Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/yJbTu_3fz5BWJEebRf6I3SEG9Iw.roa
File: yJbTu_3fz5BWJEebRf6I3SEG9Iw.roa (raw, json)
Hash identifier: gzOPdiPkbkPdc7HivOvMp4hgQDAfJB584Ox7xzglZ98=
Subject key identifier: C8:96:D3:BB:FD:DF:CF:90:56:24:47:9B:45:FE:88:DD:21:06:F4:8C
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1324
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/yJbTu_3fz5BWJEebRf6I3SEG9Iw.roa
Signing time: Fri 01 Sep 2023 08:05:26 +0000
ROA not before: Fri 01 Sep 2023 08:05:26 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 210.202.48.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4900 (0x1324)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:26 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=C896D3BBFDDFCF905624479B45FE88DD2106F48C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:83:61:fa:a1:3c:55:2e:fb:23:f8:6a:7d:02:
1e:38:8a:34:d5:af:5a:89:c6:5c:62:ad:3b:b7:f4:
6c:02:b1:ec:bf:a3:e4:98:ed:a0:28:b9:33:92:a3:
2d:04:d4:7a:9d:b9:c3:2f:8e:47:a1:df:67:26:6c:
58:48:d7:a3:49:d7:82:2b:9b:80:0b:5d:63:7c:bb:
ce:5f:7e:8a:df:91:a7:aa:e1:42:b1:d4:ec:08:7c:
48:01:d9:02:e2:07:9a:47:57:28:8a:3c:e0:6c:3d:
40:ad:0b:a2:04:9b:20:45:e7:8c:73:59:09:1e:7e:
43:9f:fe:03:fa:92:1a:be:55:64:75:a1:3a:bf:b9:
e6:0a:0c:14:ea:b9:58:ca:2a:5f:14:57:d4:4d:d4:
10:7f:33:3e:15:0a:e4:f1:cf:3f:91:0e:b9:fe:6d:
93:d3:3e:2a:3d:6d:11:08:0f:1c:48:ba:89:b8:6d:
60:85:02:97:b0:a8:c6:de:f0:4b:02:cf:15:e7:7b:
86:17:2b:37:eb:c2:30:cf:43:7d:dc:38:54:70:88:
5e:71:c1:f6:30:eb:7c:b0:1d:5b:68:da:86:99:c1:
4f:23:c0:37:a8:c2:0d:85:73:1b:db:02:7d:23:44:
4e:ad:1a:f6:f0:b3:47:e2:0c:d0:7e:9b:a6:b3:6b:
7e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:96:D3:BB:FD:DF:CF:90:56:24:47:9B:45:FE:88:DD:21:06:F4:8C
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/yJbTu_3fz5BWJEebRf6I3SEG9Iw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.48.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:e4:8d:1d:60:d3:ca:2a:6b:19:0a:20:22:ea:63:7d:e2:3c:
ff:ff:3e:cf:32:1c:70:8e:87:6b:89:e7:da:81:b1:8b:48:b9:
e5:93:18:2c:4a:b2:10:f0:e5:38:f1:a8:64:12:bb:90:69:0b:
04:e0:65:f5:9a:be:60:71:9f:7d:15:fd:ef:bb:35:a4:b6:9f:
78:dd:fa:ef:97:87:79:40:f9:2a:87:fa:54:e9:f3:94:4b:1c:
ac:35:78:e8:be:4b:1e:29:77:ad:54:56:0d:28:11:e2:32:9c:
c3:0b:65:b4:e5:3e:2b:c1:87:b9:25:dd:04:c3:37:0f:c0:2a:
af:10:52:e8:99:76:c6:af:2d:0b:54:52:25:6b:e7:c8:4e:e7:
1a:ac:ca:40:51:39:16:94:3a:29:fa:51:5c:ab:f3:b5:45:c1:
78:e3:dc:81:0b:fa:67:b3:16:b7:bd:85:d4:5c:95:76:f9:75:
83:46:5a:f0:ff:b9:56:9f:93:41:e2:fa:5d:2f:17:e9:83:75:
e0:56:52:4b:1e:d3:73:dd:7c:ab:c6:38:cf:4c:96:0a:af:02:
15:50:6d:3f:41:0d:0d:07:86:ea:2c:a9:fb:60:68:11:a4:54:
d4:86:9e:af:fd:07:4b:1e:8c:69:dc:9a:10:4b:7e:b8:c5:df:
23:19:75:48
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEyQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM4OTZEM0JCRkRERkNG
OTA1NjI0NDc5QjQ1RkU4OEREMjEwNkY0OEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtg2H6oTxVLvsj+Gp9Ah44ijTVr1qJxlxirTu39GwCsey/o+SY
7aAouTOSoy0E1HqducMvjkeh32cmbFhI16NJ14Irm4ALXWN8u85fforfkaeq4UKx
1OwIfEgB2QLiB5pHVyiKPOBsPUCtC6IEmyBF54xzWQkefkOf/gP6khq+VWR1oTq/
ueYKDBTquVjKKl8UV9RN1BB/Mz4VCuTxzz+RDrn+bZPTPio9bREIDxxIuom4bWCF
ApewqMbe8EsCzxXne4YXKzfrwjDPQ33cOFRwiF5xwfYw63ywHVto2oaZwU8jwDeo
wg2FcxvbAn0jRE6tGvbws0fiDNB+m6aza36VAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUyJbTu/3fz5BWJEebRf6I3SEG9IwwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveUpiVHVfM2Z6NUJXSkVlYlJmNkkz
U0VHOUl3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9LKMDAN
BgkqhkiG9w0BAQsFAAOCAQEAPeSNHWDTyiprGQogIupjfeI8//8+zzIccI6Ha4nn
2oGxi0i55ZMYLEqyEPDlOPGoZBK7kGkLBOBl9Zq+YHGffRX977s1pLafeN3675eH
eUD5Kof6VOnzlEscrDV46L5LHil3rVRWDSgR4jKcwwtltOU+K8GHuSXdBMM3D8Aq
rxBS6Jl2xq8tC1RSJWvnyE7nGqzKQFE5FpQ6KfpRXKvztUXBeOPcgQv6Z7MWt72F
1FyVdvl1g0Za8P+5Vp+TQeL6XS8X6YN14FZSSx7Tc918q8Y4z0yWCq8CFVBtP0EN
DQeG6iyp+2BoEaRU1Iaer/0HSx6MadyaEEt+uMXfIxl1SA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org