Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/oDU8GtDTzvxKdEGv8yUKURHAc-M.roa
File: oDU8GtDTzvxKdEGv8yUKURHAc-M.roa (raw, json)
Hash identifier: NuVWjAOPv94VksccHQu/i82Cdgwf/8r3/tTRnl19fhY=
Subject key identifier: A0:35:3C:1A:D0:D3:CE:FC:4A:74:41:AF:F3:25:0A:51:11:C0:73:E3
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1372
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oDU8GtDTzvxKdEGv8yUKURHAc-M.roa
Signing time: Tue 07 Nov 2023 05:46:14 +0000
ROA not before: Tue 07 Nov 2023 05:46:14 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9922
IP address blocks: 124.218.173.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4978 (0x1372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Nov 7 05:46:14 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A0353C1AD0D3CEFC4A7441AFF3250A5111C073E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f3:06:d5:21:fb:6f:90:f8:da:83:fb:d9:69:
fe:54:dd:ab:8f:1d:a6:7f:c4:9a:02:65:b1:b4:d4:
71:14:3d:6b:dd:86:37:0e:00:9e:04:83:d8:fc:32:
1b:1a:97:b2:e8:08:42:4f:b5:ac:33:db:29:e9:58:
8b:e6:39:36:10:ad:49:43:8a:fb:2d:13:e9:a8:d4:
35:06:52:96:08:8e:cc:e4:b5:a7:be:84:cb:08:66:
3a:90:29:9f:71:be:ec:3b:b1:8c:ed:dd:3d:f1:ce:
15:ef:1a:28:99:65:b4:38:f1:bb:de:13:bd:06:0c:
4e:c8:bd:5a:d0:28:29:ed:93:52:8a:3e:23:0e:73:
ed:a2:c7:b5:f7:72:f7:c4:38:16:36:49:e0:a1:be:
28:c2:44:75:f5:2d:b3:6c:6d:17:2e:93:5c:83:e9:
62:ff:c0:ed:3d:e1:3d:c0:50:f6:b6:4c:05:c3:df:
15:04:fc:91:08:b3:cd:c2:ad:36:98:7f:b3:c6:24:
35:2f:0f:d8:96:18:e1:20:6d:a5:58:a4:83:9c:7f:
ae:1c:2b:33:9b:be:04:b2:48:6f:d9:d4:41:9a:82:
04:b9:cc:9d:b8:b3:ef:f3:4d:92:32:42:a7:6a:25:
f4:5b:9d:4a:46:4b:ac:ee:e0:0a:25:a4:d3:17:c2:
c5:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:35:3C:1A:D0:D3:CE:FC:4A:74:41:AF:F3:25:0A:51:11:C0:73:E3
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/oDU8GtDTzvxKdEGv8yUKURHAc-M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.173.0/24
Signature Algorithm: sha256WithRSAEncryption
05:d9:5b:0a:02:82:ac:90:6e:fb:1b:d8:02:93:14:af:9f:7b:
a2:b0:85:e1:9a:5a:bc:03:40:29:da:f9:f8:2a:7a:b3:90:9d:
6d:9e:7b:d8:3f:94:03:db:cf:fd:e5:64:b3:92:50:0c:64:0d:
be:7a:eb:bc:91:6f:60:48:ea:1b:76:23:ac:1e:a8:d4:df:88:
8c:8d:fa:bd:e7:af:cf:65:59:b2:79:a0:11:22:15:6c:b5:e8:
57:bb:82:0b:fc:01:d2:25:56:32:b3:36:13:f5:99:5e:9c:d3:
e9:15:de:94:48:ed:89:0b:88:ef:b0:29:94:de:bf:68:e7:3f:
3a:f1:e9:bd:1b:f2:76:36:3a:bf:70:13:9d:9b:02:df:5b:d5:
f3:37:52:7b:a8:51:ed:71:28:52:f7:01:c1:99:3c:17:91:eb:
91:81:83:74:ce:07:41:70:d9:15:d1:cf:eb:6a:c8:62:5f:71:
aa:5a:a2:d2:41:e5:d8:b9:82:c3:8c:27:b4:48:69:80:ae:ee:
ab:2b:4f:19:16:eb:2c:57:e3:1a:9c:f3:1b:e2:b3:cd:15:59:
14:19:cb:3b:22:05:d0:4a:94:02:ff:b7:c5:e9:fa:99:fc:b1:
84:da:a1:95:29:ee:6c:e0:ab:ae:62:90:b3:29:ac:98:d4:9a:
04:6f:86:ff
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICE3IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzExMDcw
NTQ2MTRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEwMzUzQzFBRDBEM0NF
RkM0QTc0NDFBRkYzMjUwQTUxMTFDMDczRTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK8wbVIftvkPjag/vZaf5U3auPHaZ/xJoCZbG01HEUPWvdhjcO
AJ4Eg9j8Mhsal7LoCEJPtawz2ynpWIvmOTYQrUlDivstE+mo1DUGUpYIjszktae+
hMsIZjqQKZ9xvuw7sYzt3T3xzhXvGiiZZbQ48bveE70GDE7IvVrQKCntk1KKPiMO
c+2ix7X3cvfEOBY2SeChvijCRHX1LbNsbRcuk1yD6WL/wO094T3AUPa2TAXD3xUE
/JEIs83CrTaYf7PGJDUvD9iWGOEgbaVYpIOcf64cKzObvgSySG/Z1EGaggS5zJ24
s+/zTZIyQqdqJfRbnUpGS6zu4AolpNMXwsXBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUoDU8GtDTzvxKdEGv8yUKURHAc+MwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvb0RVOEd0RFR6dnhLZEVHdjh5VUtV
UkhBYy1NLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHzarTAN
BgkqhkiG9w0BAQsFAAOCAQEABdlbCgKCrJBu+xvYApMUr597orCF4ZpavANAKdr5
+Cp6s5CdbZ572D+UA9vP/eVks5JQDGQNvnrrvJFvYEjqG3YjrB6o1N+IjI36veev
z2VZsnmgESIVbLXoV7uCC/wB0iVWMrM2E/WZXpzT6RXelEjtiQuI77AplN6/aOc/
OvHpvRvydjY6v3ATnZsC31vV8zdSe6hR7XEoUvcBwZk8F5HrkYGDdM4HQXDZFdHP
62rIYl9xqlqi0kHl2LmCw4wntEhpgK7uqytPGRbrLFfjGpzzG+KzzRVZFBnLOyIF
0EqUAv+3xen6mfyxhNqhlSnubOCrrmKQsymsmNSaBG+G/w==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:50:43 2024 by rpki-client on console-fra.rpki-client.org