Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/kb9xsuhsS8vmz7dqOc65KB10WCE.roa
File: kb9xsuhsS8vmz7dqOc65KB10WCE.roa (raw, json)
Hash identifier: I3U93Gjuj1M8T7Rz/r5e9AqoUTd6AxI5L4aqy53nwy8=
Subject key identifier: 91:BF:71:B2:E8:6C:4B:CB:E6:CF:B7:6A:39:CE:B9:28:1D:74:58:21
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12D5
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kb9xsuhsS8vmz7dqOc65KB10WCE.roa
Signing time: Fri 01 Sep 2023 08:05:03 +0000
ROA not before: Fri 01 Sep 2023 08:05:03 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 210.203.48.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4821 (0x12d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:03 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=91BF71B2E86C4BCBE6CFB76A39CEB9281D745821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2b:c9:2e:52:6a:68:e0:86:01:1b:42:d1:7b:
c3:3f:ca:32:52:5f:45:61:98:2b:2c:8a:89:5d:60:
be:5e:b3:61:67:de:fd:43:95:63:d1:66:5b:e6:99:
2d:bb:4f:77:df:83:34:1a:6c:1d:1c:7d:5d:9e:3a:
2e:9c:bc:5c:e0:23:92:44:4a:b9:f6:96:f7:b4:46:
b5:9f:d8:e4:d2:ef:20:80:16:fe:ac:7b:62:37:55:
01:c7:13:56:7d:d1:f9:da:f4:cd:e0:59:96:ce:32:
ed:0e:72:81:51:2a:09:d7:38:d7:ed:96:d3:1b:31:
f1:b7:76:52:38:54:b4:a1:fa:be:bf:55:f4:c3:db:
92:7c:f3:85:74:ff:c6:62:b0:df:d0:1d:b8:ea:00:
74:3e:81:12:78:d7:bc:4f:92:58:c4:7a:3b:f2:ac:
de:35:a5:8a:b0:5d:4c:4f:2b:ab:b5:a4:0c:dd:f3:
47:ea:fd:30:6f:2d:22:dc:2b:d0:33:f0:8d:63:8b:
55:50:b9:c3:15:d3:e5:b6:34:79:e9:ba:ee:98:8a:
6d:47:b3:dd:1d:57:52:c7:aa:71:71:b4:6c:3e:a9:
4a:eb:58:13:c6:54:92:0a:52:e4:ad:cd:0e:6d:fa:
30:e2:f8:14:82:fc:73:59:51:1c:be:b7:3d:90:e9:
59:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:BF:71:B2:E8:6C:4B:CB:E6:CF:B7:6A:39:CE:B9:28:1D:74:58:21
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kb9xsuhsS8vmz7dqOc65KB10WCE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.48.0/20
Signature Algorithm: sha256WithRSAEncryption
1a:c6:1e:21:c2:ae:01:fd:de:31:07:9c:d2:a9:e7:1b:b4:65:
4f:57:ce:20:16:65:59:0f:94:49:43:0b:a5:dd:c1:fa:42:fd:
2d:3b:fb:8b:88:15:d0:c6:4f:ab:7e:92:b7:c7:7a:60:ed:56:
f9:ea:24:a3:2e:57:8e:3f:11:60:80:6e:08:dd:41:11:5b:83:
03:1f:43:fc:e5:fd:40:77:93:fa:f4:ef:90:c7:0e:76:34:e9:
6c:ed:29:53:e3:ce:44:58:85:d6:2f:f4:ed:83:0a:cf:79:e3:
6c:1c:e7:cd:19:2d:f0:56:56:89:35:c6:2b:ac:87:ca:54:ad:
e8:2c:69:21:ac:1a:cd:f0:35:45:1c:f5:2f:40:aa:36:81:58:
49:f6:be:70:32:4d:39:59:23:3f:a7:d5:27:01:88:64:26:52:
00:e6:61:fd:21:71:2d:45:99:18:17:96:1c:17:9a:a0:41:a3:
47:e1:c5:ad:12:03:78:2c:74:72:aa:0f:91:eb:d6:1b:a9:c1:
78:b0:a5:ee:80:09:b9:6d:f0:81:97:b0:5e:da:0f:d1:b5:41:
ae:4c:eb:4d:60:a4:5b:8b:03:c1:a4:7d:3f:b8:b3:79:59:9f:
57:07:ae:2e:61:a7:53:7c:af:31:a8:66:f2:5c:7f:4d:c9:2d:
14:da:de:d1
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEtUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkxQkY3MUIyRTg2QzRC
Q0JFNkNGQjc2QTM5Q0VCOTI4MUQ3NDU4MjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCWK8kuUmpo4IYBG0LRe8M/yjJSX0VhmCssioldYL5es2Fn3v1D
lWPRZlvmmS27T3ffgzQabB0cfV2eOi6cvFzgI5JESrn2lve0RrWf2OTS7yCAFv6s
e2I3VQHHE1Z90fna9M3gWZbOMu0OcoFRKgnXONftltMbMfG3dlI4VLSh+r6/VfTD
25J884V0/8ZisN/QHbjqAHQ+gRJ417xPkljEejvyrN41pYqwXUxPK6u1pAzd80fq
/TBvLSLcK9Az8I1ji1VQucMV0+W2NHnpuu6Yim1Hs90dV1LHqnFxtGw+qUrrWBPG
VJIKUuStzQ5t+jDi+BSC/HNZURy+tz2Q6VklAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkb9xsuhsS8vmz7dqOc65KB10WCEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wva2I5eHN1aHNTOHZtejdkcU9jNjVL
QjEwV0NFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLLMDAN
BgkqhkiG9w0BAQsFAAOCAQEAGsYeIcKuAf3eMQec0qnnG7RlT1fOIBZlWQ+USUML
pd3B+kL9LTv7i4gV0MZPq36St8d6YO1W+eokoy5Xjj8RYIBuCN1BEVuDAx9D/OX9
QHeT+vTvkMcOdjTpbO0pU+PORFiF1i/07YMKz3njbBznzRkt8FZWiTXGK6yHylSt
6CxpIawazfA1RRz1L0CqNoFYSfa+cDJNOVkjP6fVJwGIZCZSAOZh/SFxLUWZGBeW
HBeaoEGjR+HFrRIDeCx0cqoPkevWG6nBeLCl7oAJuW3wgZewXtoP0bVBrkzrTWCk
W4sDwaR9P7izeVmfVweuLmGnU3yvMahm8lx/TcktFNre0Q==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org