Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/tbze458A8TXlHid5qYbldtukkws.roa
File: tbze458A8TXlHid5qYbldtukkws.roa (raw, json)
Hash identifier: nkslCkUNocrAFSie9Uxt7BTuLRI0SkN3PZo3dnNXY2E=
Subject key identifier: B5:BC:DE:E3:9F:00:F1:35:E5:1E:27:79:A9:86:E5:76:DB:A4:93:0B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 13A9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/tbze458A8TXlHid5qYbldtukkws.roa
Signing time: Wed 13 Dec 2023 02:48:47 +0000
ROA not before: Wed 13 Dec 2023 02:48:47 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 222.250.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5033 (0x13a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Dec 13 02:48:47 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=B5BCDEE39F00F135E51E2779A986E576DBA4930B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9f:3b:d8:ff:fb:2c:ca:aa:9f:e3:4f:d0:ae:
f7:e5:2b:cc:c8:de:14:45:e1:9a:43:dd:f7:35:24:
e3:45:19:79:b1:9f:39:d2:20:4a:41:28:7e:13:6f:
dd:29:75:2b:af:1a:af:b9:c6:09:2d:b1:c7:c9:43:
6f:bd:40:25:97:d8:49:dc:d8:75:fc:ca:06:d4:ae:
02:c7:b4:34:13:03:7b:d7:48:3a:17:f2:db:22:c8:
6f:a9:5c:81:00:21:e5:d7:c1:2d:85:7a:67:fa:58:
25:f5:2c:85:6c:9f:aa:57:17:ed:28:b6:52:8f:fa:
46:2a:48:97:98:ce:85:6c:09:1c:e9:b0:bd:f3:88:
62:f5:28:4c:bb:ef:66:ca:88:57:b8:cc:ba:02:0f:
8e:ff:86:dd:f8:b8:a3:60:19:04:e7:ca:ad:b2:b5:
26:18:38:00:e7:c2:52:1e:44:24:1f:89:3c:dc:f5:
dd:99:36:87:50:48:c9:11:59:5a:07:a9:24:de:ee:
a7:70:ac:4b:2a:61:ed:16:66:b8:f5:ba:f3:d9:f0:
f5:6a:97:f3:a8:03:bf:c0:b5:51:0c:f3:f7:fb:49:
16:29:19:8e:43:75:10:26:6a:46:34:39:9a:4e:f6:
90:6d:f2:b4:ca:de:cd:e8:0b:0c:97:e6:1e:80:9c:
52:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BC:DE:E3:9F:00:F1:35:E5:1E:27:79:A9:86:E5:76:DB:A4:93:0B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/tbze458A8TXlHid5qYbldtukkws.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.250.64.0/18
Signature Algorithm: sha256WithRSAEncryption
32:da:16:f2:ce:41:8a:2a:b3:09:df:41:b4:c4:6d:4b:f4:77:
43:2c:dc:dd:8c:94:2e:74:fc:64:db:ee:a7:55:60:6e:0f:5c:
3d:c6:2d:d0:17:ac:52:68:fb:44:7a:ac:33:22:3b:f6:27:4f:
0a:f2:93:bd:67:95:24:81:01:47:0c:52:20:42:a5:95:3b:e3:
06:a5:27:95:22:b3:21:4d:27:0d:9d:b2:37:f3:ee:e3:78:f2:
87:bd:93:de:74:3d:52:11:ad:81:b1:61:dc:5a:bc:db:fa:12:
a8:d2:03:50:f4:82:bf:f2:12:f8:26:8a:3e:45:28:17:61:35:
e4:1a:c7:e4:39:ff:32:ee:6b:72:50:90:a9:93:e9:16:54:bc:
a0:ae:40:07:03:48:97:5f:1b:cd:33:16:26:8b:4d:31:05:46:
c7:fc:26:36:1b:22:20:e7:e8:99:26:2a:95:a8:75:e9:a0:62:
5f:3f:f4:0a:c5:18:ca:cb:66:6b:d7:d3:44:03:b1:31:41:74:
a2:c4:35:37:d9:a2:cc:96:d3:8d:86:ac:77:55:89:a2:08:e6:
d1:aa:fd:a8:47:a2:8d:0b:1b:a8:f5:8a:c9:4d:3b:ec:48:4f:
b1:00:19:0b:7b:33:24:61:3a:9f:5c:1f:31:33:30:fd:9d:aa:
37:7c:0a:fc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICE6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzEyMTMw
MjQ4NDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI1QkNERUUzOUYwMEYx
MzVFNTFFMjc3OUE5ODZFNTc2REJBNDkzMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfnzvY//ssyqqf40/QrvflK8zI3hRF4ZpD3fc1JONFGXmxnznS
IEpBKH4Tb90pdSuvGq+5xgktscfJQ2+9QCWX2Enc2HX8ygbUrgLHtDQTA3vXSDoX
8tsiyG+pXIEAIeXXwS2Femf6WCX1LIVsn6pXF+0otlKP+kYqSJeYzoVsCRzpsL3z
iGL1KEy772bKiFe4zLoCD47/ht34uKNgGQTnyq2ytSYYOADnwlIeRCQfiTzc9d2Z
NodQSMkRWVoHqSTe7qdwrEsqYe0WZrj1uvPZ8PVql/OoA7/AtVEM8/f7SRYpGY5D
dRAmakY0OZpO9pBt8rTK3s3oCwyX5h6AnFIDAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUtbze458A8TXlHid5qYbldtukkwswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdGJ6ZTQ1OEE4VFhsSGlkNXFZYmxk
dHVra3dzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBt76QDAN
BgkqhkiG9w0BAQsFAAOCAQEAMtoW8s5BiiqzCd9BtMRtS/R3Qyzc3YyULnT8ZNvu
p1Vgbg9cPcYt0BesUmj7RHqsMyI79idPCvKTvWeVJIEBRwxSIEKllTvjBqUnlSKz
IU0nDZ2yN/Pu43jyh72T3nQ9UhGtgbFh3Fq82/oSqNIDUPSCv/IS+CaKPkUoF2E1
5BrH5Dn/Mu5rclCQqZPpFlS8oK5ABwNIl18bzTMWJotNMQVGx/wmNhsiIOfomSYq
lah16aBiXz/0CsUYystma9fTRAOxMUF0osQ1N9mizJbTjYasd1WJogjm0ar9qEei
jQsbqPWKyU077EhPsQAZC3szJGE6n1wfMTMw/Z2qN3wK/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org