Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/z2KCZySCZAIucnYOKk6HFbojxXE.roa
File: z2KCZySCZAIucnYOKk6HFbojxXE.roa (raw, json)
Hash identifier: QBp0IMVGjgoSr5bi5iXuABoxTgk9x2Cq4diH6YmMivM=
Subject key identifier: CF:62:82:67:24:82:64:02:2E:72:76:0E:2A:4E:87:15:BA:23:C5:71
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 0F63
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/z2KCZySCZAIucnYOKk6HFbojxXE.roa
Signing time: Thu 15 Sep 2022 02:40:29 +0000
ROA not before: Thu 15 Sep 2022 02:40:29 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 24154
IP address blocks: 210.63.236.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3939 (0xf63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 15 02:40:29 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=CF628267248264022E72760E2A4E8715BA23C571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:0d:4d:4b:4a:f2:5f:85:43:08:19:2a:19:
2f:79:49:ce:cb:87:55:93:ae:23:46:1a:26:73:7f:
ec:37:46:42:50:5d:84:7c:3a:e5:fd:79:29:65:ad:
11:73:48:54:14:17:30:08:74:eb:95:08:af:90:8d:
c1:4f:38:1f:b6:1b:f0:4d:09:b8:d9:45:5c:39:53:
a4:4b:79:78:de:b8:3b:46:15:42:a0:74:7d:8d:04:
40:08:f4:26:3a:0e:c6:66:fb:c5:61:cd:dd:41:69:
45:60:39:db:24:ae:f5:1e:61:81:af:89:a4:e9:81:
0b:eb:ba:b6:09:e1:2e:48:d3:1f:b0:13:ab:43:1f:
57:ad:32:ac:18:7e:dd:a5:27:3d:8d:59:95:28:94:
22:82:d4:ed:bd:ce:50:16:2b:f6:d3:d0:d1:8b:b5:
83:54:db:7a:a6:ce:1e:32:c3:f6:33:ec:5b:87:92:
66:aa:7b:86:0a:ea:b2:82:8b:47:56:35:20:9e:f4:
94:3e:e8:fc:8f:22:4a:96:58:ff:02:10:d2:94:2a:
5f:92:0f:9c:7a:13:b9:f2:1b:c0:32:e6:ca:10:0e:
8e:29:40:b7:6c:8a:48:fb:b2:a3:d2:bd:23:3a:58:
4d:9c:d9:07:33:76:92:08:e3:5f:12:63:32:fd:a2:
07:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:62:82:67:24:82:64:02:2E:72:76:0E:2A:4E:87:15:BA:23:C5:71
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/z2KCZySCZAIucnYOKk6HFbojxXE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.63.236.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:58:98:cd:13:2b:19:b6:6d:c6:1a:74:03:e6:a2:1e:42:55:
bf:2a:1f:fb:18:29:df:76:75:9e:ba:46:4e:79:7f:62:15:c6:
3e:3f:03:cc:e5:46:6b:52:ae:46:21:b5:61:73:75:9b:66:85:
c5:f8:a2:a7:31:fe:57:f0:ab:08:2e:92:65:04:a4:ba:d0:5a:
75:8a:f5:7c:03:9e:e3:3b:95:8e:8c:a2:39:04:bb:7b:54:bc:
c3:a7:b3:5b:e9:f9:ee:9c:d4:12:4e:0f:43:34:43:25:66:48:
98:6f:84:6a:e1:8e:aa:0c:6e:17:7a:34:2b:0f:09:df:0b:af:
3a:5f:bd:ef:73:83:ca:7c:2c:4b:a5:18:76:54:69:91:d3:61:
ce:43:2b:33:dd:bb:76:8c:02:be:0c:5f:6c:f5:7b:17:10:13:
bf:ad:af:24:48:6c:51:4b:1d:a5:65:17:15:d7:07:d3:03:be:
c8:b4:6b:28:08:8f:e0:27:07:c7:e3:8d:4e:1c:99:3c:bf:23:
b5:00:9d:03:96:21:4c:ca:98:aa:8d:df:ae:58:72:5b:22:b8:
ef:b6:39:79:0d:1a:2c:3d:d1:f8:c2:9d:17:e6:ae:15:53:05:
39:81:c3:b4:9f:24:10:fd:c0:02:67:e1:f4:ec:aa:ce:51:29:
81:83:7a:70
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICD2MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMjA5MTUw
MjQwMjlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENGNjI4MjY3MjQ4MjY0
MDIyRTcyNzYwRTJBNEU4NzE1QkEyM0M1NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAgg1NS0ryX4VDCBkqGS95Sc7Lh1WTriNGGiZzf+w3RkJQXYR8
OuX9eSllrRFzSFQUFzAIdOuVCK+QjcFPOB+2G/BNCbjZRVw5U6RLeXjeuDtGFUKg
dH2NBEAI9CY6DsZm+8Vhzd1BaUVgOdskrvUeYYGviaTpgQvrurYJ4S5I0x+wE6tD
H1etMqwYft2lJz2NWZUolCKC1O29zlAWK/bT0NGLtYNU23qmzh4yw/Yz7FuHkmaq
e4YK6rKCi0dWNSCe9JQ+6PyPIkqWWP8CENKUKl+SD5x6E7nyG8Ay5soQDo4pQLds
ikj7sqPSvSM6WE2c2QczdpII418SYzL9ogdrAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUz2KCZySCZAIucnYOKk6HFbojxXEwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvejJLQ1p5U0NaQUl1Y25ZT0trNkhG
Ym9qeFhFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANI/7DAN
BgkqhkiG9w0BAQsFAAOCAQEAtliYzRMrGbZtxhp0A+aiHkJVvyof+xgp33Z1nrpG
Tnl/YhXGPj8DzOVGa1KuRiG1YXN1m2aFxfiipzH+V/CrCC6SZQSkutBadYr1fAOe
4zuVjoyiOQS7e1S8w6ezW+n57pzUEk4PQzRDJWZImG+EauGOqgxuF3o0Kw8J3wuv
Ol+973ODynwsS6UYdlRpkdNhzkMrM927dowCvgxfbPV7FxATv62vJEhsUUsdpWUX
FdcH0wO+yLRrKAiP4CcHx+ONThyZPL8jtQCdA5YhTMqYqo3frlhyWyK477Y5eQ0a
LD3R+MKdF+auFVMFOYHDtJ8kEP3AAmfh9OyqzlEpgYN6cA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org