Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/nwKUM6e1cAI5cieQarOuW7MWTqo.roa
File: nwKUM6e1cAI5cieQarOuW7MWTqo.roa (raw, json)
Hash identifier: l8BjQcXcG5609Lum4UE1eqKippx0pGrl/mHtWemvFv0=
Subject key identifier: 9F:02:94:33:A7:B5:70:02:39:72:27:90:6A:B3:AE:5B:B3:16:4E:AA
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 130A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/nwKUM6e1cAI5cieQarOuW7MWTqo.roa
Signing time: Fri 01 Sep 2023 08:05:18 +0000
ROA not before: Fri 01 Sep 2023 08:05:18 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 202.178.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4874 (0x130a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:18 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9F029433A7B57002397227906AB3AE5BB3164EAA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e8:95:eb:69:4c:17:de:32:30:59:d6:44:db:
8d:97:4b:dd:1d:33:3e:35:cb:5b:03:2e:72:71:b8:
c1:8b:f8:74:76:a0:dd:9e:4a:db:50:84:9d:0f:68:
bc:a2:d7:06:ec:70:d5:17:5c:08:06:3d:68:24:2f:
89:2c:92:5f:62:c7:a3:fc:8a:31:83:c5:15:5b:48:
c8:76:65:05:65:95:2b:85:c7:07:9b:de:64:7c:86:
a9:f3:24:57:f5:03:cd:82:e1:11:bc:ac:e0:44:25:
68:46:03:16:71:33:ae:90:e2:88:74:40:c1:46:3c:
c0:aa:53:f1:c5:62:64:ea:eb:d2:7e:91:3a:c7:de:
5e:70:b4:82:b9:65:3b:eb:f8:47:6e:fb:b3:09:fb:
e3:2d:c7:f1:8d:d6:d4:47:6c:44:99:74:bd:ca:10:
43:72:95:c1:04:68:d7:be:13:3f:81:71:77:f2:8b:
32:5e:ee:38:39:de:f5:c8:08:11:dc:53:e1:94:1e:
1f:cf:3e:58:d1:49:f6:57:88:eb:79:7e:b4:3e:c7:
f4:00:6e:87:6a:0c:d5:5b:8a:f0:5e:72:df:21:41:
3e:df:47:f8:58:21:94:aa:e4:70:9b:67:d4:05:74:
bd:5d:de:a4:15:48:1f:eb:3d:5d:a4:13:62:a4:a1:
b9:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:02:94:33:A7:B5:70:02:39:72:27:90:6A:B3:AE:5B:B3:16:4E:AA
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/nwKUM6e1cAI5cieQarOuW7MWTqo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.178.128.0/17
Signature Algorithm: sha256WithRSAEncryption
29:fa:71:a9:2f:bf:90:07:51:0d:d6:c5:54:df:6a:7b:63:68:
3d:2f:b8:c3:ad:3b:54:4e:46:fe:56:55:14:01:42:57:c0:a7:
d0:76:18:aa:11:9f:9b:30:2e:c7:f3:ec:7d:5f:11:95:69:16:
87:8f:7f:11:ca:ce:25:d7:73:b9:df:2b:0c:b1:d2:02:c5:2a:
67:cc:a7:46:a7:37:39:49:ac:e6:0a:17:69:b2:e3:83:1f:af:
70:b9:5e:3c:e2:0b:e2:7b:e3:10:b4:7b:ee:42:3f:c6:1a:53:
2c:de:aa:87:a3:56:39:03:68:40:26:9b:eb:f5:80:04:41:db:
a3:11:ba:31:01:0d:4c:f7:21:1f:3a:f4:00:d3:c8:c2:9c:97:
c2:c4:fa:7b:c7:21:62:d0:04:b9:1d:6d:fe:f7:6c:24:6d:66:
96:68:90:ef:0f:f9:93:62:9d:bb:01:dd:50:2f:07:f0:15:fc:
62:a6:9e:96:d0:fc:3e:a2:f6:c7:38:80:ce:96:3a:3c:53:5b:
a3:c2:ee:f7:4c:98:f6:0c:5d:32:e1:b3:f4:f7:9a:d6:4e:d4:
9c:a4:2e:5a:c6:60:11:13:98:ba:a6:37:8e:69:bd:be:a3:a1:
3d:91:3d:e8:16:d9:7f:dd:37:61:51:59:27:b3:cf:18:84:e8:
71:dd:c0:3e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEwowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlGMDI5NDMzQTdCNTcw
MDIzOTcyMjc5MDZBQjNBRTVCQjMxNjRFQUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCz6JXraUwX3jIwWdZE242XS90dMz41y1sDLnJxuMGL+HR2oN2e
SttQhJ0PaLyi1wbscNUXXAgGPWgkL4kskl9ix6P8ijGDxRVbSMh2ZQVllSuFxweb
3mR8hqnzJFf1A82C4RG8rOBEJWhGAxZxM66Q4oh0QMFGPMCqU/HFYmTq69J+kTrH
3l5wtIK5ZTvr+Edu+7MJ++Mtx/GN1tRHbESZdL3KEENylcEEaNe+Ez+BcXfyizJe
7jg53vXICBHcU+GUHh/PPljRSfZXiOt5frQ+x/QAbodqDNVbivBect8hQT7fR/hY
IZSq5HCbZ9QFdL1d3qQVSB/rPV2kE2KkobnHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUnwKUM6e1cAI5cieQarOuW7MWTqowHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvbndLVU02ZTFjQUk1Y2llUWFyT3VX
N01XVHFvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB8qygDAN
BgkqhkiG9w0BAQsFAAOCAQEAKfpxqS+/kAdRDdbFVN9qe2NoPS+4w607VE5G/lZV
FAFCV8Cn0HYYqhGfmzAux/PsfV8RlWkWh49/EcrOJddzud8rDLHSAsUqZ8ynRqc3
OUms5goXabLjgx+vcLlePOIL4nvjELR77kI/xhpTLN6qh6NWOQNoQCab6/WABEHb
oxG6MQENTPchHzr0ANPIwpyXwsT6e8chYtAEuR1t/vdsJG1mlmiQ7w/5k2KduwHd
UC8H8BX8YqaeltD8PqL2xziAzpY6PFNbo8Lu90yY9gxdMuGz9Pea1k7UnKQuWsZg
EROYuqY3jmm9vqOhPZE96BbZf903YVFZJ7PPGITocd3APg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org