Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/rla1oLsiNQnkXpDQkAWcUlzqbH8.roa
File: rla1oLsiNQnkXpDQkAWcUlzqbH8.roa (raw, json)
Hash identifier: 660x+YtpADLm7C2w4ERFnsZipY/9iFF3jdv8uzcLTn0=
Subject key identifier: AE:56:B5:A0:BB:22:35:09:E4:5E:90:D0:90:05:9C:52:5C:EA:6C:7F
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 108A
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rla1oLsiNQnkXpDQkAWcUlzqbH8.roa
Signing time: Tue 16 May 2023 08:36:19 +0000
ROA not before: Tue 16 May 2023 08:36:19 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24154
IP address blocks: 210.200.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4234 (0x108a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:19 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=AE56B5A0BB223509E45E90D090059C525CEA6C7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:33:81:03:cc:e4:7f:a0:7c:49:ed:61:4a:
17:72:6d:1c:60:d9:5c:99:34:d8:a5:e0:31:e1:70:
51:f5:ea:9a:0f:00:c3:7f:30:5f:b1:d2:f0:f5:b4:
80:9e:79:a5:d0:1e:b5:a1:c5:e7:91:a8:98:7c:31:
2b:33:9a:80:e3:54:af:7c:ed:c7:d2:6e:2e:20:e1:
6b:d1:dc:4a:72:00:ec:7b:92:f3:c0:df:8e:af:19:
3e:f7:9f:44:a4:ef:90:d3:74:3f:57:31:41:77:51:
27:f9:aa:05:25:07:91:27:33:7d:05:26:36:cf:8d:
b9:3f:8a:9b:e1:8a:a9:43:12:4a:57:cd:6b:e0:97:
30:48:df:34:5e:cb:cb:b9:69:8c:e9:42:4d:9c:cc:
e1:a7:2f:8a:1f:ee:b0:02:65:a5:5a:98:c8:d7:6f:
a9:5c:b5:d1:47:14:92:8f:2d:9d:d1:68:94:6a:5a:
55:b4:18:30:72:fe:65:84:04:7d:8f:c5:42:5c:a9:
62:a8:58:93:bc:0d:27:ec:ed:75:a4:ac:a2:8d:c6:
d9:c3:ec:10:e5:17:92:58:3a:ee:c2:cb:4d:b3:37:
84:2b:46:56:11:7e:4a:e0:69:fe:4e:0d:94:5f:3b:
5d:ec:c0:8f:03:9f:dd:1f:1a:5b:3e:4e:79:00:9d:
71:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:56:B5:A0:BB:22:35:09:E4:5E:90:D0:90:05:9C:52:5C:EA:6C:7F
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/rla1oLsiNQnkXpDQkAWcUlzqbH8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.8.0/21
Signature Algorithm: sha256WithRSAEncryption
95:98:d7:9b:db:8a:5f:85:32:bf:37:fc:fd:74:d9:b7:d9:6c:
d2:9d:7b:4a:c6:0f:96:01:9c:ab:15:0e:b8:ce:35:b1:8c:2b:
be:14:45:60:09:30:1d:b6:4c:91:eb:a6:8d:f6:f1:ad:fa:1d:
13:b0:d9:b0:82:2a:37:bb:3a:2f:d5:6a:92:e8:10:a1:83:87:
28:d6:bc:38:74:e8:30:54:2a:8a:70:f8:db:cb:d6:30:dd:9c:
29:73:62:1e:b3:f2:da:15:ba:87:fd:bd:62:7a:67:1d:94:ac:
96:5f:be:bd:9b:f0:d3:29:6d:7c:68:01:bd:d3:d4:90:4d:0b:
7c:dd:f7:b5:bb:bc:67:9b:55:5a:b0:a0:e1:97:fc:e4:50:68:
42:d1:b7:89:95:2a:f0:8a:1a:f1:9f:ce:9b:4b:67:75:5d:17:
7b:89:67:aa:37:33:ce:21:ef:b1:59:7a:92:51:ef:ea:8e:22:
00:35:46:1a:24:28:93:af:53:68:c1:a5:c9:cc:c5:e1:70:83:
aa:aa:49:e9:2e:33:a6:9e:ba:45:47:18:04:40:86:42:8b:2b:
59:75:1e:66:39:5f:34:5b:53:12:2e:d2:69:dd:78:b5:95:85:
38:90:e1:16:5b:db:6f:42:71:ee:a2:2f:54:07:56:79:0f:97:
ad:77:3e:a6
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEIowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFFNTZCNUEwQkIyMjM1
MDlFNDVFOTBEMDkwMDU5QzUyNUNFQTZDN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3qjOBA8zkf6B8Se1hShdybRxg2VyZNNil4DHhcFH16poPAMN/
MF+x0vD1tICeeaXQHrWhxeeRqJh8MSszmoDjVK987cfSbi4g4WvR3EpyAOx7kvPA
346vGT73n0Sk75DTdD9XMUF3USf5qgUlB5EnM30FJjbPjbk/ipvhiqlDEkpXzWvg
lzBI3zRey8u5aYzpQk2czOGnL4of7rACZaVamMjXb6lctdFHFJKPLZ3RaJRqWlW0
GDBy/mWEBH2PxUJcqWKoWJO8DSfs7XWkrKKNxtnD7BDlF5JYOu7Cy02zN4QrRlYR
fkrgaf5ODZRfO13swI8Dn90fGls+TnkAnXH5AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUrla1oLsiNQnkXpDQkAWcUlzqbH8wHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvcmxhMW9Mc2lOUW5rWHBEUWtBV2NV
bHpxYkg4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9LICDAN
BgkqhkiG9w0BAQsFAAOCAQEAlZjXm9uKX4Uyvzf8/XTZt9ls0p17SsYPlgGcqxUO
uM41sYwrvhRFYAkwHbZMkeumjfbxrfodE7DZsIIqN7s6L9VqkugQoYOHKNa8OHTo
MFQqinD428vWMN2cKXNiHrPy2hW6h/29YnpnHZSsll++vZvw0yltfGgBvdPUkE0L
fN33tbu8Z5tVWrCg4Zf85FBoQtG3iZUq8Ioa8Z/Om0tndV0Xe4lnqjczziHvsVl6
klHv6o4iADVGGiQok69TaMGlyczF4XCDqqpJ6S4zpp66RUcYBECGQosrWXUeZjlf
NFtTEi7Sad14tZWFOJDhFlvbb0Jx7qIvVAdWeQ+XrXc+pg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org