Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/xYh_x3rAhAPCABjQWXFt7INOPFs.roa
File: xYh_x3rAhAPCABjQWXFt7INOPFs.roa (raw, json)
Hash identifier: vKXQM1xi1PZLdBicuvs88b8ZWkmZk04f0jKPPgV2guk=
Subject key identifier: C5:88:7F:C7:7A:C0:84:03:C2:00:18:D0:59:71:6D:EC:83:4E:3C:5B
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 113B
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xYh_x3rAhAPCABjQWXFt7INOPFs.roa
Signing time: Mon 07 Aug 2023 07:40:56 +0000
ROA not before: Mon 07 Aug 2023 07:40:56 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 103.36.116.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4411 (0x113b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Aug 7 07:40:56 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=C5887FC77AC08403C20018D059716DEC834E3C5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:aa:79:82:62:27:53:2f:c9:79:0f:70:06:54:
57:ee:da:16:14:95:7c:0d:3c:cb:83:4e:8f:36:68:
dc:98:b7:03:a3:fa:b2:80:23:b7:ed:6a:0c:1e:ec:
25:e2:59:88:24:a1:54:1b:ce:06:7d:61:67:1e:9d:
a4:b1:c8:d8:55:dc:0b:77:52:3a:dc:e7:f8:6d:5a:
3f:55:1c:cd:12:d2:0e:24:3b:ee:ab:67:b2:06:1c:
04:84:72:d2:c9:bd:ae:a5:0f:e3:1b:45:e9:e1:2d:
48:1a:e4:fb:99:37:04:57:1f:3a:ad:0e:ac:11:3c:
ae:67:02:43:07:4f:73:55:11:d6:67:7d:d9:4b:29:
1b:f4:d0:d3:af:89:81:5a:e6:2c:a5:e6:d0:ea:2e:
77:fe:6b:f4:57:dd:f3:49:72:ab:65:d1:a6:2c:c7:
27:36:19:46:d0:91:aa:b7:e6:33:6e:49:66:2a:0b:
e4:34:10:30:cf:9e:6f:21:9a:74:28:cc:db:83:50:
79:fd:0e:57:da:d7:13:07:50:74:a1:f3:6a:92:4f:
14:ce:90:6c:b6:85:c8:c2:ca:4b:73:17:d1:0a:42:
bf:a8:10:4c:73:84:00:0c:73:fd:9e:5b:22:f7:5a:
6a:92:68:4f:2a:2d:ee:73:59:91:10:54:0a:24:e4:
69:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:88:7F:C7:7A:C0:84:03:C2:00:18:D0:59:71:6D:EC:83:4E:3C:5B
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/xYh_x3rAhAPCABjQWXFt7INOPFs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.36.116.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:b0:d4:65:ed:7f:cf:e1:e8:fb:51:84:36:db:c5:9d:22:05:
64:ea:fb:2f:f9:61:ba:42:2a:17:b2:e7:d0:fb:c2:f4:8d:59:
f4:0b:a9:57:37:05:ea:7a:ca:f7:e0:bd:42:de:83:a3:f6:19:
59:76:11:3e:c0:d7:be:09:ee:c5:4a:40:d2:9a:75:7e:cc:91:
cf:01:1b:f4:a6:d1:63:b0:16:35:2e:e2:bf:29:59:bb:48:4a:
e1:ae:1e:86:3e:b5:4d:64:8c:3e:d8:b7:da:27:5f:65:f1:f1:
00:14:26:7c:01:04:a5:e0:c9:b0:d7:87:71:4b:af:58:32:86:
d2:fe:0b:d6:99:c7:54:83:b6:50:40:b0:c2:02:49:42:6c:f1:
ed:c0:1e:2e:a5:8a:5c:c4:fc:fd:4e:0c:ed:ae:98:2c:7d:29:
51:60:75:fe:a5:75:bc:1e:43:af:6f:f5:a7:ec:d7:de:66:a7:
a9:f6:d2:1f:b2:50:46:6e:bc:55:69:57:cf:1a:14:43:a8:a2:
9f:d7:40:71:bf:ce:68:a8:77:6e:37:55:e9:b3:b3:66:a9:a1:
8e:9c:b5:08:fb:92:cb:1c:b4:38:58:c1:06:b8:bb:d8:17:7c:
3b:ec:cf:c2:60:15:94:e5:bb:14:35:48:41:b8:f6:74:50:c9:
c4:ca:e8:31
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICETswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA4MDcw
NzQwNTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEM1ODg3RkM3N0FDMDg0
MDNDMjAwMThEMDU5NzE2REVDODM0RTNDNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5qnmCYidTL8l5D3AGVFfu2hYUlXwNPMuDTo82aNyYtwOj+rKA
I7ftagwe7CXiWYgkoVQbzgZ9YWcenaSxyNhV3At3Ujrc5/htWj9VHM0S0g4kO+6r
Z7IGHASEctLJva6lD+MbRenhLUga5PuZNwRXHzqtDqwRPK5nAkMHT3NVEdZnfdlL
KRv00NOviYFa5iyl5tDqLnf+a/RX3fNJcqtl0aYsxyc2GUbQkaq35jNuSWYqC+Q0
EDDPnm8hmnQozNuDUHn9Dlfa1xMHUHSh82qSTxTOkGy2hcjCyktzF9EKQr+oEExz
hAAMc/2eWyL3WmqSaE8qLe5zWZEQVAok5GkBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUxYh/x3rAhAPCABjQWXFt7INOPFswHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveFloX3gzckFoQVBDQUJqUVdYRnQ3
SU5PUEZzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmckdDAN
BgkqhkiG9w0BAQsFAAOCAQEAorDUZe1/z+Ho+1GENtvFnSIFZOr7L/lhukIqF7Ln
0PvC9I1Z9AupVzcF6nrK9+C9Qt6Do/YZWXYRPsDXvgnuxUpA0pp1fsyRzwEb9KbR
Y7AWNS7ivylZu0hK4a4ehj61TWSMPti32idfZfHxABQmfAEEpeDJsNeHcUuvWDKG
0v4L1pnHVIO2UECwwgJJQmzx7cAeLqWKXMT8/U4M7a6YLH0pUWB1/qV1vB5Dr2/1
p+zX3manqfbSH7JQRm68VWlXzxoUQ6iin9dAcb/OaKh3bjdV6bOzZqmhjpy1CPuS
yxy0OFjBBri72Bd8O+zPwmAVlOW7FDVIQbj2dFDJxMroMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org