Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/zI7zArOo5knHndApG5KWTdoztDU.roa
File: zI7zArOo5knHndApG5KWTdoztDU.roa (raw, json)
Hash identifier: wkvHizBccV93bYtY8F22kQTfOyWtUGHc4LoRZ3JcD9Q=
Subject key identifier: CC:8E:F3:02:B3:A8:E6:49:C7:9D:D0:29:1B:92:96:4D:DA:33:B4:35
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 12A6
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/zI7zArOo5knHndApG5KWTdoztDU.roa
Signing time: Fri 01 Sep 2023 08:04:46 +0000
ROA not before: Fri 01 Sep 2023 08:04:46 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7482
IP address blocks: 60.244.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4774 (0x12a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:46 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CC8EF302B3A8E649C79DD0291B92964DDA33B435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f1:45:a0:4a:16:96:cf:92:61:3f:04:a6:9a:
75:6f:d6:de:1f:03:d5:14:fa:4c:aa:b4:2b:f1:7f:
8b:a0:a3:0f:8a:a8:c2:ea:a4:8b:f4:95:3c:8e:a3:
fe:57:d0:dd:25:79:d0:96:72:07:7d:4b:83:60:d2:
90:7d:43:f3:21:65:44:a4:ec:56:d8:12:f8:d8:40:
47:b0:c0:15:ce:3b:38:85:b1:76:33:52:fd:58:1b:
9b:79:e5:57:9f:9f:50:de:a7:03:ca:d8:ea:cf:dd:
b3:bd:e7:b2:2b:19:b0:73:8e:1e:02:44:82:07:1a:
23:73:b5:d1:47:61:be:ab:40:50:b1:be:06:6d:f9:
5c:ca:d9:4b:2c:b4:34:10:ef:16:d6:7e:32:d8:f2:
22:5d:25:86:e6:51:98:b7:93:78:02:b6:0f:c5:c8:
3a:16:16:ac:42:05:98:68:b3:b6:06:bb:f6:50:f3:
c4:8b:74:c0:90:16:a4:cb:8a:36:5f:b9:ff:4d:8d:
38:d9:57:d0:33:0a:64:37:16:dd:2d:92:56:12:15:
b3:e2:5f:91:19:0a:7b:af:13:ed:d3:20:4d:42:78:
2a:fd:9e:e6:64:2e:6f:98:5a:71:55:b5:05:39:bf:
06:0f:ba:6a:08:21:31:f2:ec:ca:23:82:e7:21:83:
90:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8E:F3:02:B3:A8:E6:49:C7:9D:D0:29:1B:92:96:4D:DA:33:B4:35
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/zI7zArOo5knHndApG5KWTdoztDU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.244.0.0/17
Signature Algorithm: sha256WithRSAEncryption
9a:0b:fe:f9:05:c1:77:ad:4e:73:bf:78:d3:20:4f:cd:b9:39:
e0:cd:15:f2:d9:17:3c:cc:03:72:88:52:56:e0:a3:b7:34:fd:
9a:28:93:86:e6:c4:3f:6d:82:8f:01:75:f2:3e:bc:c2:3d:14:
d2:4d:84:ea:54:21:27:9e:d7:73:17:46:ff:4b:a0:ad:cd:7c:
8d:de:78:46:bc:5c:b4:96:93:e5:59:19:44:17:f0:43:4b:ac:
16:9a:ee:95:70:fc:eb:d5:49:cd:c0:1e:b4:83:25:4c:f9:a6:
c4:4c:d9:a3:bd:b5:80:8f:fc:5d:cb:67:9e:c7:40:3d:7e:ce:
88:79:91:fb:9f:38:d8:1c:c9:53:48:4f:37:3a:c4:24:ad:7b:
f7:10:35:5f:9c:8c:1b:e6:10:11:c9:99:bb:e8:0c:73:fe:69:
37:ca:11:df:8a:c0:17:f0:30:01:3d:ff:af:a9:32:12:5f:23:
ae:8e:12:ae:cb:9a:21:c0:20:c0:7f:25:0e:3f:0a:14:fb:26:
69:06:f7:a1:97:9c:3d:37:ce:bc:3a:bb:7d:23:78:95:4a:9c:
a6:68:70:54:6b:47:d1:5c:95:07:5f:04:7a:aa:08:88:ba:13:
f9:ec:c8:f0:9a:0a:a7:86:89:3f:0a:69:52:15:d4:46:d5:79:
88:5d:9a:82
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEqYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0NDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENDOEVGMzAyQjNBOEU2
NDlDNzlERDAyOTFCOTI5NjREREEzM0I0MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCm8UWgShaWz5JhPwSmmnVv1t4fA9UU+kyqtCvxf4ugow+KqMLq
pIv0lTyOo/5X0N0ledCWcgd9S4Ng0pB9Q/MhZUSk7FbYEvjYQEewwBXOOziFsXYz
Uv1YG5t55Vefn1DepwPK2OrP3bO957IrGbBzjh4CRIIHGiNztdFHYb6rQFCxvgZt
+VzK2UsstDQQ7xbWfjLY8iJdJYbmUZi3k3gCtg/FyDoWFqxCBZhos7YGu/ZQ88SL
dMCQFqTLijZfuf9NjTjZV9AzCmQ3Ft0tklYSFbPiX5EZCnuvE+3TIE1CeCr9nuZk
Lm+YWnFVtQU5vwYPumoIITHy7Mojguchg5ClAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUzI7zArOo5knHndApG5KWTdoztDUwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvekk3ekFyT281a25IbmRBcEc1S1dU
ZG96dERVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBzz0ADAN
BgkqhkiG9w0BAQsFAAOCAQEAmgv++QXBd61Oc7940yBPzbk54M0V8tkXPMwDcohS
VuCjtzT9miiThubEP22CjwF18j68wj0U0k2E6lQhJ57XcxdG/0ugrc18jd54Rrxc
tJaT5VkZRBfwQ0usFprulXD869VJzcAetIMlTPmmxEzZo721gI/8XctnnsdAPX7O
iHmR+5842BzJU0hPNzrEJK179xA1X5yMG+YQEcmZu+gMc/5pN8oR34rAF/AwAT3/
r6kyEl8jro4SrsuaIcAgwH8lDj8KFPsmaQb3oZecPTfOvDq7fSN4lUqcpmhwVGtH
0VyVB18EeqoIiLoT+ezI8JoKp4aJPwppUhXURtV5iF2agg==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:32 2024 by rpki-client on console-ams.rpki-client.org