Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/qm_YD3QNanWjS5gAMxz3oHIZuBI.roa
File: qm_YD3QNanWjS5gAMxz3oHIZuBI.roa (raw, json)
Hash identifier: JAQoOvAc6F8U5z2HrQRoYBG9omJQznErjizhovhwoUI=
Subject key identifier: AA:6F:D8:0F:74:0D:6A:75:A3:4B:98:00:33:1C:F7:A0:72:19:B8:12
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12E1
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/qm_YD3QNanWjS5gAMxz3oHIZuBI.roa
Signing time: Fri 01 Sep 2023 08:05:06 +0000
ROA not before: Fri 01 Sep 2023 08:05:06 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.250.128.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4833 (0x12e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:06 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=AA6FD80F740D6A75A34B9800331CF7A07219B812
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6e:37:10:88:c3:e7:6e:14:08:67:53:0f:69:
49:20:a2:0a:56:d4:0f:0f:0b:02:7c:36:74:5d:4f:
7b:07:64:f0:a4:8e:be:74:ea:bf:f2:84:1f:9d:20:
65:76:40:92:da:1a:98:6c:5d:55:d6:67:1f:6a:cd:
c8:97:c5:5b:a2:a3:af:80:86:72:9e:57:f7:8e:b3:
01:ba:d1:cc:e6:39:bc:84:f2:27:97:17:b0:7d:c9:
b2:80:52:7a:78:c4:72:8d:24:23:01:e1:ad:bb:4d:
32:b9:9d:16:37:42:88:57:64:3d:35:b5:f4:cd:a8:
00:09:38:1b:a3:39:da:ae:a9:70:7b:20:f4:cb:ef:
eb:89:04:2e:4e:05:5d:d1:28:51:fe:76:7f:82:b2:
7a:88:f4:c3:9c:a9:77:13:a8:b5:9d:e0:7d:fd:b2:
17:54:36:32:30:3e:de:ea:90:89:42:cc:96:18:dc:
32:5d:e2:d2:85:6b:10:54:98:c7:08:c3:37:23:d2:
72:8e:02:0e:a2:70:c5:ba:90:43:35:1e:78:73:ab:
17:ae:5a:09:14:c1:d9:b4:05:77:f1:e6:b7:d0:62:
ec:ef:8c:35:23:a2:30:c9:55:9e:68:cc:a5:4c:1c:
6a:5d:3f:8f:8a:8b:73:99:46:a6:8e:03:42:a2:29:
c8:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6F:D8:0F:74:0D:6A:75:A3:4B:98:00:33:1C:F7:A0:72:19:B8:12
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/qm_YD3QNanWjS5gAMxz3oHIZuBI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.128.0/18
Signature Algorithm: sha256WithRSAEncryption
71:2f:f5:5c:8f:dc:f6:c1:f6:27:40:3a:6b:28:65:df:15:48:
c0:51:69:f2:25:8e:6a:e2:5b:d7:26:46:0f:88:52:58:ec:50:
15:45:99:c5:be:19:f9:e7:52:fd:c9:a5:9b:ac:b8:db:a3:08:
fb:a7:e2:75:22:23:5b:3a:82:6a:71:04:8d:66:75:04:43:cc:
6b:4e:a3:3f:99:c9:ab:71:7a:5b:d2:41:43:60:ad:7b:f8:e6:
97:c8:df:a0:90:e9:aa:ef:ed:bb:ba:2e:3b:be:50:90:ab:51:
d6:8c:41:13:50:9e:56:e5:e0:86:09:ca:ca:e1:81:94:d8:d0:
88:f9:9b:95:ff:bf:85:ee:6a:15:02:14:04:1f:78:0e:15:b6:
3e:21:e6:00:8d:39:80:52:be:89:67:47:8f:2e:7c:da:27:5f:
82:26:da:13:ef:d2:c8:ed:9c:34:f0:ce:eb:46:6c:63:93:82:
d1:20:28:b2:94:ed:5b:19:57:dd:27:6a:45:ca:cc:04:32:bb:
3b:ac:1a:f6:9d:fa:11:a5:61:89:fe:c2:32:9a:f6:d8:1e:a4:
61:39:ea:0c:75:99:b3:4a:2c:e0:d5:39:6d:bf:17:b0:19:30:
40:ac:cf:f9:76:fa:5d:a2:d1:db:f7:9d:13:bc:a9:60:fc:7d:
8f:b8:44:27
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEuEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFBNkZEODBGNzQwRDZB
NzVBMzRCOTgwMDMzMUNGN0EwNzIxOUI4MTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvbjcQiMPnbhQIZ1MPaUkgogpW1A8PCwJ8NnRdT3sHZPCkjr50
6r/yhB+dIGV2QJLaGphsXVXWZx9qzciXxVuio6+AhnKeV/eOswG60czmObyE8ieX
F7B9ybKAUnp4xHKNJCMB4a27TTK5nRY3QohXZD01tfTNqAAJOBujOdquqXB7IPTL
7+uJBC5OBV3RKFH+dn+CsnqI9MOcqXcTqLWd4H39shdUNjIwPt7qkIlCzJYY3DJd
4tKFaxBUmMcIwzcj0nKOAg6icMW6kEM1HnhzqxeuWgkUwdm0BXfx5rfQYuzvjDUj
ojDJVZ5ozKVMHGpdP4+Ki3OZRqaOA0KiKciBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUqm/YD3QNanWjS5gAMxz3oHIZuBIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcW1fWUQzUU5hbldqUzVnQU14ejNv
SEladUJJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt76gDAN
BgkqhkiG9w0BAQsFAAOCAQEAcS/1XI/c9sH2J0A6ayhl3xVIwFFp8iWOauJb1yZG
D4hSWOxQFUWZxb4Z+edS/cmlm6y426MI+6fidSIjWzqCanEEjWZ1BEPMa06jP5nJ
q3F6W9JBQ2Cte/jml8jfoJDpqu/tu7ouO75QkKtR1oxBE1CeVuXghgnKyuGBlNjQ
iPmblf+/he5qFQIUBB94DhW2PiHmAI05gFK+iWdHjy582idfgibaE+/SyO2cNPDO
60ZsY5OC0SAospTtWxlX3SdqRcrMBDK7O6wa9p36EaVhif7CMpr22B6kYTnqDHWZ
s0os4NU5bb8XsBkwQKzP+Xb6XaLR2/edE7ypYPx9j7hEJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:01 2024 by rpki-client on console-ams.rpki-client.org