Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ygSDA-o7hu0Ua5R6uIXYtSJxLDI.roa
File: ygSDA-o7hu0Ua5R6uIXYtSJxLDI.roa (raw, json)
Hash identifier: 6DHSdKR88hBNPwxiihmG3wjILG5KqV0lItkj4AcZPgw=
Subject key identifier: CA:04:83:03:EA:3B:86:ED:14:6B:94:7A:B8:85:D8:B5:22:71:2C:32
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1328
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ygSDA-o7hu0Ua5R6uIXYtSJxLDI.roa
Signing time: Fri 01 Sep 2023 08:05:26 +0000
ROA not before: Fri 01 Sep 2023 08:05:26 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18419
IP address blocks: 124.218.108.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4904 (0x1328)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:26 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CA048303EA3B86ED146B947AB885D8B522712C32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:42:12:c7:5a:6f:5a:94:7c:6c:52:cb:1f:4d:
40:e5:4d:96:20:ce:d6:17:62:07:43:18:4a:61:bb:
5f:1b:c4:88:6d:c2:82:97:ec:58:f2:2b:7b:58:89:
6d:f7:05:26:7f:d0:bf:7e:ab:e8:ca:5f:ec:17:8f:
06:7f:21:aa:34:b0:53:83:03:b3:24:ac:f6:45:67:
a7:bc:f9:24:56:ed:ab:ca:c2:a5:95:88:69:7b:22:
66:4a:8c:95:0e:84:9d:86:39:09:75:a9:e7:78:97:
a7:46:e8:99:54:40:67:a4:5b:89:91:ef:66:f9:ea:
70:74:5c:80:d8:0a:15:e9:e6:3b:68:bd:0d:cd:72:
9f:b9:9e:8a:31:6d:ae:b8:fd:4b:51:39:f2:68:c6:
f7:41:16:d6:e0:de:5e:3a:10:00:72:53:d2:c5:ce:
a1:e3:e5:a7:d7:4f:49:73:cf:ea:42:3a:3f:d7:db:
a6:e0:5a:76:c3:17:0d:49:06:84:5b:93:b2:e6:7a:
c8:36:58:c4:60:4b:f6:75:18:07:de:7a:81:be:bc:
ab:99:4a:fd:fe:fc:b0:8a:4b:75:03:a6:0d:d6:c1:
70:06:c1:4a:4c:0e:bb:e3:99:cd:5d:09:ab:c5:5d:
79:1e:94:f8:8f:c9:d4:28:d3:56:ce:10:ac:b9:31:
f7:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:04:83:03:EA:3B:86:ED:14:6B:94:7A:B8:85:D8:B5:22:71:2C:32
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ygSDA-o7hu0Ua5R6uIXYtSJxLDI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.218.108.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:ec:33:ba:7f:f0:85:7c:6b:92:07:d9:35:72:32:8a:2c:27:
f3:65:de:f5:96:7b:3e:8a:97:c2:54:3f:2e:e2:af:82:d6:d8:
e9:81:03:19:77:54:fc:c3:fe:32:b2:60:2c:87:17:27:e3:79:
78:f5:d3:a3:dd:a3:f0:9e:86:44:33:9b:18:22:40:89:96:db:
23:47:ea:72:04:a1:1c:04:c1:4e:1a:0a:1e:3b:5d:4f:ad:12:
10:76:f6:0b:d2:54:01:c2:e5:c7:29:05:27:3a:4c:c7:5c:e1:
d9:79:2e:a0:72:40:81:0e:9d:e2:2b:83:e7:aa:b8:e8:ec:f2:
94:0a:88:a9:af:99:a1:6b:45:6d:da:5f:d9:61:2f:45:dd:2e:
35:42:fe:a5:89:a4:9e:66:f9:5c:97:12:50:2d:b1:68:83:25:
6d:14:00:1b:ab:4c:aa:e7:39:d1:d3:a2:81:04:d4:ba:65:29:
28:87:76:17:02:ab:45:67:02:22:0d:09:25:83:28:ed:a1:9d:
5e:60:41:1e:4b:7e:0c:cf:36:ad:52:03:1c:32:bc:32:1e:41:
f1:12:9a:3b:fc:eb:c0:3d:6d:0a:34:c0:88:35:45:80:ee:06:
e4:fa:34:59:20:12:81:f3:58:f3:0e:f1:f1:76:a5:ab:2b:0a:
7c:0b:70:22
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEygwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MjZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENBMDQ4MzAzRUEzQjg2
RUQxNDZCOTQ3QUI4ODVEOEI1MjI3MTJDMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAQhLHWm9alHxsUssfTUDlTZYgztYXYgdDGEphu18bxIhtwoKX
7FjyK3tYiW33BSZ/0L9+q+jKX+wXjwZ/Iao0sFODA7MkrPZFZ6e8+SRW7avKwqWV
iGl7ImZKjJUOhJ2GOQl1qed4l6dG6JlUQGekW4mR72b56nB0XIDYChXp5jtovQ3N
cp+5nooxba64/UtROfJoxvdBFtbg3l46EAByU9LFzqHj5afXT0lzz+pCOj/X26bg
WnbDFw1JBoRbk7Lmesg2WMRgS/Z1GAfeeoG+vKuZSv3+/LCKS3UDpg3WwXAGwUpM
Drvjmc1dCavFXXkelPiPydQo01bOEKy5MfeFAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUygSDA+o7hu0Ua5R6uIXYtSJxLDIwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveWdTREEtbzdodTBVYTVSNnVJWFl0
U0p4TERJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAnzabDAN
BgkqhkiG9w0BAQsFAAOCAQEAfewzun/whXxrkgfZNXIyiiwn82Xe9ZZ7PoqXwlQ/
LuKvgtbY6YEDGXdU/MP+MrJgLIcXJ+N5ePXTo92j8J6GRDObGCJAiZbbI0fqcgSh
HATBThoKHjtdT60SEHb2C9JUAcLlxykFJzpMx1zh2XkuoHJAgQ6d4iuD56q46Ozy
lAqIqa+ZoWtFbdpf2WEvRd0uNUL+pYmknmb5XJcSUC2xaIMlbRQAG6tMquc50dOi
gQTUumUpKId2FwKrRWcCIg0JJYMo7aGdXmBBHkt+DM82rVIDHDK8Mh5B8RKaO/zr
wD1tCjTAiDVFgO4G5Po0WSASgfNY8w7x8XalqysKfAtwIg==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org