:ed:61:1d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDegwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTA5Mjkw
MjM5NDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDgzNzJENkZFMUIxRTA1
MUFDMzQ0OTNEQzlBQjBGQjkxRTg2NjVGRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvAAqlB4n4CfuD3i0yYvzFa+3c1Fwe1fnXcRZD3q/tyFePGw0+
ZhWyRubLVbxavz4CkbPhyKg+VXmn8A16QhSkD9Vmv/ICM7CVOaGjmQTUlAkRJHfi
GR8qIjxiu8NrbJPAu9BAYZodUK0MiVpsMaQCV2Z2IjIk+M+nmmurMg+wtOcXVqXA
0FiZGVkS4mDA85a34WoXmyQBi5LdjZ4O3DhieO40xXSp3ROvCsgUW+Wd4LmKO1J2
7pOwvop7zNYdBlzTphiMtCVhrnEYRS/IUB+1+Sjbf5zF8UKk1QNH2cfLe+8ulr00
1wNmCsZVcXfhTNLgSiBk0WvGUJJ/87cfnWbRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUg3LW/hseBRrDRJPcmrD7kehmX+AwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvZzNMV19oc2VCUnJEUkpQY21yRDdr
ZWhtWC1BLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLKIDAN
BgkqhkiG9w0BAQsFAAOCAQEAiMHBq1c7n2XhrVH9253Ah36vKh7gP9D9FSV6ZRJy
w0CuF5NdgPbCFLS8QKD52EUNpRt8AVSL5cXeglJXpnaYUo+eFq6iDceI0oNH6YRu
JPiyGON032HyD1AysAkjEMN4ajDJQslHgL12iOzwNCpcT6LEHhufm+pRx0zxQdfO
PLqY8eg3YKn0t+cfTJ07BkU8xixnTNEuKlnvPXHrevb5UhMXdTPgO9OFAlo0/jE9
AUZHWo2QJgfyPjJGseqQ7OSnR70+qMQ8D7C9TiaTIybUcsgKxiK8g556NszvVMxs
RZUPsSzrQigoa95eIFmZZftHgaOQh/1AXhAoL+mdh+1hHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org