Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/z38KMpaTSxlgG4p5kmozs3A6dPA.roa
File: z38KMpaTSxlgG4p5kmozs3A6dPA.roa (raw, json)
Hash identifier: XnnN3AaHa3jA+uxUEytdWcXSmlNirWi9vMqfF33bakM=
Subject key identifier: CF:7F:0A:32:96:93:4B:19:60:1B:8A:79:92:6A:33:B3:70:3A:74:F0
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 104E
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/z38KMpaTSxlgG4p5kmozs3A6dPA.roa
Signing time: Tue 16 May 2023 08:36:01 +0000
ROA not before: Tue 16 May 2023 08:36:01 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17709
IP address blocks: 60.244.0.0/17 maxlen: 17
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4174 (0x104e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: May 16 08:36:01 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=CF7F0A3296934B19601B8A79926A33B3703A74F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:4c:d5:da:3f:a9:04:47:87:21:5e:22:57:d5:
f3:5b:de:d3:0e:7a:df:4d:8c:84:08:c8:45:d6:d2:
f7:e4:89:cf:a9:11:3a:8b:a8:60:d8:ff:cd:05:8c:
4c:4b:a1:c4:19:d9:d1:19:ae:4a:46:6f:4d:0c:27:
37:83:23:93:23:b0:46:e5:07:f6:84:8d:05:2b:e4:
d1:8f:a9:cb:b1:95:54:3b:8c:ca:3b:d0:9a:1f:5c:
fd:9f:6a:fc:de:2e:6c:43:fb:63:90:02:00:29:24:
47:52:80:6f:d9:ec:90:7b:59:dd:52:75:fc:9d:12:
95:dd:05:b8:48:45:28:51:3a:91:d6:00:2d:86:27:
00:d8:3c:db:fb:68:ad:a1:0a:7f:89:c4:12:c4:f9:
e7:c3:29:2c:17:44:c4:09:57:db:93:c8:a9:b6:09:
6b:4a:d6:ab:79:fc:17:82:a5:72:af:46:9c:00:ed:
24:55:3f:77:b5:b0:42:23:ec:34:0e:57:94:7d:c1:
4a:4f:1e:83:2b:05:df:3d:e7:14:ff:3e:66:bb:de:
51:66:10:ea:ab:7d:aa:56:97:85:d7:6b:6c:0e:b3:
61:52:7b:e1:65:d0:5e:61:77:17:60:90:a0:0b:82:
6f:0d:d7:28:2d:54:b7:f8:70:32:92:8f:d5:6b:29:
a5:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7F:0A:32:96:93:4B:19:60:1B:8A:79:92:6A:33:B3:70:3A:74:F0
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/z38KMpaTSxlgG4p5kmozs3A6dPA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9d:12:1a:88:be:52:31:2d:3c:4b:57:24:ac:84:b3:dc:75:01:
f7:b7:85:93:81:9d:af:c4:a1:16:21:27:e9:a3:c3:75:6b:29:
09:5e:0c:f2:ca:e5:1c:38:2f:b3:c9:34:0e:b4:94:4b:7a:43:
88:c1:2e:ea:4b:a5:fc:8f:e8:5b:c6:db:66:ea:9e:ef:c0:16:
65:4e:8b:96:24:83:06:3d:e1:6c:18:a8:d3:22:bb:c5:06:d2:
73:27:16:89:a4:4b:d6:c5:15:79:ff:f8:c3:e6:8b:58:39:80:
27:bd:9a:c5:2b:c3:49:9e:d6:94:08:b3:98:b6:d7:e0:a8:df:
76:5b:7f:d7:ad:99:e4:81:be:30:b6:6a:f8:52:4e:98:f8:fa:
77:dd:27:3e:c8:e3:45:8a:3c:69:26:7d:a0:00:8d:4d:96:0a:
0b:72:5e:bc:ac:26:3a:a2:90:b8:35:ee:02:2b:e3:87:a0:d3:
8f:23:8e:4e:1a:7c:2b:40:08:05:4d:34:09:ad:81:5a:48:74:
82:78:04:ed:cc:02:7f:5b:b0:82:06:91:80:35:65:82:8a:25:
ac:44:a2:da:c2:87:e5:fb:91:b6:a7:36:7c:bc:20:12:3d:89:
b0:6e:ad:05:ec:04:84:f4:e8:2c:c6:4c:d0:c5:fc:51:b7:16:
3d:f5:ad:b0
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEE4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA1MTYw
ODM2MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKENGN0YwQTMyOTY5MzRC
MTk2MDFCOEE3OTkyNkEzM0IzNzAzQTc0RjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcTNXaP6kER4chXiJX1fNb3tMOet9NjIQIyEXW0vfkic+pETqL
qGDY/80FjExLocQZ2dEZrkpGb00MJzeDI5MjsEblB/aEjQUr5NGPqcuxlVQ7jMo7
0JofXP2favzeLmxD+2OQAgApJEdSgG/Z7JB7Wd1SdfydEpXdBbhIRShROpHWAC2G
JwDYPNv7aK2hCn+JxBLE+efDKSwXRMQJV9uTyKm2CWtK1qt5/BeCpXKvRpwA7SRV
P3e1sEIj7DQOV5R9wUpPHoMrBd895xT/Pma73lFmEOqrfapWl4XXa2wOs2FSe+Fl
0F5hdxdgkKALgm8N1ygtVLf4cDKSj9VrKaWpAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUz38KMpaTSxlgG4p5kmozs3A6dPAwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvejM4S01wYVRTeGxnRzRwNWttb3pz
M0E2ZFBBLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzz0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAnRIaiL5SMS08S1ckrISz3HUB97eFk4Gdr8ShFiEn
6aPDdWspCV4M8srlHDgvs8k0DrSUS3pDiMEu6kul/I/oW8bbZuqe78AWZU6LliSD
Bj3hbBio0yK7xQbScycWiaRL1sUVef/4w+aLWDmAJ72axSvDSZ7WlAizmLbX4Kjf
dlt/162Z5IG+MLZq+FJOmPj6d90nPsjjRYo8aSZ9oACNTZYKC3JevKwmOqKQuDXu
Aivjh6DTjyOOThp8K0AIBU00Ca2BWkh0gngE7cwCf1uwggaRgDVlgoolrESi2sKH
5fuRtqc2fLwgEj2JsG6tBewEhPToLMZM0MX8UbcWPfWtsA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org