Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/lcXi4x89SMX7KrI3Y_DjFOz9OdY.roa
File: lcXi4x89SMX7KrI3Y_DjFOz9OdY.roa (raw, json)
Hash identifier: xGGsU6qhlIygJJ+VBujVH2+UovFpNGm3DYp+JrNKW/k=
Subject key identifier: 95:C5:E2:E3:1F:3D:48:C5:FB:2A:B2:37:63:F0:E3:14:EC:FD:39:D6
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12C4
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/lcXi4x89SMX7KrI3Y_DjFOz9OdY.roa
Signing time: Fri 01 Sep 2023 08:04:58 +0000
ROA not before: Fri 01 Sep 2023 08:04:58 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.250.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4804 (0x12c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:58 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=95C5E2E31F3D48C5FB2AB23763F0E314ECFD39D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b6:e3:ae:52:76:ad:0f:60:11:23:ec:a3:87:
b1:b3:ce:5f:90:3e:60:68:d0:49:67:3c:2d:6f:08:
4a:51:38:d8:27:c5:3f:cb:6d:19:29:21:8d:57:20:
72:d4:d1:4e:10:67:d7:18:ae:b3:4b:09:63:cb:22:
f7:c6:77:58:96:d7:07:6f:e5:0d:fb:e9:d5:93:e3:
78:5c:51:10:ac:0c:e6:2c:ee:c9:dc:79:23:8f:4d:
8f:33:49:14:28:f2:b9:9f:22:5c:7d:31:c8:f9:c0:
1a:7e:41:6b:f4:48:75:a9:2c:7f:19:cf:9a:4c:4e:
5e:8a:e2:5d:18:ff:9b:ee:cf:2e:72:24:89:33:d9:
c7:06:de:cc:27:81:a0:5b:16:5b:48:a2:9f:f9:47:
22:07:a6:68:6a:32:c9:f0:ea:3b:00:57:72:e0:5b:
55:e0:80:8a:9a:d4:01:4a:30:0f:69:60:e3:62:06:
7a:0e:12:eb:f2:64:36:15:e2:be:4d:02:58:20:82:
30:06:8d:38:27:85:32:95:66:b0:25:d4:1a:80:f0:
25:43:d5:78:4c:0b:0a:b4:8c:b4:70:e4:5d:e7:30:
35:7c:c5:1f:be:ad:49:83:dc:ec:2b:f4:a7:29:ef:
4d:6b:ea:0f:33:20:08:c1:41:db:b1:7e:51:dd:09:
43:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C5:E2:E3:1F:3D:48:C5:FB:2A:B2:37:63:F0:E3:14:EC:FD:39:D6
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/lcXi4x89SMX7KrI3Y_DjFOz9OdY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.64.0/18
Signature Algorithm: sha256WithRSAEncryption
1b:7c:2d:63:c8:6f:a3:69:29:d9:ea:9c:2f:a9:27:e4:5c:7c:
35:4f:0c:d2:b6:1a:7b:00:5d:89:14:71:43:40:a2:4e:16:e3:
96:1b:a1:9c:80:a4:f0:c7:b8:9a:72:82:f2:cd:c8:14:c1:82:
15:7a:d5:f5:7b:0c:a2:cb:09:3c:22:3f:8e:a6:2f:65:00:b9:
a3:3a:18:18:ff:50:8b:1b:35:40:61:37:27:38:1a:d7:ca:0a:
d5:e7:52:5d:4c:e9:60:e7:a8:f5:b6:55:99:aa:21:8b:bf:03:
74:a1:80:5d:45:57:ab:ae:8f:20:e5:71:a2:a9:1d:35:22:4a:
5f:8c:84:62:9f:ae:4f:af:82:b8:54:9a:cf:10:69:47:ea:02:
a2:4a:21:cb:e2:6f:a0:71:2e:1d:9a:67:8f:94:e6:e3:a4:9c:
59:bb:07:92:1f:52:6f:d5:85:2f:0d:45:2f:bc:6f:a9:bd:fb:
d2:bb:b8:a3:94:7a:a3:5a:4a:83:c4:a3:7f:48:ac:71:50:41:
b2:76:b4:44:d1:1b:24:d6:bf:b8:0e:f7:30:f9:5a:36:9e:56:
94:14:94:2f:76:99:f1:cc:44:b2:1e:48:aa:76:4c:0c:c4:2c:
ed:72:d5:33:ef:bc:4c:4a:ef:73:35:ce:d9:e6:69:47:5b:12:
c5:d5:79:9e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEsQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk1QzVFMkUzMUYzRDQ4
QzVGQjJBQjIzNzYzRjBFMzE0RUNGRDM5RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCbtuOuUnatD2ARI+yjh7Gzzl+QPmBo0ElnPC1vCEpRONgnxT/L
bRkpIY1XIHLU0U4QZ9cYrrNLCWPLIvfGd1iW1wdv5Q376dWT43hcURCsDOYs7snc
eSOPTY8zSRQo8rmfIlx9Mcj5wBp+QWv0SHWpLH8Zz5pMTl6K4l0Y/5vuzy5yJIkz
2ccG3swngaBbFltIop/5RyIHpmhqMsnw6jsAV3LgW1XggIqa1AFKMA9pYONiBnoO
EuvyZDYV4r5NAlgggjAGjTgnhTKVZrAl1BqA8CVD1XhMCwq0jLRw5F3nMDV8xR++
rUmD3Owr9Kcp701r6g8zIAjBQduxflHdCUMVAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUlcXi4x89SMX7KrI3Y/DjFOz9OdYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbGNYaTR4ODlTTVg3S3JJM1lfRGpG
T3o5T2RZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt76QDAN
BgkqhkiG9w0BAQsFAAOCAQEAG3wtY8hvo2kp2eqcL6kn5Fx8NU8M0rYaewBdiRRx
Q0CiThbjlhuhnICk8Me4mnKC8s3IFMGCFXrV9XsMossJPCI/jqYvZQC5ozoYGP9Q
ixs1QGE3Jzga18oK1edSXUzpYOeo9bZVmaohi78DdKGAXUVXq66PIOVxoqkdNSJK
X4yEYp+uT6+CuFSazxBpR+oCokohy+JvoHEuHZpnj5Tm46ScWbsHkh9Sb9WFLw1F
L7xvqb370ru4o5R6o1pKg8Sjf0iscVBBsna0RNEbJNa/uA73MPlaNp5WlBSUL3aZ
8cxEsh5IqnZMDMQs7XLVM++8TErvczXO2eZpR1sSxdV5ng==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org