Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/lMH4Su2GlUP8XYpr5jLy81_USUE.roa
File: lMH4Su2GlUP8XYpr5jLy81_USUE.roa (raw, json)
Hash identifier: hwf+XBLBuO0/KVqVgl7fJw4OyLXoFIO/jveHTFQ9G4E=
Subject key identifier: 94:C1:F8:4A:ED:86:95:43:FC:5D:8A:6B:E6:32:F2:F3:5F:D4:49:41
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 126D
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/lMH4Su2GlUP8XYpr5jLy81_USUE.roa
Signing time: Fri 01 Sep 2023 08:04:26 +0000
ROA not before: Fri 01 Sep 2023 08:04:26 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7539
IP address blocks: 210.200.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4717 (0x126d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:26 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=94C1F84AED869543FC5D8A6BE632F2F35FD44941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:16:4a:48:4a:9c:13:b8:33:98:f3:3b:5d:1c:
27:75:91:fc:fd:c9:3c:ff:27:51:1a:2e:6a:ae:aa:
2d:5a:3b:69:4a:20:64:72:23:dc:ba:c4:5b:ca:ec:
74:6a:f8:77:0e:70:94:26:85:6c:23:ef:6a:98:63:
d1:22:86:a5:c5:0e:2e:9d:88:68:a6:1a:87:b5:24:
80:63:ec:ea:13:37:81:b8:d9:4e:86:54:4e:a1:e5:
4d:7b:8a:c6:17:22:17:f7:0a:5d:05:9a:5c:09:9f:
06:cc:b0:44:0f:cd:3e:b1:da:e9:e7:33:cb:5e:32:
ea:45:4d:3d:5e:0f:2e:3f:a3:d3:2b:80:8d:47:32:
a9:7a:77:9c:d2:b8:02:26:6c:31:12:47:0d:ce:11:
f5:02:7e:90:42:c2:26:66:30:04:ae:89:b4:dd:d2:
7b:fa:61:cc:ef:b4:5d:82:e4:e6:db:43:ed:0f:b8:
c8:bc:16:62:08:70:74:e1:68:a7:9b:f4:db:09:d5:
ff:57:30:a3:4c:0f:0e:8e:36:b7:d2:4b:69:3f:bb:
63:57:b4:f9:f2:48:36:ea:7a:60:c3:83:4e:d0:34:
9e:05:e5:09:96:57:a7:1a:a5:57:fd:8c:3c:29:f0:
20:9e:91:30:8e:58:d9:f7:9f:5c:33:c6:e0:24:b6:
f5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C1:F8:4A:ED:86:95:43:FC:5D:8A:6B:E6:32:F2:F3:5F:D4:49:41
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/lMH4Su2GlUP8XYpr5jLy81_USUE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.32.0/20
Signature Algorithm: sha256WithRSAEncryption
09:74:e3:7a:44:b4:3b:22:f7:fc:17:f0:32:4e:ae:84:db:24:
8b:47:6a:72:4a:8c:1e:9b:51:a8:f9:d5:7b:43:4e:9a:19:29:
c0:85:49:b8:d8:93:29:21:29:17:6a:ee:26:ef:df:8a:aa:e7:
cd:1c:2f:e8:f5:0e:61:1d:91:71:e1:81:bb:bb:08:f4:6c:35:
1d:f0:22:89:1a:c6:f7:d4:d4:9e:4b:77:d6:c2:26:57:55:b1:
0a:fe:bb:2e:df:80:bc:1e:59:39:29:2b:f8:4e:eb:68:ac:21:
be:0b:5a:80:23:7a:2c:e9:86:97:30:85:2c:81:51:69:5f:74:
f6:e8:c4:75:ad:87:b5:39:3d:f8:c8:da:3f:cd:c2:d5:84:04:
6d:5b:30:9a:46:ae:c8:08:03:10:44:25:61:19:bd:68:de:6e:
fa:d5:af:a1:8d:39:0b:49:5b:47:05:1c:38:8a:4d:84:c4:1f:
56:45:58:53:6f:7d:4b:ac:a8:f4:2b:02:8d:c0:39:f4:1b:52:
72:15:ac:b3:91:eb:a4:71:59:e4:4c:9f:14:06:92:26:e4:53:
dc:bd:60:5e:f0:56:59:3f:bc:af:d6:73:47:a6:c1:80:50:55:
8e:6f:f6:fa:61:d7:f2:ad:b0:f6:05:62:2a:60:72:de:67:4a:
04:a6:be:2f
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEm0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MjZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk0QzFGODRBRUQ4Njk1
NDNGQzVEOEE2QkU2MzJGMkYzNUZENDQ5NDEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0FkpISpwTuDOY8ztdHCd1kfz9yTz/J1EaLmquqi1aO2lKIGRy
I9y6xFvK7HRq+HcOcJQmhWwj72qYY9EihqXFDi6diGimGoe1JIBj7OoTN4G42U6G
VE6h5U17isYXIhf3Cl0FmlwJnwbMsEQPzT6x2unnM8teMupFTT1eDy4/o9MrgI1H
Mql6d5zSuAImbDESRw3OEfUCfpBCwiZmMASuibTd0nv6YczvtF2C5ObbQ+0PuMi8
FmIIcHThaKeb9NsJ1f9XMKNMDw6ONrfSS2k/u2NXtPnySDbqemDDg07QNJ4F5QmW
V6capVf9jDwp8CCekTCOWNn3n1wzxuAktvU5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUlMH4Su2GlUP8XYpr5jLy81/USUEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbE1INFN1MkdsVVA4WFlwcjVqTHk4
MV9VU1VFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNLIIDAN
BgkqhkiG9w0BAQsFAAOCAQEACXTjekS0OyL3/BfwMk6uhNski0dqckqMHptRqPnV
e0NOmhkpwIVJuNiTKSEpF2ruJu/fiqrnzRwv6PUOYR2RceGBu7sI9Gw1HfAiiRrG
99TUnkt31sImV1WxCv67Lt+AvB5ZOSkr+E7raKwhvgtagCN6LOmGlzCFLIFRaV90
9ujEda2HtTk9+MjaP83C1YQEbVswmkauyAgDEEQlYRm9aN5u+tWvoY05C0lbRwUc
OIpNhMQfVkVYU299S6yo9CsCjcA59BtSchWss5HrpHFZ5EyfFAaSJuRT3L1gXvBW
WT+8r9ZzR6bBgFBVjm/2+mHX8q2w9gViKmBy3mdKBKa+Lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org