Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/lbJEdtpDuzmPRZQeHfONiSgItWw.roa
File: lbJEdtpDuzmPRZQeHfONiSgItWw.roa (raw, json)
Hash identifier: eNkowjxZD/dv5C1btWMoP1PjQNeoUqeyuuAG1XkVe5o=
Subject key identifier: 95:B2:44:76:DA:43:BB:39:8F:45:94:1E:1D:F3:8D:89:28:08:B5:6C
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12C6
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/lbJEdtpDuzmPRZQeHfONiSgItWw.roa
Signing time: Fri 01 Sep 2023 08:04:58 +0000
ROA not before: Fri 01 Sep 2023 08:04:58 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.157.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4806 (0x12c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:58 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=95B24476DA43BB398F45941E1DF38D892808B56C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:72:8f:21:01:40:ed:4c:73:cc:dd:78:aa:87:
81:fd:cd:7a:94:f5:72:a9:d1:ee:e1:e5:f5:26:1c:
ea:1e:15:7b:77:b8:04:eb:89:71:38:d4:dc:dd:01:
6c:66:7b:68:0a:d9:b4:95:07:98:cf:d7:a5:25:45:
fd:4f:3d:ee:e4:50:62:15:e5:b4:13:5c:73:60:5b:
b8:31:81:82:f9:3e:50:0f:19:d0:3c:8c:7e:03:1b:
88:ff:93:0d:72:2e:29:70:cc:26:6f:d5:f2:5b:73:
a2:9f:b3:bc:fb:f9:56:bc:75:86:3f:57:42:6d:37:
8a:23:a2:76:3f:5d:c5:91:64:c3:d4:a2:08:f6:1e:
8f:6d:09:ef:1d:d4:c1:8a:1f:3a:74:88:91:ee:ef:
4c:57:55:6e:e7:7d:63:4f:77:f9:51:8d:fc:5d:d8:
97:96:aa:1e:f0:b6:39:34:80:c9:59:ce:2b:58:e0:
f8:20:80:bf:65:ad:2c:e0:dd:34:ab:7c:16:27:6e:
85:45:74:ad:b9:c8:2f:86:78:b3:b8:97:a4:94:1f:
2c:11:9e:f5:82:bd:91:7b:1a:16:20:b6:10:87:68:
da:7a:dd:36:d9:8d:16:34:f6:a4:9f:26:98:c5:6b:
c2:03:33:b6:b6:1c:ee:bb:99:9b:95:15:d1:97:88:
00:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B2:44:76:DA:43:BB:39:8F:45:94:1E:1D:F3:8D:89:28:08:B5:6C
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/lbJEdtpDuzmPRZQeHfONiSgItWw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.157.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:d1:f1:99:14:47:48:93:f3:77:20:95:8e:2c:00:9a:64:c9:
ae:b3:ac:1e:c1:97:17:98:11:30:fa:05:2c:de:8b:8e:73:cb:
21:93:1b:ab:5e:4a:6b:d1:79:8c:04:ce:9b:2a:dc:18:c9:1c:
d6:49:5b:81:78:40:96:12:c6:f0:d4:36:82:83:dc:b5:22:36:
6c:1d:07:0f:02:31:65:90:d8:75:fd:5f:f4:a8:36:70:f5:d7:
57:8a:b4:7a:70:52:4f:ad:43:70:4c:68:69:66:92:d9:0d:51:
d6:e8:49:d6:61:3e:50:49:0c:4e:e1:2a:cb:ec:41:28:fb:11:
ae:87:7d:c3:7a:2d:3a:4f:e2:f0:c2:fe:5c:d1:67:e7:54:f2:
10:99:d7:67:ba:ab:be:57:9a:57:ad:19:e6:07:da:5f:d3:16:
a5:20:e9:07:a9:59:89:de:48:1a:3e:51:eb:42:3b:e6:5e:c7:
7c:50:a2:b8:0a:b8:70:34:3e:65:a9:11:21:c3:d6:70:72:6c:
7f:a3:35:ef:69:c6:e2:90:29:44:c6:69:88:f0:2f:0a:be:59:
27:ec:e6:61:bc:a7:e4:46:51:3f:0e:e8:03:7e:c5:c6:27:a8:
6e:2e:fc:22:c5:5e:3d:9b:ca:56:58:27:a0:59:c3:34:87:cd:
77:da:ef:9e
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICEsYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk1QjI0NDc2REE0M0JC
Mzk4RjQ1OTQxRTFERjM4RDg5MjgwOEI1NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChco8hAUDtTHPM3Xiqh4H9zXqU9XKp0e7h5fUmHOoeFXt3uATr
iXE41NzdAWxme2gK2bSVB5jP16UlRf1PPe7kUGIV5bQTXHNgW7gxgYL5PlAPGdA8
jH4DG4j/kw1yLilwzCZv1fJbc6Kfs7z7+Va8dYY/V0JtN4ojonY/XcWRZMPUogj2
Ho9tCe8d1MGKHzp0iJHu70xXVW7nfWNPd/lRjfxd2JeWqh7wtjk0gMlZzitY4Pgg
gL9lrSzg3TSrfBYnboVFdK25yC+GeLO4l6SUHywRnvWCvZF7GhYgthCHaNp63TbZ
jRY09qSfJpjFa8IDM7a2HO67mZuVFdGXiABzAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUlbJEdtpDuzmPRZQeHfONiSgItWwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbGJKRWR0cER1em1QUlpRZUhmT05p
U2dJdFd3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAN6dMA0G
CSqGSIb3DQEBCwUAA4IBAQAu0fGZFEdIk/N3IJWOLACaZMmus6wewZcXmBEw+gUs
3ouOc8shkxurXkpr0XmMBM6bKtwYyRzWSVuBeECWEsbw1DaCg9y1IjZsHQcPAjFl
kNh1/V/0qDZw9ddXirR6cFJPrUNwTGhpZpLZDVHW6EnWYT5QSQxO4SrL7EEo+xGu
h33Dei06T+Lwwv5c0WfnVPIQmddnuqu+V5pXrRnmB9pf0xalIOkHqVmJ3kgaPlHr
QjvmXsd8UKK4CrhwND5lqREhw9Zwcmx/ozXvacbikClExmmI8C8Kvlkn7OZhvKfk
RlE/DugDfsXGJ6huLvwixV49m8pWWCegWcM0h8132u+e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org