Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/nssD5mJwV6cb35V6Wmd7zjblNUk.roa
File: nssD5mJwV6cb35V6Wmd7zjblNUk.roa (raw, json)
Hash identifier: 0x9zJFQxaxdpxOSJM8TbQ377FMjkxqYTpeD5Th/OeOU=
Subject key identifier: 9E:CB:03:E6:62:70:57:A7:1B:DF:95:7A:5A:67:7B:CE:36:E5:35:49
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0BFB
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/nssD5mJwV6cb35V6Wmd7zjblNUk.roa
Signing time: Sun 07 Feb 2021 11:34:28 +0000
ROA not before: Sun 07 Feb 2021 11:34:28 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9311
IP address blocks: 210.201.74.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3067 (0xbfb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Feb 7 11:34:28 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=9ECB03E6627057A71BDF957A5A677BCE36E53549
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b1:c8:e8:b5:61:31:8e:cb:7a:39:c0:01:9b:
c9:59:a9:e9:69:19:03:49:eb:6e:2a:8d:53:79:97:
ba:3e:5a:d1:2a:74:27:a0:b7:b3:0b:e9:c9:a6:90:
6e:61:5b:bd:18:48:17:dd:1f:39:09:53:d1:4f:3d:
e8:f0:fa:43:38:63:87:42:78:49:6f:9d:63:e2:85:
a4:5b:6c:d0:b3:e4:f0:8a:36:8f:a2:4e:dd:23:94:
ea:f9:64:3b:b5:ac:0d:76:07:6e:5b:93:4f:11:30:
43:f8:af:68:90:d2:bd:6b:ac:ff:ef:aa:2a:36:6c:
08:9c:43:78:a0:1c:cf:c1:4c:d9:f5:ce:15:68:26:
d2:f4:74:0a:61:03:8d:ef:a8:07:ab:50:de:a7:6b:
53:d1:59:f8:2e:1c:31:a5:2d:0c:12:67:2a:27:20:
9b:35:df:72:0b:15:b5:4a:a2:87:28:c9:63:46:52:
de:a8:f0:05:ad:22:14:1f:27:48:ae:44:93:9a:18:
f7:86:89:79:43:7e:a7:20:1d:3b:06:c0:3c:64:a3:
5b:f8:63:79:e6:3d:da:4b:21:7a:66:0e:70:21:dd:
a6:ca:77:7e:1b:8b:9f:08:e7:9a:b6:e9:82:9d:5d:
30:f6:7a:0f:67:b4:a0:51:09:3c:ad:68:f2:6a:84:
4f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:CB:03:E6:62:70:57:A7:1B:DF:95:7A:5A:67:7B:CE:36:E5:35:49
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/nssD5mJwV6cb35V6Wmd7zjblNUk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.201.74.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:9f:12:52:85:4d:26:86:ab:23:c4:d7:1d:a5:02:34:ab:37:
4a:ca:ee:5b:5b:19:79:77:56:8d:67:de:a3:25:48:9f:19:b2:
93:8f:bb:d5:06:87:6d:e3:6e:33:a5:55:75:de:20:8e:34:e4:
43:02:e9:8c:27:8f:36:55:ee:09:af:4a:15:45:0d:7d:1f:2e:
4a:a9:f2:1c:21:9e:8f:d1:9f:18:7b:13:61:37:27:e5:06:07:
38:17:d8:0e:09:0e:d6:10:be:96:4c:ed:22:f1:76:ec:61:96:
55:68:7d:fb:5f:7b:31:30:fa:e0:0d:cc:20:c4:02:0f:ea:da:
21:c4:70:1e:40:72:b5:30:47:0d:57:23:41:bc:56:91:98:1f:
89:10:12:b8:a4:e7:99:ab:0a:68:4b:da:bf:b9:2c:33:1a:65:
ff:99:b1:c1:b5:2c:3a:92:4a:5e:b5:21:b7:00:89:2f:62:85:
68:c4:11:9a:16:40:ab:8c:d6:76:e1:51:29:b9:12:ae:8f:c2:
4f:32:22:08:9e:ce:46:24:1b:5e:b4:73:ab:f7:6a:e5:af:30:
db:e3:b0:f3:f6:df:e4:23:2d:63:7a:44:24:1b:39:5e:76:56:
24:b1:19:f1:c9:fe:53:ee:24:d1:04:78:06:7a:02:71:e2:05:
8c:66:b8:ce
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICC/swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMTAyMDcx
MTM0MjhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDlFQ0IwM0U2NjI3MDU3
QTcxQkRGOTU3QTVBNjc3QkNFMzZFNTM1NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTscjotWExjst6OcABm8lZqelpGQNJ624qjVN5l7o+WtEqdCeg
t7ML6cmmkG5hW70YSBfdHzkJU9FPPejw+kM4Y4dCeElvnWPihaRbbNCz5PCKNo+i
Tt0jlOr5ZDu1rA12B25bk08RMEP4r2iQ0r1rrP/vqio2bAicQ3igHM/BTNn1zhVo
JtL0dAphA43vqAerUN6na1PRWfguHDGlLQwSZyonIJs133ILFbVKoocoyWNGUt6o
8AWtIhQfJ0iuRJOaGPeGiXlDfqcgHTsGwDxko1v4Y3nmPdpLIXpmDnAh3abKd34b
i58I55q26YKdXTD2eg9ntKBRCTytaPJqhE8BAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUnssD5mJwV6cb35V6Wmd7zjblNUkwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbnNzRDVtSndWNmNiMzVWNldtZDd6
amJsTlVrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdLJSjAN
BgkqhkiG9w0BAQsFAAOCAQEASp8SUoVNJoarI8TXHaUCNKs3SsruW1sZeXdWjWfe
oyVInxmyk4+71QaHbeNuM6VVdd4gjjTkQwLpjCePNlXuCa9KFUUNfR8uSqnyHCGe
j9GfGHsTYTcn5QYHOBfYDgkO1hC+lkztIvF27GGWVWh9+197MTD64A3MIMQCD+ra
IcRwHkBytTBHDVcjQbxWkZgfiRASuKTnmasKaEvav7ksMxpl/5mxwbUsOpJKXrUh
twCJL2KFaMQRmhZAq4zWduFRKbkSro/CTzIiCJ7ORiQbXrRzq/dq5a8w2+Ow8/bf
5CMtY3pEJBs5XnZWJLEZ8cn+U+4k0QR4BnoCceIFjGa4zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org