Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/xB94JlRV020QN5CFychZ6K_z0As.roa
File: xB94JlRV020QN5CFychZ6K_z0As.roa (raw, json)
Hash identifier: dQ38vUcnr+w91MG2CIRbR30wHjPf+ta2hL/VuQ8zNZw=
Subject key identifier: C4:1F:78:26:54:55:D3:6D:10:37:90:85:C9:C8:59:E8:AF:F3:D0:0B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 103C
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xB94JlRV020QN5CFychZ6K_z0As.roa
Signing time: Tue 16 May 2023 08:35:55 +0000
ROA not before: Tue 16 May 2023 08:35:55 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 210.63.216.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4156 (0x103c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:35:55 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=C41F78265455D36D10379085C9C859E8AFF3D00B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:82:82:49:5e:5c:f2:1b:92:40:e6:7c:1b:ed:
37:d3:12:a5:cd:8b:2c:22:af:f1:58:e2:d9:82:cd:
de:22:fb:6a:0f:02:f3:73:e2:d0:f6:98:ec:af:8b:
3b:62:63:81:ad:a4:9b:ce:28:42:08:94:31:28:1d:
df:8c:01:dd:ce:b1:08:84:07:83:d6:43:bd:a7:f5:
6f:0f:8c:79:6d:15:4a:42:03:52:53:eb:c6:ef:df:
76:b2:b0:bc:d2:8c:d8:b4:e4:f6:d3:35:ef:7a:01:
a5:b6:36:f9:e5:50:92:44:79:54:33:22:bf:16:b2:
f5:30:aa:aa:f5:66:bc:7f:8e:34:1b:ac:ce:b1:bb:
35:bb:3f:0b:93:7d:f6:62:fb:57:e8:49:5f:86:10:
cf:01:2c:71:49:8c:07:db:71:04:ad:a7:37:03:14:
1e:2e:4c:a4:b0:8f:0b:3a:dc:99:b5:6e:c4:94:69:
71:82:7a:85:e5:dc:a7:3f:4e:cc:3c:10:8a:8d:7c:
ec:16:96:24:d1:68:d1:9b:31:2b:33:80:e0:c3:09:
8f:10:ed:f7:2d:f1:08:ff:bc:17:54:57:ac:00:0c:
33:83:41:a5:f8:68:69:18:27:0e:53:ae:a1:0f:6b:
68:d8:ba:c3:0c:31:d9:bf:85:e3:51:c3:43:a4:90:
c5:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1F:78:26:54:55:D3:6D:10:37:90:85:C9:C8:59:E8:AF:F3:D0:0B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xB94JlRV020QN5CFychZ6K_z0As.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.216.0/22
Signature Algorithm: sha256WithRSAEncryption
4f:23:58:67:d4:6d:7a:07:e6:4f:c8:fe:6d:8a:9f:b4:4c:20:
48:cf:10:35:5e:0a:20:ed:ce:57:b8:67:c3:71:88:ca:98:2c:
b9:c4:28:7f:d8:99:4b:ac:87:dd:98:d2:3f:50:89:f0:41:5b:
ff:1a:bb:e4:e4:ad:23:97:32:55:5b:f5:3a:d5:db:f8:35:e9:
2b:54:66:e9:af:d6:21:58:32:29:ed:78:61:0c:e1:37:46:5c:
6a:56:3f:6e:dc:6c:36:87:61:d1:35:c0:f4:ad:b5:dd:6d:94:
5b:fa:a4:8d:71:b5:38:59:00:d2:5e:e9:67:a0:83:b3:ad:f4:
96:a0:b6:31:f5:f0:2e:a3:90:5d:ce:63:ee:56:05:8f:15:86:
48:06:f6:eb:05:fa:d6:e0:83:23:6e:c4:e5:ca:57:9b:10:4c:
de:ce:b7:f7:cb:16:86:87:0e:bc:da:3b:d7:da:89:7e:a7:65:
37:e5:da:24:51:9c:5f:cb:d9:c9:58:e9:be:59:22:5e:6c:45:
de:3d:66:7a:c8:c9:03:0c:76:a1:22:08:c1:42:78:9d:e7:be:
f0:b3:4d:46:d2:24:e4:93:84:3c:61:e8:3c:09:ab:f6:15:b9:
fa:e3:2c:ba:c5:f6:b7:0c:77:37:e5:18:a5:72:26:a0:75:8e:
54:d9:ce:75
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEDwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM1NTVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM0MUY3ODI2NTQ1NUQz
NkQxMDM3OTA4NUM5Qzg1OUU4QUZGM0QwMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrgoJJXlzyG5JA5nwb7TfTEqXNiywir/FY4tmCzd4i+2oPAvNz
4tD2mOyviztiY4GtpJvOKEIIlDEoHd+MAd3OsQiEB4PWQ72n9W8PjHltFUpCA1JT
68bv33aysLzSjNi05PbTNe96AaW2NvnlUJJEeVQzIr8WsvUwqqr1Zrx/jjQbrM6x
uzW7PwuTffZi+1foSV+GEM8BLHFJjAfbcQStpzcDFB4uTKSwjws63Jm1bsSUaXGC
eoXl3Kc/Tsw8EIqNfOwWliTRaNGbMSszgODDCY8Q7fct8Qj/vBdUV6wADDODQaX4
aGkYJw5TrqEPa2jYusMMMdm/heNRw0OkkMVLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxB94JlRV020QN5CFychZ6K/z0AswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveEI5NEpsUlYwMjBRTjVDRnljaFo2
S196MEFzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtI/2DAN
BgkqhkiG9w0BAQsFAAOCAQEATyNYZ9RtegfmT8j+bYqftEwgSM8QNV4KIO3OV7hn
w3GIypgsucQof9iZS6yH3ZjSP1CJ8EFb/xq75OStI5cyVVv1OtXb+DXpK1Rm6a/W
IVgyKe14YQzhN0ZcalY/btxsNodh0TXA9K213W2UW/qkjXG1OFkA0l7pZ6CDs630
lqC2MfXwLqOQXc5j7lYFjxWGSAb26wX61uCDI27E5cpXmxBM3s6398sWhocOvNo7
19qJfqdlN+XaJFGcX8vZyVjpvlkiXmxF3j1mesjJAwx2oSIIwUJ4nee+8LNNRtIk
5JOEPGHoPAmr9hW5+uMsusX2twx3N+UYpXImoHWOVNnOdQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org