Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/yzRXd0-FAbYiK5ohnS_7MZxuaSg.roa
File: yzRXd0-FAbYiK5ohnS_7MZxuaSg.roa (raw, json)
Hash identifier: EUNzyfnAEH6ikhQotZHvLIsOWqZqwEiUMkqF/qFXczA=
Subject key identifier: CB:34:57:77:4F:85:01:B6:22:2B:9A:21:9D:2F:FB:31:9C:6E:69:28
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 1299
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/yzRXd0-FAbYiK5ohnS_7MZxuaSg.roa
Signing time: Fri 01 Sep 2023 08:04:41 +0000
ROA not before: Fri 01 Sep 2023 08:04:41 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 223.23.63.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4761 (0x1299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:41 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CB3457774F8501B6222B9A219D2FFB319C6E6928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:69:ec:4e:0b:20:99:e9:1f:d1:0f:15:9b:4c:
76:bd:80:a2:26:11:4a:2c:55:31:0f:89:5e:ce:02:
c3:d8:2b:06:ed:07:34:a7:7c:59:2f:c7:9d:d0:92:
d7:68:22:33:b6:76:15:0c:6d:0d:21:91:46:b7:49:
f1:d1:51:66:78:71:01:7b:89:5d:ab:31:f9:93:29:
92:85:db:fd:60:c3:cc:10:af:24:86:82:2b:d5:dd:
26:f6:7c:e5:2b:51:15:db:d3:e3:8b:13:ac:ad:a4:
35:ef:41:94:7a:5a:3b:94:89:4e:37:8b:10:66:7f:
90:93:3b:ad:b1:bd:3c:47:64:db:79:fa:83:17:ef:
6d:a0:e4:05:5a:ce:c7:2e:97:21:70:00:df:00:d7:
54:35:78:53:9b:b1:54:4e:1f:94:36:d9:64:6d:19:
27:7f:cc:98:45:69:a3:66:89:04:a1:3b:36:d9:a8:
fc:e7:55:ec:1f:68:7a:3a:f6:ad:73:58:34:f8:d0:
4e:5a:c0:8e:68:07:bf:a1:b7:b4:a7:b6:ba:15:0b:
a0:87:24:d2:fa:66:3a:fa:b7:e0:ca:55:63:f2:05:
a9:34:76:3c:d5:1d:c1:5f:b5:02:3e:51:6d:51:9b:
da:e1:ae:ff:b7:cf:36:6a:74:2a:1f:bf:3d:ff:c1:
fd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:34:57:77:4F:85:01:B6:22:2B:9A:21:9D:2F:FB:31:9C:6E:69:28
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/yzRXd0-FAbYiK5ohnS_7MZxuaSg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.23.63.0/24
Signature Algorithm: sha256WithRSAEncryption
87:bb:ca:b9:e1:98:e5:96:0a:ee:b9:e5:6a:bf:0e:92:cf:a9:
3f:df:bb:cf:59:99:da:8f:e2:b2:ea:0a:50:93:f3:24:80:97:
14:86:5b:12:4b:44:95:78:6b:cf:88:0d:62:c7:0f:c3:49:3f:
ef:0a:ef:6e:30:32:ef:e2:fe:e3:68:64:ad:87:b6:e6:b0:7e:
6b:a1:fe:2c:e8:b1:3e:97:47:c4:3b:53:dd:90:c6:f4:e7:8d:
60:36:ab:bd:48:90:8f:65:b6:a9:62:82:ae:ed:fa:a1:64:4c:
04:94:25:45:6b:d3:8f:75:3f:02:72:fd:ce:37:31:d2:a1:eb:
5b:c9:4d:c9:5f:ca:7c:01:62:b1:76:e3:a7:ad:4f:7a:d4:11:
43:e8:c8:29:e0:e4:02:01:16:e6:a2:40:cf:39:04:61:03:f9:
30:0a:be:81:d1:71:a5:53:3b:2e:26:31:31:26:79:f8:76:c4:
ac:61:5f:4c:0b:ea:39:d1:74:a0:88:a2:73:30:68:52:96:25:
af:ad:4b:da:76:df:61:4f:23:04:30:a9:0b:57:80:b9:6d:9d:
e6:49:d1:1d:e5:08:af:05:67:32:22:ec:2e:62:94:35:a3:0f:
25:a7:f0:7d:5b:b9:d2:cd:dc:9e:03:89:0d:45:7e:fc:b6:52:
e2:a1:d2:a4
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEpkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENCMzQ1Nzc3NEY4NTAx
QjYyMjJCOUEyMTlEMkZGQjMxOUM2RTY5MjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0aexOCyCZ6R/RDxWbTHa9gKImEUosVTEPiV7OAsPYKwbtBzSn
fFkvx53QktdoIjO2dhUMbQ0hkUa3SfHRUWZ4cQF7iV2rMfmTKZKF2/1gw8wQrySG
givV3Sb2fOUrURXb0+OLE6ytpDXvQZR6WjuUiU43ixBmf5CTO62xvTxHZNt5+oMX
722g5AVazsculyFwAN8A11Q1eFObsVROH5Q22WRtGSd/zJhFaaNmiQShOzbZqPzn
VewfaHo69q1zWDT40E5awI5oB7+ht7SntroVC6CHJNL6Zjr6t+DKVWPyBak0djzV
HcFftQI+UW1Rm9rhrv+3zzZqdCofvz3/wf21AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUyzRXd0+FAbYiK5ohnS/7MZxuaSgwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wveXpSWGQwLUZBYllpSzVvaG5TXzdN
Wnh1YVNnLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8XPzAN
BgkqhkiG9w0BAQsFAAOCAQEAh7vKueGY5ZYK7rnlar8Oks+pP9+7z1mZ2o/isuoK
UJPzJICXFIZbEktElXhrz4gNYscPw0k/7wrvbjAy7+L+42hkrYe25rB+a6H+LOix
PpdHxDtT3ZDG9OeNYDarvUiQj2W2qWKCru36oWRMBJQlRWvTj3U/AnL9zjcx0qHr
W8lNyV/KfAFisXbjp61PetQRQ+jIKeDkAgEW5qJAzzkEYQP5MAq+gdFxpVM7LiYx
MSZ5+HbErGFfTAvqOdF0oIiiczBoUpYlr61L2nbfYU8jBDCpC1eAuW2d5knRHeUI
rwVnMiLsLmKUNaMPJafwfVu50s3cngOJDUV+/LZS4qHSpA==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org