Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/ys13h1VRfRBM-3zGHhhIAVobQiQ.roa
File: ys13h1VRfRBM-3zGHhhIAVobQiQ.roa (raw, json)
Hash identifier: BXPV1hh9zMDXyFSb9L/8dfWVv9esvB3nMO572uC4kao=
Subject key identifier: CA:CD:77:87:55:51:7D:10:4C:FB:7C:C6:1E:18:48:01:5A:1B:42:24
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12E3
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ys13h1VRfRBM-3zGHhhIAVobQiQ.roa
Signing time: Fri 01 Sep 2023 08:05:07 +0000
ROA not before: Fri 01 Sep 2023 08:05:07 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 124.219.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4835 (0x12e3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:05:07 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CACD778755517D104CFB7CC61E1848015A1B4224
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:26:36:8d:59:c8:65:78:94:c0:b0:c2:0c:04:
0e:43:5c:7b:bd:f6:1d:90:2c:34:fd:a7:50:f4:39:
bc:d1:ff:01:67:70:1f:af:ff:73:6d:38:4f:65:c9:
8e:77:d5:48:b1:3d:91:5d:a2:a7:80:7f:5f:9f:3c:
80:d5:47:8b:71:2c:4b:a8:02:c6:a4:b6:c3:d6:95:
22:61:a8:09:c5:71:98:42:76:00:b3:e3:d9:ca:b5:
48:0c:80:bd:be:32:81:18:c8:76:69:dc:32:10:7a:
0e:52:bd:45:d6:e4:39:d4:0e:1d:0f:be:d4:19:71:
8b:d4:a5:53:8c:78:ce:f2:72:b8:29:10:b7:20:64:
7a:67:43:fe:35:bc:7d:d6:8b:08:7e:de:40:7a:a7:
4f:4f:e5:f7:bc:be:93:7f:c8:d1:39:bf:45:83:6b:
72:dc:3f:1e:29:bf:d5:9e:6e:d2:0e:f9:13:43:e4:
c7:2b:ce:a4:08:34:d9:7f:b5:e5:62:28:9a:b4:3d:
06:27:5a:bf:3c:28:6b:c9:28:71:48:27:a6:8d:56:
e9:94:3e:12:f5:ef:4a:ea:39:55:b8:17:9e:b9:66:
26:ff:46:bb:d4:b1:ad:3b:6d:1f:41:a2:ed:45:92:
c5:62:2e:04:22:46:9c:f6:26:8b:5f:72:74:dd:d8:
14:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:CD:77:87:55:51:7D:10:4C:FB:7C:C6:1E:18:48:01:5A:1B:42:24
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/ys13h1VRfRBM-3zGHhhIAVobQiQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.219.0.0/17
Signature Algorithm: sha256WithRSAEncryption
35:0d:4e:f7:de:a1:f0:d2:2e:6c:46:ff:62:fd:6b:a4:70:ca:
23:dc:ed:79:78:4f:0a:32:2b:ea:b9:d0:2a:64:82:a4:bf:32:
1f:6b:3c:83:0f:eb:a4:e3:c4:fb:41:be:b2:7d:78:5a:03:5e:
8c:e4:7a:ab:6f:b2:c0:36:ec:5f:13:59:8c:f0:cf:30:e7:e2:
31:90:24:26:9a:3f:8f:4e:a3:6c:cf:21:2d:35:ee:49:83:ad:
17:1f:24:b8:87:9b:0d:6d:0a:d7:c1:be:83:87:04:11:9c:ee:
0e:ca:2d:5c:2c:80:1d:76:e0:53:30:7d:0e:05:b2:fa:7d:5c:
1b:df:6d:a5:60:c0:f5:fd:d3:e1:c4:df:51:ee:f7:89:af:21:
01:24:c8:38:d0:24:bd:8c:f1:d6:df:c2:64:57:ba:fd:ac:ab:
b6:c5:94:09:c8:42:e3:5e:25:2b:03:f3:42:d6:86:eb:7b:81:
1b:91:f6:ae:f7:a4:42:5a:54:d3:65:fd:1f:6e:f3:55:25:e0:
7a:64:fe:09:b9:d4:3a:dd:cd:f6:36:0a:f8:86:ab:3a:03:b6:
c8:11:9b:8d:d5:d6:7a:89:f9:41:8b:48:a0:b1:fd:40:17:d1:
05:76:ad:e4:5e:60:91:6a:fe:bd:a2:12:26:4e:18:af:e8:b1:
05:f0:da:9d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEuMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA1MDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENBQ0Q3Nzg3NTU1MTdE
MTA0Q0ZCN0NDNjFFMTg0ODAxNUExQjQyMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYJjaNWchleJTAsMIMBA5DXHu99h2QLDT9p1D0ObzR/wFncB+v
/3NtOE9lyY531UixPZFdoqeAf1+fPIDVR4txLEuoAsaktsPWlSJhqAnFcZhCdgCz
49nKtUgMgL2+MoEYyHZp3DIQeg5SvUXW5DnUDh0PvtQZcYvUpVOMeM7ycrgpELcg
ZHpnQ/41vH3Wiwh+3kB6p09P5fe8vpN/yNE5v0WDa3LcPx4pv9WebtIO+RND5Mcr
zqQINNl/teViKJq0PQYnWr88KGvJKHFIJ6aNVumUPhL170rqOVW4F565Zib/RrvU
sa07bR9Bou1FksViLgQiRpz2JotfcnTd2BRXAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUys13h1VRfRBM+3zGHhhIAVobQiQwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveXMxM2gxVlJmUkJNLTN6R0hoaElB
Vm9iUWlRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB3zbADAN
BgkqhkiG9w0BAQsFAAOCAQEANQ1O996h8NIubEb/Yv1rpHDKI9zteXhPCjIr6rnQ
KmSCpL8yH2s8gw/rpOPE+0G+sn14WgNejOR6q2+ywDbsXxNZjPDPMOfiMZAkJpo/
j06jbM8hLTXuSYOtFx8kuIebDW0K18G+g4cEEZzuDsotXCyAHXbgUzB9DgWy+n1c
G99tpWDA9f3T4cTfUe73ia8hASTIONAkvYzx1t/CZFe6/ayrtsWUCchC414lKwPz
QtaG63uBG5H2rvekQlpU02X9H27zVSXgemT+CbnUOt3N9jYK+IarOgO2yBGbjdXW
eon5QYtIoLH9QBfRBXat5F5gkWr+vaISJk4Yr+ixBfDanQ==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org