Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/iRBsJD3gX86rPz_pOM4IKFPktOI.roa
File: iRBsJD3gX86rPz_pOM4IKFPktOI.roa (raw, json)
Hash identifier: 6fUJFVvEawgnGsWhi4j5+KBWy8oUgyRiG6/jkX65Smc=
Subject key identifier: 89:10:6C:24:3D:E0:5F:CE:AB:3F:3F:E9:38:CE:08:28:53:E4:B4:E2
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 128E
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/iRBsJD3gX86rPz_pOM4IKFPktOI.roa
Signing time: Fri 01 Sep 2023 08:04:38 +0000
ROA not before: Fri 01 Sep 2023 08:04:38 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 210.200.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4750 (0x128e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:38 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=89106C243DE05FCEAB3F3FE938CE082853E4B4E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:74:3d:fa:d9:a6:9a:14:95:92:15:4c:76:22:
de:4a:12:b1:62:80:d3:37:01:a6:70:2d:c5:6a:cd:
dc:7c:ab:9e:43:1c:9f:f5:7f:ec:fc:e0:a8:96:c0:
22:7d:e8:12:aa:79:6d:09:57:97:12:af:3c:7b:63:
7a:db:47:1a:6b:e0:9a:2e:34:2a:f3:42:d3:ce:4f:
f6:c4:6e:72:61:61:91:d5:65:c1:1b:bb:bc:6c:42:
67:c9:5d:0f:7a:2e:59:c7:14:f1:a3:0f:e3:e8:7c:
5a:c1:e5:d1:8a:ad:74:bf:d4:2a:a3:5c:33:53:10:
b9:e3:49:7f:06:43:98:8a:72:9c:37:07:10:b1:e6:
d7:c2:59:f7:10:90:5b:9e:ac:4c:5d:10:8c:29:6c:
99:53:18:ce:44:5e:eb:a4:67:73:a9:03:90:80:ff:
f2:14:f9:d3:6b:5d:b6:b1:db:c9:9e:60:96:e5:cb:
a1:6c:fc:6e:2a:d4:6f:38:cb:ab:9f:0e:40:a3:1f:
eb:b6:20:01:b6:4b:73:e4:b4:f9:96:74:41:d4:6e:
d6:99:8a:0a:aa:b2:1e:0c:5e:df:60:ca:e3:75:2f:
74:1a:9f:2e:3d:e6:fa:13:9c:1a:32:54:99:de:e0:
56:e8:14:8e:14:32:4e:1e:7b:45:e6:3c:e6:b5:bc:
22:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:10:6C:24:3D:E0:5F:CE:AB:3F:3F:E9:38:CE:08:28:53:E4:B4:E2
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/iRBsJD3gX86rPz_pOM4IKFPktOI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.128.0/18
Signature Algorithm: sha256WithRSAEncryption
30:a5:5c:19:3f:47:5a:d1:f4:26:94:61:73:48:af:00:db:06:
6e:a2:71:17:e2:3b:4d:80:ca:7f:ca:e3:dc:fa:0d:65:04:c8:
2d:3c:7d:e3:9f:93:85:e4:e0:7b:d5:cb:ab:10:cc:ee:c0:12:
63:90:6e:60:f1:cb:72:c5:9f:58:f6:32:78:42:a2:fe:33:23:
8f:54:96:64:f3:31:e6:77:c2:df:4c:6f:98:71:e6:59:03:61:
32:c6:f6:24:60:fa:01:d7:55:2f:17:04:79:4a:36:2e:25:f3:
0f:53:9f:00:78:ec:aa:35:7e:d8:ce:ea:d7:b5:f4:d8:68:e3:
05:f7:1a:8d:0d:5a:bc:58:70:da:d5:cb:80:bc:9e:f3:46:2e:
42:4a:b1:d0:ee:08:aa:bd:eb:04:23:fe:25:6e:90:56:46:a1:
a0:93:f4:ed:6c:fe:b4:7c:8a:3a:81:b2:d2:f9:75:1e:0c:2c:
4e:4b:ea:ff:1a:1d:f4:9d:cb:25:ad:b4:47:c1:ee:04:f4:a9:
ba:1f:07:a5:d0:84:6e:a2:3c:25:27:eb:1a:a5:3d:a5:a0:bb:
73:da:8f:61:5f:66:69:19:4e:a2:a2:a2:6e:22:79:d1:de:2d:
29:19:8f:9f:03:8d:50:95:6b:81:6b:ba:7a:35:46:05:1c:bd:
c0:f5:12:b1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEo4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg5MTA2QzI0M0RFMDVG
Q0VBQjNGM0ZFOTM4Q0UwODI4NTNFNEI0RTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfdD362aaaFJWSFUx2It5KErFigNM3AaZwLcVqzdx8q55DHJ/1
f+z84KiWwCJ96BKqeW0JV5cSrzx7Y3rbRxpr4JouNCrzQtPOT/bEbnJhYZHVZcEb
u7xsQmfJXQ96LlnHFPGjD+PofFrB5dGKrXS/1CqjXDNTELnjSX8GQ5iKcpw3BxCx
5tfCWfcQkFuerExdEIwpbJlTGM5EXuukZ3OpA5CA//IU+dNrXbax28meYJbly6Fs
/G4q1G84y6ufDkCjH+u2IAG2S3PktPmWdEHUbtaZigqqsh4MXt9gyuN1L3Qany49
5voTnBoyVJne4FboFI4UMk4ee0XmPOa1vCLzAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUiRBsJD3gX86rPz/pOM4IKFPktOIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaVJCc0pEM2dYODZyUHpfcE9NNElL
RlBrdE9JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLIgDAN
BgkqhkiG9w0BAQsFAAOCAQEAMKVcGT9HWtH0JpRhc0ivANsGbqJxF+I7TYDKf8rj
3PoNZQTILTx945+TheTge9XLqxDM7sASY5BuYPHLcsWfWPYyeEKi/jMjj1SWZPMx
5nfC30xvmHHmWQNhMsb2JGD6AddVLxcEeUo2LiXzD1OfAHjsqjV+2M7q17X02Gjj
BfcajQ1avFhw2tXLgLye80YuQkqx0O4Iqr3rBCP+JW6QVkahoJP07Wz+tHyKOoGy
0vl1HgwsTkvq/xod9J3LJa20R8HuBPSpuh8HpdCEbqI8JSfrGqU9paC7c9qPYV9m
aRlOoqKibiJ50d4tKRmPnwONUJVrgWu6ejVGBRy9wPUSsQ==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org