Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hBjxQyz5EaRrXFbMxZ6zDSfW9is.roa
File: hBjxQyz5EaRrXFbMxZ6zDSfW9is.roa (raw, json)
Hash identifier: y8VtIcka34XKDYmK2DgB5gGGGtvGn6hEhBAIC+36dMQ=
Subject key identifier: 84:18:F1:43:2C:F9:11:A4:6B:5C:56:CC:C5:9E:B3:0D:27:D6:F6:2B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 128F
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hBjxQyz5EaRrXFbMxZ6zDSfW9is.roa
Signing time: Fri 01 Sep 2023 08:04:38 +0000
ROA not before: Fri 01 Sep 2023 08:04:38 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131142
IP address blocks: 223.22.252.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4751 (0x128f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:38 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8418F1432CF911A46B5C56CCC59EB30D27D6F62B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1e:84:c7:0a:52:2a:5b:34:f4:3f:ea:e4:98:
79:9d:80:65:fe:c1:74:28:a3:fb:e7:ee:e4:ed:bb:
d2:63:e9:99:66:f4:28:0a:46:08:de:df:1b:72:a2:
0f:3d:d1:65:a5:ce:65:3c:8f:b7:00:5c:ea:30:1c:
73:72:51:35:64:90:2c:30:51:87:c3:87:b6:e7:97:
d0:b6:5b:5d:b4:69:a8:2f:4e:66:82:90:74:8a:42:
4d:af:8e:a2:12:dd:1e:fe:24:34:c8:1c:82:6f:8c:
6c:cc:6f:15:46:46:41:a6:27:51:53:c0:fd:5f:32:
47:b9:26:dd:e1:35:e5:cd:04:03:f0:00:a2:37:16:
86:8f:1b:29:1c:c5:7d:05:d7:e1:71:d0:a8:ac:7d:
f7:73:6c:d8:33:4f:d2:ae:11:ea:1e:f3:8b:9a:50:
41:99:c9:79:f3:ef:4d:19:fd:6a:05:76:2c:af:57:
6a:68:5a:70:a1:91:d8:5b:00:8d:d4:42:97:f0:3f:
24:e7:96:f1:d8:89:5f:3b:7c:af:9a:79:e6:14:b6:
ff:f8:ff:fc:58:48:aa:c0:90:af:98:6c:25:00:a8:
dc:80:dc:ec:7c:14:32:e2:48:49:4d:ad:34:cc:59:
59:0a:4b:f8:2c:dd:bc:0a:19:4e:7f:a8:37:f1:ad:
cc:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:18:F1:43:2C:F9:11:A4:6B:5C:56:CC:C5:9E:B3:0D:27:D6:F6:2B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hBjxQyz5EaRrXFbMxZ6zDSfW9is.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.252.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:5b:59:7b:52:28:05:3a:c6:1f:97:ce:b1:17:fb:1b:3e:e8:
a9:bb:23:cc:c2:2e:ea:6e:91:33:db:c0:87:ed:41:99:b9:f8:
b0:1a:f1:b1:c6:43:35:3f:20:42:ee:f8:c0:cb:a7:39:9f:2b:
ff:c8:4c:25:c4:5a:e7:b0:c5:28:75:a3:d5:78:0c:a2:7c:0b:
4f:cd:d2:94:d8:09:19:2e:7b:ab:81:c3:77:3c:c4:9b:7f:9f:
d2:3a:b7:80:42:52:b3:fe:4e:3c:b3:c5:ac:78:93:6b:b8:6c:
f3:7a:e4:97:5b:2e:42:77:b4:e5:79:0d:ac:10:31:f2:33:73:
6e:aa:eb:de:92:58:32:de:d5:e0:52:f0:eb:ec:05:d8:a7:27:
0d:45:66:55:3c:8e:b6:4d:dc:a3:7a:df:3f:b6:41:12:0d:4b:
8b:75:fe:ce:dc:86:9e:1e:dc:13:74:26:1e:b0:d5:55:f3:d1:
bd:d7:84:83:6e:b3:e5:02:07:9a:c2:fc:6b:4c:7e:51:ba:59:
f7:9b:4b:d6:d6:be:98:5e:84:6d:fc:7c:cc:f2:e3:94:d0:c2:
fa:1d:9a:dd:ad:01:91:c8:eb:0c:41:55:3a:47:a6:0d:c9:0b:
c5:78:bf:08:1e:b6:70:29:6e:0f:c4:16:c4:aa:92:21:97:eb:
94:0d:08:3d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg0MThGMTQzMkNGOTEx
QTQ2QjVDNTZDQ0M1OUVCMzBEMjdENkY2MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7HoTHClIqWzT0P+rkmHmdgGX+wXQoo/vn7uTtu9Jj6Zlm9CgK
Rgje3xtyog890WWlzmU8j7cAXOowHHNyUTVkkCwwUYfDh7bnl9C2W120aagvTmaC
kHSKQk2vjqIS3R7+JDTIHIJvjGzMbxVGRkGmJ1FTwP1fMke5Jt3hNeXNBAPwAKI3
FoaPGykcxX0F1+Fx0KisffdzbNgzT9KuEeoe84uaUEGZyXnz700Z/WoFdiyvV2po
WnChkdhbAI3UQpfwPyTnlvHYiV87fK+aeeYUtv/4//xYSKrAkK+YbCUAqNyA3Ox8
FDLiSElNrTTMWVkKS/gs3bwKGU5/qDfxrcybAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhBjxQyz5EaRrXFbMxZ6zDSfW9iswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaEJqeFF5ejVFYVJyWEZiTXhaNnpE
U2ZXOWlzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8W/DAN
BgkqhkiG9w0BAQsFAAOCAQEAiltZe1IoBTrGH5fOsRf7Gz7oqbsjzMIu6m6RM9vA
h+1Bmbn4sBrxscZDNT8gQu74wMunOZ8r/8hMJcRa57DFKHWj1XgMonwLT83SlNgJ
GS57q4HDdzzEm3+f0jq3gEJSs/5OPLPFrHiTa7hs83rkl1suQne05XkNrBAx8jNz
bqrr3pJYMt7V4FLw6+wF2KcnDUVmVTyOtk3co3rfP7ZBEg1Li3X+ztyGnh7cE3Qm
HrDVVfPRvdeEg26z5QIHmsL8a0x+UbpZ95tL1ta+mF6Ebfx8zPLjlNDC+h2a3a0B
kcjrDEFVOkemDckLxXi/CB62cCluD8QWxKqSIZfrlA0IPQ==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org