Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/s_Hqn0ad9XkKR3HX7XgFns-FHgs.roa
File: s_Hqn0ad9XkKR3HX7XgFns-FHgs.roa (raw, json)
Hash identifier: SMbAK19XiMkyynhqLi5BoqoP2pl9b20xw1Ml+gl8V88=
Subject key identifier: B3:F1:EA:9F:46:9D:F5:79:0A:47:71:D7:ED:78:05:9E:CF:85:1E:0B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1295
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/s_Hqn0ad9XkKR3HX7XgFns-FHgs.roa
Signing time: Fri 01 Sep 2023 08:04:39 +0000
ROA not before: Fri 01 Sep 2023 08:04:39 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 210.63.208.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4757 (0x1295)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:39 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=B3F1EA9F469DF5790A4771D7ED78059ECF851E0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a5:68:9d:d6:94:62:d4:b9:81:ad:c2:4b:79:
ab:d9:04:67:41:8b:09:db:7c:e9:77:f3:b1:df:9a:
81:2d:d3:31:c1:b4:56:0c:eb:91:17:f7:19:0a:5d:
b5:63:8e:8c:0e:db:ca:f0:67:fe:3a:ec:e2:73:a5:
51:51:6b:4d:6b:aa:80:e2:a3:61:c2:ba:69:56:72:
12:c1:6b:a1:69:58:c7:9a:db:ae:d4:c1:4c:f8:a7:
48:e8:28:1a:b1:1c:3f:b3:98:fb:b2:f7:3f:89:13:
5b:27:76:91:ae:22:70:48:84:f9:0e:5d:77:e5:c9:
12:f2:06:ef:62:ed:4a:52:ce:41:c8:0c:6b:85:7a:
ae:36:f0:53:d3:53:6c:88:ef:1f:16:f6:a5:84:f9:
8d:0c:59:b6:1f:b7:f8:e0:91:30:cf:f5:8c:38:b2:
ef:8f:45:bd:96:5c:9a:1a:ac:98:84:66:5d:31:a3:
64:b1:a6:db:e1:49:eb:e4:fb:bf:c3:9e:f6:cd:20:
92:9e:a0:57:fb:43:b6:02:26:eb:ef:c6:a3:aa:95:
f3:ac:5a:33:e6:f6:99:df:ab:3d:16:f0:3a:c4:3f:
9c:a6:53:69:04:68:64:02:b3:3e:22:0c:ba:11:94:
42:24:6a:dd:52:95:e9:a3:ed:2a:64:c5:38:3b:2b:
7c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:F1:EA:9F:46:9D:F5:79:0A:47:71:D7:ED:78:05:9E:CF:85:1E:0B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/s_Hqn0ad9XkKR3HX7XgFns-FHgs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.208.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:75:4e:5b:e5:40:e2:a3:7d:8d:ca:c2:dc:fe:e0:bd:a1:ce:
9d:61:db:e3:9c:f7:2f:58:64:f2:df:3d:5b:c0:2e:f7:bf:61:
b3:ce:1a:e4:04:fe:e1:01:09:7e:8c:28:99:64:2b:da:81:1d:
dc:43:81:53:4c:02:09:ff:64:36:cc:61:cf:eb:a1:24:9e:74:
7e:1b:de:49:3a:8b:fc:5e:bb:36:93:55:0d:cc:16:79:d2:5a:
06:20:0b:4e:e0:a6:69:bc:bb:d3:d1:21:9d:2b:84:cb:86:c2:
7e:b0:19:ce:19:c8:c2:4d:e0:2d:76:f2:6f:43:43:d3:83:6e:
33:72:71:81:bc:09:ca:07:fa:cb:ca:59:5b:bb:8c:33:df:e8:
67:32:d8:f6:c1:ea:bd:0b:d1:94:6f:4e:41:01:fa:0c:95:53:
fe:0e:cb:0f:f8:c0:c6:f7:65:83:38:97:68:c6:0c:73:95:b5:
3c:d2:9f:ce:f1:2f:21:3b:18:28:e3:f7:0a:06:17:17:30:d0:
d7:56:13:70:5c:31:8d:4d:55:49:56:76:3a:cb:6e:50:9d:88:
8b:ee:fd:67:3f:24:6b:92:7f:37:75:34:75:8b:0c:3b:69:4d:
23:42:17:9a:88:63:07:97:ab:3d:7d:14:7c:c0:74:bc:6b:dd:
dd:24:ee:79
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEpUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEIzRjFFQTlGNDY5REY1
NzkwQTQ3NzFEN0VENzgwNTlFQ0Y4NTFFMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4pWid1pRi1LmBrcJLeavZBGdBiwnbfOl387HfmoEt0zHBtFYM
65EX9xkKXbVjjowO28rwZ/467OJzpVFRa01rqoDio2HCumlWchLBa6FpWMea267U
wUz4p0joKBqxHD+zmPuy9z+JE1sndpGuInBIhPkOXXflyRLyBu9i7UpSzkHIDGuF
eq428FPTU2yI7x8W9qWE+Y0MWbYft/jgkTDP9Yw4su+PRb2WXJoarJiEZl0xo2Sx
ptvhSevk+7/DnvbNIJKeoFf7Q7YCJuvvxqOqlfOsWjPm9pnfqz0W8DrEP5ymU2kE
aGQCsz4iDLoRlEIkat1Slemj7SpkxTg7K3wfAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUs/Hqn0ad9XkKR3HX7XgFns+FHgswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvc19IcW4wYWQ5WGtLUjNIWDdYZ0Zu
cy1GSGdzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9I/0DAN
BgkqhkiG9w0BAQsFAAOCAQEAqnVOW+VA4qN9jcrC3P7gvaHOnWHb45z3L1hk8t89
W8Au979hs84a5AT+4QEJfowomWQr2oEd3EOBU0wCCf9kNsxhz+uhJJ50fhveSTqL
/F67NpNVDcwWedJaBiALTuCmaby709EhnSuEy4bCfrAZzhnIwk3gLXbyb0ND04Nu
M3JxgbwJygf6y8pZW7uMM9/oZzLY9sHqvQvRlG9OQQH6DJVT/g7LD/jAxvdlgziX
aMYMc5W1PNKfzvEvITsYKOP3CgYXFzDQ11YTcFwxjU1VSVZ2OstuUJ2Ii+79Zz8k
a5J/N3U0dYsMO2lNI0IXmohjB5erPX0UfMB0vGvd3STueQ==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org