Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/icaXfvsYUsr4e8Z1mTz0-s0aRSU.roa
File: icaXfvsYUsr4e8Z1mTz0-s0aRSU.roa (raw, json)
Hash identifier: U1q3QvjDGg9elNRteL8KMXq+0y/ArSF518mH75qBn+A=
Subject key identifier: 89:C6:97:7E:FB:18:52:CA:F8:7B:C6:75:99:3C:F4:FA:CD:1A:45:25
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0FEF
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/icaXfvsYUsr4e8Z1mTz0-s0aRSU.roa
Signing time: Fri 24 Mar 2023 08:42:08 +0000
ROA not before: Fri 24 Mar 2023 08:42:08 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9922
IP address blocks: 124.218.160.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4079 (0xfef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Mar 24 08:42:08 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=89C6977EFB1852CAF87BC675993CF4FACD1A4525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:88:9f:37:e5:af:d5:97:68:dc:3e:83:51:90:
10:62:8e:b3:d3:cd:39:cf:22:5b:08:56:62:6b:0e:
15:49:98:4e:05:b4:f2:b1:e7:80:53:e8:a0:c6:f3:
8a:62:c2:9e:a4:99:c2:e5:be:c3:b7:67:61:6a:2f:
e2:89:95:34:11:80:07:31:39:f9:ef:8c:22:47:63:
73:0f:ca:6a:c1:57:52:a5:08:37:22:a8:cd:e7:6f:
d6:35:21:27:5c:63:e9:c7:c4:af:84:99:73:e1:ef:
8f:7c:c6:31:0d:a5:7b:48:b3:a4:ee:ff:a2:1d:f5:
16:62:e0:07:60:b2:56:b7:72:c9:87:75:5b:7b:13:
5c:11:f1:83:c7:d6:a1:4f:dc:26:0d:40:39:2b:a2:
bb:ac:61:cf:af:79:c1:32:04:dd:db:8c:b0:ef:a2:
7a:65:09:f6:7a:0e:1a:77:45:ca:c3:44:69:87:34:
bf:5e:23:f9:05:b4:7e:26:30:b5:b0:56:e7:09:77:
a7:24:69:5f:b0:42:c0:0c:4e:39:91:f6:0f:e8:7d:
b9:5f:a0:c5:a8:51:7b:4d:af:f1:d1:78:c5:6f:15:
8e:9f:b3:9c:65:7f:4c:5c:9a:61:fd:b9:f8:f2:d3:
67:24:16:22:f6:4f:50:49:5f:f1:41:bc:72:40:cb:
b9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C6:97:7E:FB:18:52:CA:F8:7B:C6:75:99:3C:F4:FA:CD:1A:45:25
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/icaXfvsYUsr4e8Z1mTz0-s0aRSU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.160.0/21
Signature Algorithm: sha256WithRSAEncryption
84:e2:3a:26:35:60:f8:9f:17:0c:d8:25:28:c4:22:09:a6:35:
fa:b6:53:be:f2:52:5d:47:44:13:54:d6:9b:a2:65:ee:76:0b:
38:71:69:4d:f6:15:68:a0:5b:d3:6a:b8:42:21:76:89:61:a7:
24:87:6f:57:e2:72:9f:46:08:5c:02:ef:8c:1b:5b:9d:c4:21:
78:9f:d4:8c:48:59:dd:7d:5d:24:73:22:30:2d:74:db:4d:35:
b3:1b:aa:7e:6d:9d:5c:62:0a:fb:f9:21:07:f0:98:d8:73:2b:
b3:ff:e1:1d:e6:66:24:2a:db:51:8c:9a:2d:cd:65:74:53:4e:
bd:d2:5e:e7:96:33:1f:80:78:e8:26:ff:84:db:46:7a:38:99:
71:0b:0f:78:fd:98:c9:98:a4:1c:20:42:b0:c7:72:a3:3f:d5:
5d:82:22:5a:ca:71:ad:0b:47:43:c1:0a:ce:64:27:b7:71:10:
b7:d5:cf:fc:41:a7:b4:c5:3a:a5:7a:fa:ec:38:6b:37:e8:0d:
55:7e:6d:d7:f6:c1:38:ca:90:6e:12:fb:10:f2:96:0b:b8:1a:
2b:02:0f:d0:a9:51:42:30:fd:d4:a4:df:e4:e8:08:75:b7:ee:
1b:6f:5b:25:ab:db:a6:fa:56:73:ca:22:f8:69:ed:11:47:24:
bf:19:d8:61
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD+8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzAzMjQw
ODQyMDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg5QzY5NzdFRkIxODUy
Q0FGODdCQzY3NTk5M0NGNEZBQ0QxQTQ1MjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUiJ835a/Vl2jcPoNRkBBijrPTzTnPIlsIVmJrDhVJmE4FtPKx
54BT6KDG84piwp6kmcLlvsO3Z2FqL+KJlTQRgAcxOfnvjCJHY3MPymrBV1KlCDci
qM3nb9Y1ISdcY+nHxK+EmXPh7498xjENpXtIs6Tu/6Id9RZi4Adgsla3csmHdVt7
E1wR8YPH1qFP3CYNQDkrorusYc+vecEyBN3bjLDvonplCfZ6Dhp3RcrDRGmHNL9e
I/kFtH4mMLWwVucJd6ckaV+wQsAMTjmR9g/ofblfoMWoUXtNr/HReMVvFY6fs5xl
f0xcmmH9ufjy02ckFiL2T1BJX/FBvHJAy7nxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUicaXfvsYUsr4e8Z1mTz0+s0aRSUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvaWNhWGZ2c1lVc3I0ZThaMW1UejAt
czBhUlNVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3zaoDAN
BgkqhkiG9w0BAQsFAAOCAQEAhOI6JjVg+J8XDNglKMQiCaY1+rZTvvJSXUdEE1TW
m6Jl7nYLOHFpTfYVaKBb02q4QiF2iWGnJIdvV+Jyn0YIXALvjBtbncQheJ/UjEhZ
3X1dJHMiMC102001sxuqfm2dXGIK+/khB/CY2HMrs//hHeZmJCrbUYyaLc1ldFNO
vdJe55YzH4B46Cb/hNtGejiZcQsPeP2YyZikHCBCsMdyoz/VXYIiWspxrQtHQ8EK
zmQnt3EQt9XP/EGntMU6pXr67DhrN+gNVX5t1/bBOMqQbhL7EPKWC7gaKwIP0KlR
QjD91KTf5OgIdbfuG29bJavbpvpWc8oi+GntEUckvxnYYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org