Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/uHHi0g9nKFR4G4gfczyLewqaRSo.roa
File: uHHi0g9nKFR4G4gfczyLewqaRSo.roa (raw, json)
Hash identifier: wTgvi8C5V1RDWa5vf38+U3bQjJz/8p8cQT+Y7AhgJiE=
Subject key identifier: B8:71:E2:D2:0F:67:28:54:78:1B:88:1F:73:3C:8B:7B:0A:9A:45:2A
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12A3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/uHHi0g9nKFR4G4gfczyLewqaRSo.roa
Signing time: Fri 01 Sep 2023 08:04:44 +0000
ROA not before: Fri 01 Sep 2023 08:04:44 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9922
IP address blocks: 124.218.168.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4771 (0x12a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:44 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=B871E2D20F672854781B881F733C8B7B0A9A452A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:36:92:f8:5b:34:54:2c:af:23:82:3d:a7:c7:
0f:b6:95:bb:a3:e7:76:81:65:90:10:02:7d:f4:6b:
c2:87:09:e9:18:9d:51:96:ed:8b:9d:30:bc:4c:7b:
ff:68:c7:c8:fb:d7:17:3d:eb:0d:c0:ff:7b:2d:52:
f6:b7:80:70:f9:2f:40:02:94:6b:88:b0:94:25:03:
47:88:27:9e:6e:32:6e:05:37:e6:3d:f8:ad:3e:3b:
6d:ab:2c:96:6e:52:c8:8d:4a:4b:53:37:bc:f6:a0:
8e:52:0d:87:c9:f3:2b:66:cf:23:ca:f6:42:12:fc:
6a:9f:43:f2:9a:f9:cd:43:7d:b1:05:51:f4:d5:bb:
48:af:ee:ae:5d:c6:34:90:2b:54:62:91:5f:00:21:
ec:48:44:77:86:8b:c6:27:2d:c3:ae:09:9c:e8:3e:
f9:44:e1:bb:b5:ea:3a:7d:e0:1a:c5:02:2f:e4:76:
73:d9:3f:19:78:15:e0:23:d6:1a:ec:bf:43:03:c0:
fc:27:4e:72:f3:c7:10:8a:4c:be:a9:fe:fa:53:92:
3e:e9:6a:8d:cc:4d:83:23:ef:b6:51:c4:a9:2e:79:
1d:b6:54:28:c9:6c:40:f5:2c:81:67:5a:8d:6c:91:
e3:c2:87:1c:72:d3:e0:62:3b:f9:b7:63:f9:cf:d6:
67:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:71:E2:D2:0F:67:28:54:78:1B:88:1F:73:3C:8B:7B:0A:9A:45:2A
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/uHHi0g9nKFR4G4gfczyLewqaRSo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.168.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:fd:f8:1c:18:05:53:32:b5:6b:aa:b9:a1:f2:d3:14:af:06:
52:9d:84:35:80:3a:fb:55:06:a9:cb:b5:6d:e3:e7:7d:64:3d:
62:50:e1:d9:48:c3:df:43:9f:f0:d4:c9:d8:aa:d0:8a:e4:0c:
a1:ce:46:19:c4:24:8d:49:17:89:0a:7e:b3:af:db:ed:62:89:
0a:ef:13:70:ab:25:b9:e1:6e:08:61:d9:80:f5:82:46:e9:54:
4f:87:d4:94:d0:44:70:7e:c9:9c:2a:b2:e2:25:b6:c1:e8:5a:
9d:bc:9f:99:d3:dc:e1:4f:a4:e7:a1:8f:5b:4f:d7:85:5f:7a:
75:0f:b7:0c:51:4a:65:e7:8a:24:8d:97:44:84:37:74:eb:9a:
14:aa:86:30:29:63:e9:ff:82:29:c2:09:19:ce:0b:dd:b1:49:
6d:69:cf:0a:e0:fc:64:46:d5:84:36:04:ad:28:cc:52:d6:bc:
63:91:90:a6:98:fb:65:27:54:69:79:3e:e6:11:d4:93:d1:58:
fd:a5:41:f5:64:90:33:26:3e:71:e5:33:99:ef:f6:e6:77:77:
87:0b:44:92:4a:87:4c:51:46:9f:52:28:ed:74:48:5f:b2:f6:
9f:a4:fd:20:df:43:56:a8:c4:ca:82:97:9b:51:44:9d:cd:00:
9e:60:0e:de
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEqMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI4NzFFMkQyMEY2NzI4
NTQ3ODFCODgxRjczM0M4QjdCMEE5QTQ1MkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDsNpL4WzRULK8jgj2nxw+2lbuj53aBZZAQAn30a8KHCekYnVGW
7YudMLxMe/9ox8j71xc96w3A/3stUva3gHD5L0AClGuIsJQlA0eIJ55uMm4FN+Y9
+K0+O22rLJZuUsiNSktTN7z2oI5SDYfJ8ytmzyPK9kIS/GqfQ/Ka+c1DfbEFUfTV
u0iv7q5dxjSQK1RikV8AIexIRHeGi8YnLcOuCZzoPvlE4bu16jp94BrFAi/kdnPZ
Pxl4FeAj1hrsv0MDwPwnTnLzxxCKTL6p/vpTkj7pao3MTYMj77ZRxKkueR22VCjJ
bED1LIFnWo1skePChxxy0+BiO/m3Y/nP1mdHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUuHHi0g9nKFR4G4gfczyLewqaRSowHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvdUhIaTBnOW5LRlI0RzRnZmN6eUxl
d3FhUlNvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnzaqDAN
BgkqhkiG9w0BAQsFAAOCAQEATP34HBgFUzK1a6q5ofLTFK8GUp2ENYA6+1UGqcu1
bePnfWQ9YlDh2UjD30Of8NTJ2KrQiuQMoc5GGcQkjUkXiQp+s6/b7WKJCu8TcKsl
ueFuCGHZgPWCRulUT4fUlNBEcH7JnCqy4iW2wehanbyfmdPc4U+k56GPW0/XhV96
dQ+3DFFKZeeKJI2XRIQ3dOuaFKqGMClj6f+CKcIJGc4L3bFJbWnPCuD8ZEbVhDYE
rSjMUta8Y5GQppj7ZSdUaXk+5hHUk9FY/aVB9WSQMyY+ceUzme/25nd3hwtEkkqH
TFFGn1Io7XRIX7L2n6T9IN9DVqjEyoKXm1FEnc0AnmAO3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org