Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/kxhoA9T5fk5nUyqukn3k4mNrbrc.roa
File: kxhoA9T5fk5nUyqukn3k4mNrbrc.roa (raw, json)
Hash identifier: RT/x98T9uqDAIYkCMLz7spxlD2T6EffnjuS5T1Ko7rg=
Subject key identifier: 93:18:68:03:D4:F9:7E:4E:67:53:2A:AE:92:7D:E4:E2:63:6B:6E:B7
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12BF
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kxhoA9T5fk5nUyqukn3k4mNrbrc.roa
Signing time: Fri 01 Sep 2023 08:04:56 +0000
ROA not before: Fri 01 Sep 2023 08:04:56 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 210.201.78.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4799 (0x12bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:56 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=93186803D4F97E4E67532AAE927DE4E2636B6EB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:39:cf:84:c3:5c:58:82:b3:d0:a5:5e:7d:3b:
a5:a0:1d:da:0f:55:9a:4b:1a:d1:77:86:ca:a1:39:
71:29:ba:5c:1d:85:b4:97:20:7a:45:cd:e4:24:06:
18:14:6c:21:77:89:85:41:73:2c:7b:c4:6b:e2:a2:
b2:4d:62:f4:6d:b7:7b:ab:36:88:b4:d8:f7:ff:f9:
31:88:e0:93:f7:a5:13:7a:0a:a5:59:91:cc:91:cd:
73:61:84:6a:cb:f5:f9:83:32:d6:83:82:4f:f4:4a:
8b:32:69:e4:da:bf:70:44:8d:14:7b:b1:e4:eb:60:
34:2e:af:b7:e8:2b:28:16:a5:e3:46:45:e2:86:1b:
ac:8e:0b:33:37:dc:b1:cf:28:e8:b4:2f:75:64:48:
30:95:ce:4e:0f:1c:28:21:85:a7:0d:c0:18:97:36:
11:b1:ae:42:ef:95:22:e9:60:03:c4:e8:24:65:0d:
f3:bf:ef:9d:4e:71:dd:c4:83:10:a4:bf:90:71:1c:
5f:49:2d:2e:5c:4e:04:38:9e:7c:d8:65:d5:4e:75:
b8:ce:94:e0:38:0a:3e:04:41:23:c8:9b:29:6e:91:
86:5b:63:2d:c3:91:ce:70:4c:6b:5a:d2:8d:bd:4b:
44:ea:5c:62:97:aa:86:14:5f:4a:92:7d:06:6a:36:
7f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:18:68:03:D4:F9:7E:4E:67:53:2A:AE:92:7D:E4:E2:63:6B:6E:B7
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/kxhoA9T5fk5nUyqukn3k4mNrbrc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.78.0/24
Signature Algorithm: sha256WithRSAEncryption
81:cf:43:56:34:29:cd:3e:48:dd:1d:f8:6e:ae:bf:9b:39:f5:
ba:b7:24:4d:a9:ad:80:26:5a:19:04:ec:01:4d:8b:02:99:b1:
87:c0:21:f0:bd:b5:5f:89:81:33:a3:c2:c4:b0:b3:e7:f3:15:
75:ba:9e:8e:ce:55:3e:e8:b7:72:5b:17:ea:ca:2c:50:41:c3:
bf:a8:ae:34:8d:1c:7e:ba:f3:24:30:bd:6c:57:88:60:e4:42:
65:a8:98:65:44:97:47:97:ea:d8:e1:ad:17:83:9d:22:90:92:
15:78:49:e1:9e:1f:85:f0:20:98:1c:51:7b:aa:6a:30:f6:ca:
d8:3f:8d:42:56:95:67:ed:1a:ec:61:05:30:07:e2:5d:b9:e8:
36:a0:61:03:f4:e9:39:9f:a1:96:08:8b:a9:3a:2c:3b:39:88:
c2:7f:20:66:16:26:98:c2:d6:ba:0f:91:25:1b:a8:e5:0e:f2:
f2:08:4e:a1:c0:57:98:3d:04:ce:e7:2e:35:39:76:e1:74:10:
09:6a:1f:fd:93:ae:9b:a0:68:57:b9:4b:3e:8f:39:9e:95:e3:
d8:95:ea:42:20:71:36:35:a0:a6:ed:d0:da:fe:81:fa:63:3f:
03:8e:13:c5:14:f5:88:4a:b8:21:3e:94:2e:39:99:6c:b1:b8:
51:68:ba:79
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEr8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkzMTg2ODAzRDRGOTdF
NEU2NzUzMkFBRTkyN0RFNEUyNjM2QjZFQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDOc+Ew1xYgrPQpV59O6WgHdoPVZpLGtF3hsqhOXEpulwdhbSX
IHpFzeQkBhgUbCF3iYVBcyx7xGviorJNYvRtt3urNoi02Pf/+TGI4JP3pRN6CqVZ
kcyRzXNhhGrL9fmDMtaDgk/0SosyaeTav3BEjRR7seTrYDQur7foKygWpeNGReKG
G6yOCzM33LHPKOi0L3VkSDCVzk4PHCghhacNwBiXNhGxrkLvlSLpYAPE6CRlDfO/
751Ocd3EgxCkv5BxHF9JLS5cTgQ4nnzYZdVOdbjOlOA4Cj4EQSPImylukYZbYy3D
kc5wTGta0o29S0TqXGKXqoYUX0qSfQZqNn8dAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUkxhoA9T5fk5nUyqukn3k4mNrbrcwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wva3hob0E5VDVmazVuVXlxdWtuM2s0
bU5yYnJjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANLJTjAN
BgkqhkiG9w0BAQsFAAOCAQEAgc9DVjQpzT5I3R34bq6/mzn1urckTamtgCZaGQTs
AU2LApmxh8Ah8L21X4mBM6PCxLCz5/MVdbqejs5VPui3clsX6sosUEHDv6iuNI0c
frrzJDC9bFeIYORCZaiYZUSXR5fq2OGtF4OdIpCSFXhJ4Z4fhfAgmBxRe6pqMPbK
2D+NQlaVZ+0a7GEFMAfiXbnoNqBhA/TpOZ+hlgiLqTosOzmIwn8gZhYmmMLWug+R
JRuo5Q7y8ghOocBXmD0EzucuNTl24XQQCWof/ZOum6BoV7lLPo85npXj2JXqQiBx
NjWgpu3Q2v6B+mM/A44TxRT1iEq4IT6ULjmZbLG4UWi6eQ==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org