Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/hKyisANWqtxSpgxM5pdNGIsxZu0.roa
File: hKyisANWqtxSpgxM5pdNGIsxZu0.roa (raw, json)
Hash identifier: SLpPfSMBCNfTOYKXrYKM1Ksl3NHCBFSLDqTU1obuvt0=
Subject key identifier: 84:AC:A2:B0:03:56:AA:DC:52:A6:0C:4C:E6:97:4D:18:8B:31:66:ED
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hKyisANWqtxSpgxM5pdNGIsxZu0.roa
Signing time: Thu 15 Sep 2022 02:39:50 +0000
ROA not before: Thu 15 Sep 2022 02:39:50 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131142
IP address blocks: 210.200.0.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:39:50 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=84ACA2B00356AADC52A60C4CE6974D188B3166ED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3b:26:93:7e:2f:dc:6d:94:7f:cf:84:55:57:
ba:05:d3:bf:48:11:41:85:08:58:a0:b5:d9:dd:c4:
40:a6:a4:ff:6c:e0:fa:96:e2:8d:25:c7:d0:cc:a2:
df:f1:2e:15:d7:1b:26:48:14:67:cb:fb:42:bc:eb:
d8:c5:49:30:64:8a:39:d8:9a:50:78:e5:7d:d8:89:
25:29:d7:e1:d9:f4:de:29:d7:4d:f7:99:ce:0a:76:
77:7b:78:84:4c:94:5d:ac:27:67:3a:de:e2:e4:66:
99:4b:77:e4:33:11:07:16:0b:45:1b:7c:99:39:1a:
cd:32:c3:22:85:49:d7:3a:d6:b6:5e:e6:1a:f2:b8:
05:88:d9:20:6d:60:0a:81:b2:f4:67:b9:b6:65:c3:
95:b9:45:3b:99:27:8b:5e:79:02:6b:8b:10:c4:2c:
c5:2a:fc:12:75:e6:52:98:9d:5d:4b:11:2c:e9:b8:
3a:78:eb:fa:82:5c:fd:9c:19:2b:1e:fd:97:3f:ab:
74:17:00:2c:32:f1:ab:ce:e5:f9:77:b3:34:0a:29:
8d:05:bf:51:24:d6:cf:ce:c4:72:b9:93:71:76:a2:
5a:e9:4e:de:5d:54:54:57:3c:a4:bf:5a:1e:06:8f:
1a:00:48:bf:1e:b7:ec:12:19:33:94:a6:54:50:1c:
d3:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:AC:A2:B0:03:56:AA:DC:52:A6:0C:4C:E6:97:4D:18:8B:31:66:ED
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/hKyisANWqtxSpgxM5pdNGIsxZu0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.0.0/22
Signature Algorithm: sha256WithRSAEncryption
32:74:fd:4c:d8:30:60:a8:a4:cb:f5:98:59:a1:94:8f:b4:a5:
2f:cf:0e:3d:06:02:9f:1a:15:54:4b:25:9f:4b:c6:a2:14:b6:
78:d9:a9:87:3e:6c:df:6e:dc:96:51:1c:38:f3:88:c3:6b:64:
b0:30:9f:97:17:fe:e3:4a:72:6b:ec:f9:ab:90:a3:9d:32:61:
58:58:a3:fc:e2:84:0a:f2:85:d0:6c:64:e9:e0:82:36:02:a3:
40:b1:8b:99:fa:49:f7:33:c5:ef:db:b8:50:e8:7e:69:49:ef:
18:27:f7:c2:3a:64:e2:a6:0a:11:2d:2b:76:53:ce:9e:0b:cf:
1b:71:a6:73:6d:b8:a1:05:af:cb:76:8a:72:96:ea:bd:60:2d:
7f:19:87:53:d9:3e:c9:e6:77:cc:19:83:36:a6:a0:06:78:fb:
2e:a8:71:8a:7d:3f:ac:c1:e8:ba:63:ab:e1:c5:ef:68:50:39:
f9:14:13:a2:95:1e:b7:aa:76:de:7f:0c:6c:96:d1:a7:56:2e:
07:b3:64:f4:4c:2c:68:31:01:6c:18:6a:fb:ce:e3:99:da:3a:
5d:6e:cc:f9:a4:6d:4f:f2:53:23:49:b1:23:6a:57:dc:88:9f:
18:f1:0d:89:80:fc:89:ed:9c:71:62:32:ac:0f:a4:f0:0f:87:
7d:c7:02:a1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjM5NTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg0QUNBMkIwMDM1NkFB
REM1MkE2MEM0Q0U2OTc0RDE4OEIzMTY2RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdOyaTfi/cbZR/z4RVV7oF079IEUGFCFigtdndxECmpP9s4PqW
4o0lx9DMot/xLhXXGyZIFGfL+0K869jFSTBkijnYmlB45X3YiSUp1+HZ9N4p1033
mc4Kdnd7eIRMlF2sJ2c63uLkZplLd+QzEQcWC0UbfJk5Gs0ywyKFSdc61rZe5hry
uAWI2SBtYAqBsvRnubZlw5W5RTuZJ4teeQJrixDELMUq/BJ15lKYnV1LESzpuDp4
6/qCXP2cGSse/Zc/q3QXACwy8avO5fl3szQKKY0Fv1Ek1s/OxHK5k3F2olrpTt5d
VFRXPKS/Wh4GjxoASL8et+wSGTOUplRQHNOlAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhKyisANWqtxSpgxM5pdNGIsxZu0wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaEt5aXNBTldxdHhTcGd4TTVwZE5H
SXN4WnUwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtLIADAN
BgkqhkiG9w0BAQsFAAOCAQEAMnT9TNgwYKiky/WYWaGUj7SlL88OPQYCnxoVVEsl
n0vGohS2eNmphz5s327cllEcOPOIw2tksDCflxf+40pya+z5q5CjnTJhWFij/OKE
CvKF0Gxk6eCCNgKjQLGLmfpJ9zPF79u4UOh+aUnvGCf3wjpk4qYKES0rdlPOngvP
G3Gmc224oQWvy3aKcpbqvWAtfxmHU9k+yeZ3zBmDNqagBnj7Lqhxin0/rMHoumOr
4cXvaFA5+RQTopUet6p23n8MbJbRp1YuB7Nk9EwsaDEBbBhq+87jmdo6XW7M+aRt
T/JTI0mxI2pX3IifGPENiYD8ie2ccWIyrA+k8A+HfccCoQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org