Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/s3QXT56lZytIZzIIOVBSBB3EV9g.roa
File: s3QXT56lZytIZzIIOVBSBB3EV9g.roa (raw, json)
Hash identifier: nwqDGuJbrdjIHDucysDYL3YaVVc8vNKpryEBMiiZ5Ak=
Subject key identifier: B3:74:17:4F:9E:A5:67:2B:48:67:32:08:39:50:52:04:1D:C4:57:D8
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/s3QXT56lZytIZzIIOVBSBB3EV9g.roa
Signing time: Thu 15 Sep 2022 02:40:33 +0000
ROA not before: Thu 15 Sep 2022 02:40:33 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 218.34.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:40:33 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=B374174F9EA5672B48673208395052041DC457D8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:75:7e:a3:9c:79:81:8a:a5:aa:8b:20:09:33:
12:92:8c:45:11:30:31:81:3b:d4:1f:89:c0:b7:1f:
2b:02:56:ea:0d:f8:d1:c2:fb:7c:64:a4:d1:2c:0a:
cc:f3:78:7b:21:65:7e:a0:1c:86:6c:f8:ca:45:a0:
b5:e9:e9:4f:56:38:28:0e:5c:40:ab:da:60:03:60:
47:e4:18:8d:39:91:80:f1:4e:2c:0b:bf:04:b5:f9:
e9:68:37:09:76:b7:3c:5c:66:1a:40:52:9f:fe:17:
d3:d4:5d:f5:65:13:d3:6c:59:ce:6d:38:de:f5:62:
2c:ff:31:e7:f7:2c:f6:91:98:f6:5d:3b:64:b7:32:
39:3d:b9:ed:99:48:cc:42:59:eb:91:df:de:c4:b3:
85:fb:e5:c7:5e:2d:8d:92:fc:fb:01:6c:4e:69:39:
ab:58:c5:26:6f:38:e7:b0:ea:8a:33:7a:86:52:3b:
27:4f:0a:bc:1e:41:5f:ca:d0:ca:51:13:a0:fa:3f:
61:1a:ca:1f:03:28:65:45:c1:c4:14:dc:95:68:8f:
4f:8c:e9:f8:a8:a8:75:40:bb:43:06:91:f8:76:1c:
60:3e:da:a4:e9:6d:31:75:eb:be:82:99:57:24:1e:
68:f9:56:8c:b1:72:63:ea:a3:b3:e8:83:4b:8d:a1:
84:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:74:17:4F:9E:A5:67:2B:48:67:32:08:39:50:52:04:1D:C4:57:D8
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/s3QXT56lZytIZzIIOVBSBB3EV9g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0e:89:69:2c:5e:2e:55:5f:46:a2:da:a4:61:ee:0c:69:54:82:
e5:ac:45:95:45:ca:3a:66:af:55:32:0a:49:23:32:00:f8:50:
40:a0:72:59:dd:c9:74:1e:41:7b:c4:1d:9f:92:d2:6f:82:a7:
e5:b8:f5:13:1c:44:d0:6b:d8:d8:bb:5d:fb:12:54:00:18:49:
3a:49:e0:66:9c:18:02:f7:4e:83:7e:7e:63:76:6e:74:49:02:
25:1d:10:16:e8:b9:d2:64:20:7d:44:3d:37:77:8e:88:6a:6e:
74:8f:9e:fc:bd:69:bd:c0:24:a5:60:10:aa:01:30:ce:ac:4a:
0f:6a:68:c7:2f:85:51:55:d8:f9:50:6b:65:da:8e:ab:5e:58:
af:cc:7a:21:15:1e:74:29:f0:61:19:ef:3f:cb:95:89:15:f8:
d5:71:0b:1a:91:b1:02:fe:1f:0c:86:78:4d:c1:d5:7f:38:4f:
ca:3d:d8:4b:f5:2c:a1:37:30:86:db:42:1b:ab:55:6e:a8:03:
de:25:23:15:86:d7:12:9a:13:6a:e5:35:f8:8a:52:99:8b:56:
8a:40:49:d5:a8:8d:c9:8d:c6:7c:6c:bf:0d:ff:db:f2:04:ea:
83:1e:b1:58:6f:d3:1d:05:92:7f:4d:59:7d:ff:ad:f6:8e:0e:
7b:8e:c2:bb
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMzNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEIzNzQxNzRGOUVBNTY3
MkI0ODY3MzIwODM5NTA1MjA0MURDNDU3RDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDydX6jnHmBiqWqiyAJMxKSjEURMDGBO9QficC3HysCVuoN+NHC
+3xkpNEsCszzeHshZX6gHIZs+MpFoLXp6U9WOCgOXECr2mADYEfkGI05kYDxTiwL
vwS1+eloNwl2tzxcZhpAUp/+F9PUXfVlE9NsWc5tON71Yiz/Mef3LPaRmPZdO2S3
Mjk9ue2ZSMxCWeuR397Es4X75cdeLY2S/PsBbE5pOatYxSZvOOew6oozeoZSOydP
CrweQV/K0MpRE6D6P2Eayh8DKGVFwcQU3JVoj0+M6fioqHVAu0MGkfh2HGA+2qTp
bTF1676CmVckHmj5VoyxcmPqo7Pog0uNoYTrAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUs3QXT56lZytIZzIIOVBSBB3EV9gwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvczNRWFQ1NmxaeXRJWnpJSU9WQlNC
QjNFVjlnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDANoiMA0G
CSqGSIb3DQEBCwUAA4IBAQAOiWksXi5VX0ai2qRh7gxpVILlrEWVRco6Zq9VMgpJ
IzIA+FBAoHJZ3cl0HkF7xB2fktJvgqfluPUTHETQa9jYu137ElQAGEk6SeBmnBgC
906Dfn5jdm50SQIlHRAW6LnSZCB9RD03d46Iam50j578vWm9wCSlYBCqATDOrEoP
amjHL4VRVdj5UGtl2o6rXlivzHohFR50KfBhGe8/y5WJFfjVcQsakbEC/h8MhnhN
wdV/OE/KPdhL9SyhNzCG20Ibq1VuqAPeJSMVhtcSmhNq5TX4ilKZi1aKQEnVqI3J
jcZ8bL8N/9vyBOqDHrFYb9MdBZJ/TVl9/632jg57jsK7
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org