Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/y4nB2mNes7g7N18P3YgqQ0s4zjY.roa
File: y4nB2mNes7g7N18P3YgqQ0s4zjY.roa (raw, json)
Hash identifier: IEvQY7j81gQFOzUW4qgnJAnUQodzFOC/8kHAQVdGzAM=
Subject key identifier: CB:89:C1:DA:63:5E:B3:B8:3B:37:5F:0F:DD:88:2A:43:4B:38:CE:36
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12DC
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/y4nB2mNes7g7N18P3YgqQ0s4zjY.roa
Signing time: Fri 01 Sep 2023 08:05:05 +0000
ROA not before: Fri 01 Sep 2023 08:05:05 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 43.240.104.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4828 (0x12dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:05 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CB89C1DA635EB3B83B375F0FDD882A434B38CE36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:dd:04:00:22:2d:60:47:d2:d4:a6:3e:e5:9b:
d3:22:ca:08:fc:ca:a1:41:f5:84:f0:8e:fb:84:c2:
5b:f6:da:f1:ab:ad:e1:25:6f:f4:f5:40:f9:eb:ef:
b5:43:4d:bd:bf:38:db:14:03:be:a3:9c:df:ad:eb:
30:c6:48:27:2b:8e:d6:47:ca:ed:59:12:ef:44:5f:
4a:5d:a0:b0:bb:f8:9c:7e:ff:4a:6f:de:d8:ec:0c:
29:88:0b:93:3a:df:81:01:f9:3c:f8:b7:50:3f:c4:
5b:67:a0:8d:b2:91:8d:91:9f:5b:d6:3f:1b:18:a5:
ae:ec:99:cc:dc:89:d0:73:85:88:9d:32:d9:0b:72:
d6:67:41:1e:e8:4e:17:21:d1:d9:75:9c:95:ce:08:
99:48:c4:d4:d3:57:9b:eb:5b:4f:62:3a:4f:4f:7e:
c5:02:6f:82:3e:95:6d:a7:af:88:3e:ef:26:97:c4:
9b:aa:66:b7:06:a8:ca:82:1b:10:c5:5d:0c:5b:7f:
ab:4d:53:fd:9e:e9:80:76:05:a6:c4:ed:73:c3:54:
71:32:34:bd:2d:90:3f:b6:0d:12:36:19:57:6a:7b:
50:42:7d:06:ff:97:a2:2d:46:61:0c:ab:35:78:21:
a9:b2:94:96:23:34:3a:95:a8:76:5d:df:b3:b2:4f:
f9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:89:C1:DA:63:5E:B3:B8:3B:37:5F:0F:DD:88:2A:43:4B:38:CE:36
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/y4nB2mNes7g7N18P3YgqQ0s4zjY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.104.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:4c:a8:83:4d:9a:e4:5a:61:73:ec:34:b5:75:40:7c:26:19:
16:7a:19:e6:bb:f3:89:82:38:84:aa:52:9f:e0:57:3d:d0:b3:
76:88:8e:5f:35:22:92:b5:0d:d3:80:75:47:dc:12:28:a4:f6:
37:8c:79:2e:95:f8:6d:46:ba:a0:a6:45:72:94:4c:20:2f:57:
a8:bd:de:5f:98:76:80:8c:ed:76:95:f7:cf:0d:18:fa:4d:a6:
79:14:22:7f:7e:5c:33:7d:48:52:5d:1c:ea:8b:61:6f:cf:12:
8b:e3:8b:82:18:dd:6d:07:d8:44:0e:b1:a4:57:ab:93:00:25:
94:9a:a0:9f:61:c3:f1:d8:4f:f3:1c:21:76:d4:29:33:d1:b1:
98:dd:7b:82:b6:2e:f1:27:e7:a4:bd:9a:35:f4:61:83:e5:2d:
24:fe:e7:18:1b:ae:c3:f0:df:fa:5e:ab:ab:a4:3e:6a:b0:b6:
b4:fa:4e:d3:44:a4:17:7e:ba:73:e9:42:1a:98:a0:26:eb:f4:
16:37:23:2e:fc:cd:98:7a:1b:6b:ac:fd:46:98:f4:20:fe:14:
d8:6b:a5:7b:fb:5e:cd:a3:78:f3:a0:e0:11:05:9b:88:f9:8b:
9f:38:63:13:ae:41:47:b0:4a:32:0b:b5:1b:ea:a9:85:83:5f:
0d:f1:b8:a8
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEtwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENCODlDMURBNjM1RUIz
QjgzQjM3NUYwRkREODgyQTQzNEIzOENFMzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDK3QQAIi1gR9LUpj7lm9Miygj8yqFB9YTwjvuEwlv22vGrreEl
b/T1QPnr77VDTb2/ONsUA76jnN+t6zDGSCcrjtZHyu1ZEu9EX0pdoLC7+Jx+/0pv
3tjsDCmIC5M634EB+Tz4t1A/xFtnoI2ykY2Rn1vWPxsYpa7smczcidBzhYidMtkL
ctZnQR7oThch0dl1nJXOCJlIxNTTV5vrW09iOk9PfsUCb4I+lW2nr4g+7yaXxJuq
ZrcGqMqCGxDFXQxbf6tNU/2e6YB2BabE7XPDVHEyNL0tkD+2DRI2GVdqe1BCfQb/
l6ItRmEMqzV4IamylJYjNDqVqHZd37OyT/lLAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUy4nB2mNes7g7N18P3YgqQ0s4zjYwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveTRuQjJtTmVzN2c3TjE4UDNZZ3FR
MHM0empZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAivwaDAN
BgkqhkiG9w0BAQsFAAOCAQEArkyog02a5Fphc+w0tXVAfCYZFnoZ5rvziYI4hKpS
n+BXPdCzdoiOXzUikrUN04B1R9wSKKT2N4x5LpX4bUa6oKZFcpRMIC9XqL3eX5h2
gIztdpX3zw0Y+k2meRQif35cM31IUl0c6othb88Si+OLghjdbQfYRA6xpFerkwAl
lJqgn2HD8dhP8xwhdtQpM9GxmN17grYu8SfnpL2aNfRhg+UtJP7nGBuuw/Df+l6r
q6Q+arC2tPpO00SkF366c+lCGpigJuv0FjcjLvzNmHoba6z9Rpj0IP4U2Gule/te
zaN486DgEQWbiPmLnzhjE65BR7BKMgu1G+qphYNfDfG4qA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org