Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/kdTqE9EFdGWSXjCoBtRfORzKasI.roa
File: kdTqE9EFdGWSXjCoBtRfORzKasI.roa (raw, json)
Hash identifier: 2RlZHAShJrYaM66qpD0yADQnlVut/GsGhwpuGxX33nI=
Subject key identifier: 91:D4:EA:13:D1:05:74:65:92:5E:30:A8:06:D4:5F:39:1C:CA:6A:C2
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 126B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kdTqE9EFdGWSXjCoBtRfORzKasI.roa
Signing time: Fri 01 Sep 2023 08:04:26 +0000
ROA not before: Fri 01 Sep 2023 08:04:26 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.250.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4715 (0x126b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:26 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=91D4EA13D1057465925E30A806D45F391CCA6AC2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b8:62:2b:36:69:dc:6c:0d:aa:db:eb:25:08:
50:83:25:a0:a5:20:1e:27:11:0a:52:63:16:87:93:
68:23:d8:5c:ad:e8:e3:0c:60:5c:36:08:c0:e5:b1:
49:47:3a:4a:68:f3:b1:da:b5:a4:90:71:cf:37:7a:
fd:6b:60:47:11:ad:e9:5b:0c:42:6b:77:8c:bd:75:
35:fd:e3:9b:48:a5:29:63:42:d5:90:f1:16:e6:0f:
62:52:ac:fa:87:3f:5d:d0:c5:e5:93:55:a3:ce:25:
d7:6c:ec:c1:69:0f:d4:3a:8f:2a:ef:a6:e4:84:de:
6d:07:7c:dd:dc:63:11:2a:a1:e1:15:b3:82:1e:93:
8b:77:0b:fc:62:f7:1c:c9:2c:7e:e0:e7:fc:5a:8f:
c1:1f:b8:14:48:e2:53:6b:20:33:69:8a:31:6a:c7:
14:17:cc:b6:c2:5e:2b:80:84:2f:60:0b:5e:89:44:
98:ca:7a:20:3d:ac:73:29:57:e9:78:22:ef:57:d1:
55:2e:77:22:da:3c:30:24:57:ab:e2:07:83:e6:9f:
2b:45:20:47:0e:d8:0e:e5:58:88:6a:69:88:94:bd:
de:dc:79:a1:5e:f2:eb:cc:fa:12:ed:ce:3f:8b:e6:
e4:0a:05:fe:3a:80:c5:b4:70:1c:a1:e5:39:c5:f3:
78:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D4:EA:13:D1:05:74:65:92:5E:30:A8:06:D4:5F:39:1C:CA:6A:C2
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kdTqE9EFdGWSXjCoBtRfORzKasI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.0.0/18
Signature Algorithm: sha256WithRSAEncryption
6a:f2:64:7e:a9:6e:3e:1c:e7:31:5c:3d:75:af:1c:ee:9d:58:
14:c2:85:b2:4e:dc:de:4b:07:a6:d9:c8:80:58:6f:41:56:db:
e4:0f:2b:5b:86:90:ef:7a:d1:2b:ab:b4:0c:ee:55:fd:fc:b6:
14:59:11:9c:20:4c:0e:9d:75:45:e1:ac:07:d0:55:8d:20:da:
fa:28:4f:4d:1e:8f:7d:f3:ff:c6:65:ff:50:aa:dc:2c:0d:05:
39:fa:1b:e1:0b:78:43:f3:8d:23:bc:a6:da:89:8b:6b:79:7c:
1b:57:7a:d9:b4:df:c0:29:d7:f7:5c:80:a0:cf:d1:f4:a9:e4:
38:4b:bb:41:b5:b0:fa:35:d4:fe:89:a8:3a:94:39:ba:72:36:
fc:c5:d8:d5:7c:0e:93:be:52:55:67:78:e8:50:5e:71:57:b5:
5c:87:c9:ca:d5:88:45:91:4f:04:84:92:70:f0:b7:b4:81:07:
92:06:7f:94:f6:a8:57:67:1d:07:98:ca:4d:a9:4f:32:7d:04:
0f:e2:a8:6e:87:64:a3:7f:83:98:22:d2:12:8b:ee:ad:a4:ae:
a5:21:01:4d:f3:a5:21:66:70:47:c6:f3:2d:1c:43:ae:f4:1d:
1c:93:b6:9d:ed:fb:69:a8:f0:ad:f5:1a:a1:d1:19:ba:06:a2:
73:7a:57:58
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEmswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkxRDRFQTEzRDEwNTc0
NjU5MjVFMzBBODA2RDQ1RjM5MUNDQTZBQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCguGIrNmncbA2q2+slCFCDJaClIB4nEQpSYxaHk2gj2Fyt6OMM
YFw2CMDlsUlHOkpo87HataSQcc83ev1rYEcRrelbDEJrd4y9dTX945tIpSljQtWQ
8RbmD2JSrPqHP13QxeWTVaPOJdds7MFpD9Q6jyrvpuSE3m0HfN3cYxEqoeEVs4Ie
k4t3C/xi9xzJLH7g5/xaj8EfuBRI4lNrIDNpijFqxxQXzLbCXiuAhC9gC16JRJjK
eiA9rHMpV+l4Iu9X0VUudyLaPDAkV6viB4PmnytFIEcO2A7lWIhqaYiUvd7ceaFe
8uvM+hLtzj+L5uQKBf46gMW0cByh5TnF83gpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkdTqE9EFdGWSXjCoBtRfORzKasIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wva2RUcUU5RUZkR1dTWGpDb0J0UmZP
UnpLYXNJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt76ADAN
BgkqhkiG9w0BAQsFAAOCAQEAavJkfqluPhznMVw9da8c7p1YFMKFsk7c3ksHptnI
gFhvQVbb5A8rW4aQ73rRK6u0DO5V/fy2FFkRnCBMDp11ReGsB9BVjSDa+ihPTR6P
ffP/xmX/UKrcLA0FOfob4Qt4Q/ONI7ym2omLa3l8G1d62bTfwCnX91yAoM/R9Knk
OEu7QbWw+jXU/omoOpQ5unI2/MXY1XwOk75SVWd46FBecVe1XIfJytWIRZFPBISS
cPC3tIEHkgZ/lPaoV2cdB5jKTalPMn0ED+Kobodko3+DmCLSEovuraSupSEBTfOl
IWZwR8bzLRxDrvQdHJO2ne37aajwrfUaodEZugaic3pXWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org