Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/mhqcvr7K3W8p9dC6zvBO0Ch5csg.roa
File: mhqcvr7K3W8p9dC6zvBO0Ch5csg.roa (raw, json)
Hash identifier: Kd+ZsVlvJdn5HlTziiDGTrFAOEDglJR+jdpZjmk+Ndc=
Subject key identifier: 9A:1A:9C:BE:BE:CA:DD:6F:29:F5:D0:BA:CE:F0:4E:D0:28:79:72:C8
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1365
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/mhqcvr7K3W8p9dC6zvBO0Ch5csg.roa
Signing time: Tue 07 Nov 2023 05:32:06 +0000
ROA not before: Tue 07 Nov 2023 05:32:06 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 124.218.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4965 (0x1365)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Nov 7 05:32:06 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9A1A9CBEBECADD6F29F5D0BACEF04ED0287972C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ef:95:01:44:a2:db:e3:1e:97:bf:ab:c8:30:
85:17:d6:f0:6e:e1:97:e2:e9:5d:47:76:13:4c:f6:
20:25:0f:65:22:dd:05:7e:a0:f9:3f:1c:cc:92:5a:
f9:7a:41:27:cd:cd:6a:92:8d:5a:2f:4d:6a:c1:f9:
a2:78:b1:38:6f:ff:a9:ec:2a:ef:82:2b:a3:3b:33:
ed:45:c4:d5:ed:e6:4b:1c:54:0d:93:a6:53:04:a4:
18:38:ea:ea:53:7e:a0:80:ab:4f:06:d3:78:ff:65:
18:34:c4:22:5e:cf:8e:e9:ba:4b:31:72:30:ca:64:
8d:61:d1:a2:6b:f7:1d:42:e3:66:86:53:5d:a7:c2:
1c:db:e5:43:f9:f5:5e:b0:40:eb:ea:d5:8d:51:41:
6e:8a:02:d2:07:86:7c:d5:54:c4:aa:62:72:47:b3:
61:12:8c:10:f7:81:0d:29:62:5b:8d:b3:1b:2f:2d:
ae:96:d0:70:6c:57:05:9d:76:ed:fc:04:15:7a:ba:
45:0d:2b:de:c7:c6:98:2a:7e:6b:59:42:e0:58:92:
05:71:e8:fb:7f:c0:0f:e1:08:73:85:a0:9a:c6:2e:
3e:e3:86:95:da:19:bb:c7:5f:40:dc:12:8e:fa:d8:
32:60:27:84:5c:b8:2a:67:32:92:bc:a2:d8:9f:a9:
ef:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1A:9C:BE:BE:CA:DD:6F:29:F5:D0:BA:CE:F0:4E:D0:28:79:72:C8
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/mhqcvr7K3W8p9dC6zvBO0Ch5csg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.173.0/24
Signature Algorithm: sha256WithRSAEncryption
82:58:d5:09:f2:1e:70:3d:25:09:38:10:83:52:ac:a1:18:e2:
87:6c:13:98:0d:3e:fe:9c:e2:35:1e:1e:13:e5:3d:b9:d3:02:
0c:f8:bd:d5:a6:dd:d6:79:e2:4b:ff:45:de:42:32:a3:0c:3c:
e2:f0:a7:cd:04:e7:ab:e1:88:e0:43:09:09:f6:72:e7:a4:c1:
43:73:7c:e5:26:c5:9e:f8:a7:16:35:8c:d7:59:a2:cf:c1:f0:
a3:b8:a3:cf:97:df:7e:f5:a9:0b:16:5f:1a:83:8c:1e:60:5d:
d4:37:04:da:c9:3b:ba:b4:92:e6:e2:d1:a0:a2:7e:05:1b:03:
37:8d:88:a4:e8:5c:bd:ae:96:fd:79:1e:61:d8:7f:76:45:80:
e0:2b:72:0c:43:36:7d:47:22:16:b2:92:8c:4f:8f:d0:b0:f7:
f4:31:bd:76:f7:25:ba:a9:ea:08:d9:62:59:71:6a:19:54:ad:
f3:51:dc:bb:ad:cc:84:71:20:a0:fa:54:d1:98:83:1b:c8:57:
59:85:a2:d0:66:5d:53:33:e1:98:35:74:47:a4:33:57:81:69:
7c:72:7f:56:dd:0d:1e:c7:e3:21:8d:3b:63:7d:04:e5:2c:bf:
71:44:2f:34:5e:11:38:89:65:da:21:85:d2:20:53:d5:13:28:
c3:67:45:56
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICE2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzExMDcw
NTMyMDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlBMUE5Q0JFQkVDQURE
NkYyOUY1RDBCQUNFRjA0RUQwMjg3OTcyQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw75UBRKLb4x6Xv6vIMIUX1vBu4Zfi6V1HdhNM9iAlD2Ui3QV+
oPk/HMySWvl6QSfNzWqSjVovTWrB+aJ4sThv/6nsKu+CK6M7M+1FxNXt5kscVA2T
plMEpBg46upTfqCAq08G03j/ZRg0xCJez47puksxcjDKZI1h0aJr9x1C42aGU12n
whzb5UP59V6wQOvq1Y1RQW6KAtIHhnzVVMSqYnJHs2ESjBD3gQ0pYluNsxsvLa6W
0HBsVwWddu38BBV6ukUNK97HxpgqfmtZQuBYkgVx6Pt/wA/hCHOFoJrGLj7jhpXa
GbvHX0DcEo762DJgJ4RcuCpnMpK8otifqe+ZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUmhqcvr7K3W8p9dC6zvBO0Ch5csgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbWhxY3ZyN0szVzhwOWRDNnp2Qk8w
Q2g1Y3NnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHzarTAN
BgkqhkiG9w0BAQsFAAOCAQEAgljVCfIecD0lCTgQg1KsoRjih2wTmA0+/pziNR4e
E+U9udMCDPi91abd1nniS/9F3kIyoww84vCnzQTnq+GI4EMJCfZy56TBQ3N85SbF
nvinFjWM11miz8Hwo7ijz5fffvWpCxZfGoOMHmBd1DcE2sk7urSS5uLRoKJ+BRsD
N42IpOhcva6W/XkeYdh/dkWA4CtyDEM2fUciFrKSjE+P0LD39DG9dvcluqnqCNli
WXFqGVSt81Hcu63MhHEgoPpU0ZiDG8hXWYWi0GZdUzPhmDV0R6QzV4FpfHJ/Vt0N
HsfjIY07Y30E5Sy/cUQvNF4ROIll2iGF0iBT1RMow2dFVg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:20 2025 by rpki-client