Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/wUI-9g12do7VKnrU1HtBpVL5enU.roa
File: wUI-9g12do7VKnrU1HtBpVL5enU.roa (raw, json)
Hash identifier: lC/4wgZ6evqK8dUSqWLcUmfW4AZSixqFnakNYNAwawI=
Subject key identifier: C1:42:3E:F6:0D:76:76:8E:D5:2A:7A:D4:D4:7B:41:A5:52:F9:7A:75
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12E9
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/wUI-9g12do7VKnrU1HtBpVL5enU.roa
Signing time: Fri 01 Sep 2023 08:05:09 +0000
ROA not before: Fri 01 Sep 2023 08:05:09 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9311
IP address blocks: 203.79.220.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4841 (0x12e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:09 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=C1423EF60D76768ED52A7AD4D47B41A552F97A75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:27:fc:61:c2:bb:6d:47:a2:04:f6:eb:5f:65:
1d:2d:70:ac:3e:32:23:d5:1d:8c:3e:d4:73:2c:24:
b5:af:b6:8d:65:a7:e7:e0:bf:fa:b2:0d:81:81:91:
3f:8d:f2:e1:c6:da:df:65:4e:ae:7c:96:bc:57:83:
5a:9d:d8:95:42:69:92:ba:6f:4a:77:0c:a2:ba:f3:
e1:14:dc:84:86:5a:9d:4f:72:1e:fd:0b:60:f1:68:
c5:bd:5c:63:0d:3f:c2:63:d1:08:6c:98:ff:d6:bf:
d2:77:99:19:37:31:e2:fc:44:42:77:94:a8:33:6c:
6c:11:aa:0c:b4:4d:9a:20:bb:17:0b:83:9d:4d:f0:
8e:e0:56:51:93:f9:e9:57:ae:d3:cd:5c:54:76:f6:
bd:ce:00:3e:9f:93:59:dd:72:0a:9b:04:66:85:8a:
f0:a6:14:dd:08:1c:c6:97:7f:62:ec:57:16:3d:b6:
d1:da:aa:15:9e:12:5f:4a:79:1c:4d:56:88:99:4d:
3a:62:53:e7:fc:05:e9:5b:46:0b:7f:06:e6:0c:a8:
64:84:68:6d:f2:51:9c:bf:c3:b8:ec:0c:34:68:66:
53:b1:b7:ee:e4:0d:ed:e1:e5:2f:f0:73:d7:7f:70:
42:ea:76:df:a4:7f:0c:11:5c:bc:93:64:4f:5a:97:
ad:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:42:3E:F6:0D:76:76:8E:D5:2A:7A:D4:D4:7B:41:A5:52:F9:7A:75
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/wUI-9g12do7VKnrU1HtBpVL5enU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.220.0/22
Signature Algorithm: sha256WithRSAEncryption
42:25:bf:b0:f8:e5:d8:d6:79:7f:84:c7:86:81:80:61:73:3e:
66:54:55:e3:78:d3:ac:a9:21:9c:97:c6:f4:4c:93:16:92:30:
e5:62:b2:ff:20:a6:23:aa:a9:47:32:38:64:dc:e2:d0:78:0f:
9a:31:5d:23:c5:26:cd:cb:bf:4e:de:81:14:e4:17:9c:21:27:
fe:8e:27:30:8c:3a:6f:a8:67:b0:b2:fb:93:7c:59:38:d4:85:
cf:9c:6d:e0:4f:73:f2:25:16:92:8c:73:0f:be:98:bf:1e:85:
f4:2b:d0:b2:a3:07:0e:11:25:14:52:85:d7:9b:9f:f5:a9:57:
88:c2:46:d0:c0:33:07:28:ce:bb:17:1a:ec:63:80:1f:c9:9a:
7a:29:5a:6a:09:42:48:21:91:07:da:b8:1c:ed:c2:e7:ad:c4:
a1:9c:50:f3:2b:54:5e:d0:42:47:64:a9:6d:af:ad:27:91:f0:
65:66:2f:df:e0:f5:19:c5:96:5c:10:bb:7b:6e:b8:b8:a2:83:
46:8e:78:4e:c4:de:8b:f9:74:ce:76:ad:ab:f4:df:3f:c0:1c:
20:b4:da:a4:ef:26:15:8f:45:25:ae:2c:28:56:ba:9a:55:51:
09:04:fa:38:1e:5c:c4:64:30:75:8b:24:5c:bb:9b:63:64:01:
23:c2:72:7c
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEukwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEMxNDIzRUY2MEQ3Njc2
OEVENTJBN0FENEQ0N0I0MUE1NTJGOTdBNzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDbJ/xhwrttR6IE9utfZR0tcKw+MiPVHYw+1HMsJLWvto1lp+fg
v/qyDYGBkT+N8uHG2t9lTq58lrxXg1qd2JVCaZK6b0p3DKK68+EU3ISGWp1Pch79
C2DxaMW9XGMNP8Jj0QhsmP/Wv9J3mRk3MeL8REJ3lKgzbGwRqgy0TZoguxcLg51N
8I7gVlGT+elXrtPNXFR29r3OAD6fk1ndcgqbBGaFivCmFN0IHMaXf2LsVxY9ttHa
qhWeEl9KeRxNVoiZTTpiU+f8BelbRgt/BuYMqGSEaG3yUZy/w7jsDDRoZlOxt+7k
De3h5S/wc9d/cELqdt+kfwwRXLyTZE9al609AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUwUI+9g12do7VKnrU1HtBpVL5enUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvd1VJLTlnMTJkbzdWS25yVTFIdEJw
Vkw1ZW5VLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAstP3DAN
BgkqhkiG9w0BAQsFAAOCAQEAQiW/sPjl2NZ5f4THhoGAYXM+ZlRV43jTrKkhnJfG
9EyTFpIw5WKy/yCmI6qpRzI4ZNzi0HgPmjFdI8Umzcu/Tt6BFOQXnCEn/o4nMIw6
b6hnsLL7k3xZONSFz5xt4E9z8iUWkoxzD76Yvx6F9CvQsqMHDhElFFKF15uf9alX
iMJG0MAzByjOuxca7GOAH8maeilaaglCSCGRB9q4HO3C563EoZxQ8ytUXtBCR2Sp
ba+tJ5HwZWYv3+D1GcWWXBC7e264uKKDRo54TsTei/l0znatq/TfP8AcILTapO8m
FY9FJa4sKFa6mlVRCQT6OB5cxGQwdYskXLubY2QBI8JyfA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org