Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APOL/zZ0r7hB4miAcLqNzwdrVIBPtorM.roa
File: zZ0r7hB4miAcLqNzwdrVIBPtorM.roa (raw, json)
Hash identifier: wbGl0dAgahmWy40XsilZwCxh45LtzwWJCCDpo1dsOQw=
Subject key identifier: CD:9D:2B:EE:10:78:9A:20:1C:2E:A3:73:C1:DA:D5:20:13:ED:A2:B3
Certificate issuer: /CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Certificate serial: 127F
Authority key identifier: FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/zZ0r7hB4miAcLqNzwdrVIBPtorM.roa
Signing time: Fri 01 Sep 2023 08:04:33 +0000
ROA not before: Fri 01 Sep 2023 08:04:33 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 219.91.0.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4735 (0x127f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=FB064230F3E39BEFBB73A7D4DDB26FE2D446EE25
Validity
Not Before: Sep 1 08:04:33 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CD9D2BEE10789A201C2EA373C1DAD52013EDA2B3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:3f:01:54:85:88:ae:4c:0f:80:92:3f:07:50:
f8:5c:5b:51:e3:96:45:c6:ef:e6:f4:cb:50:3e:af:
44:27:17:5b:ee:e8:07:31:fe:5e:90:34:c5:1d:24:
1a:b5:8f:ab:ec:91:a1:d6:14:f3:c6:f5:02:1a:8e:
f2:61:51:b0:6b:8d:f2:73:4f:e5:c2:7a:ad:d5:9c:
4d:e4:50:4e:4c:d1:70:e4:aa:45:f0:d5:b9:f7:1d:
c9:31:01:f3:92:e7:03:15:a0:83:e4:92:77:22:3e:
c7:48:a9:f0:3b:1e:ca:52:99:c7:39:f3:cb:e6:cf:
e9:ab:9a:a5:84:b3:6c:98:25:b6:71:e0:6e:8a:31:
1b:28:cc:00:3d:a8:ea:d0:d1:ef:74:83:a8:8b:1f:
76:fa:d3:e8:58:44:da:2d:31:49:55:59:5e:4b:ba:
bb:32:db:b9:48:53:a9:ee:5c:88:75:4c:be:f8:8d:
72:f7:a4:3c:49:c0:03:69:99:9d:0c:47:51:c9:b4:
61:d8:86:6b:ee:5a:b2:ca:8d:24:ad:3a:ed:95:1f:
8d:1c:fe:ff:2a:92:dd:e6:d1:69:d0:16:b7:1a:6d:
1e:ef:e9:77:f1:c7:d8:ce:3a:9a:5f:7c:47:f7:9d:
98:ea:32:33:28:40:13:96:6d:51:a9:05:5e:56:17:
22:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:9D:2B:EE:10:78:9A:20:1C:2E:A3:73:C1:DA:D5:20:13:ED:A2:B3
X509v3 Authority Key Identifier:
keyid:FB:06:42:30:F3:E3:9B:EF:BB:73:A7:D4:DD:B2:6F:E2:D4:46:EE:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/-wZCMPPjm--7c6fU3bJv4tRG7iU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-wZCMPPjm--7c6fU3bJv4tRG7iU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APOL/zZ0r7hB4miAcLqNzwdrVIBPtorM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
219.91.0.0/17
Signature Algorithm: sha256WithRSAEncryption
1c:d6:72:4f:e4:3c:38:0b:09:f6:f7:c6:8a:b4:bc:81:e9:8c:
ab:6d:98:f3:6a:d4:d5:22:35:c1:0d:d9:dc:ca:45:5b:9f:6b:
70:9f:a4:5d:b5:43:09:7b:f1:ee:8b:26:66:3d:bd:86:76:0d:
17:f4:ca:9b:97:8a:02:32:30:6b:c6:df:97:19:34:f0:75:1a:
bc:14:d5:b5:c7:c8:11:35:e5:33:af:33:0d:2f:59:6b:88:22:
01:4b:49:dc:f0:99:38:df:1b:ac:4e:0e:90:35:e0:b8:b2:22:
17:a4:74:b1:5b:76:47:36:59:06:dd:d2:15:75:e2:f7:2f:1d:
5a:14:ff:14:f9:f1:8e:56:0e:a9:c3:23:a5:e9:40:06:c9:e2:
ce:8c:11:2a:82:1c:3a:e1:de:df:ac:2f:cd:61:3d:44:34:7c:
07:a8:28:2e:5a:04:98:3a:22:30:49:dd:28:34:89:77:9e:c1:
49:f6:e8:20:9f:13:4b:72:af:3e:6f:28:00:99:e6:69:d0:84:
73:85:2b:7d:ac:e3:a5:fe:ba:5c:08:45:f8:70:aa:4a:75:8a:
7c:a5:5e:e0:95:db:ad:23:df:25:11:bc:4c:ab:4c:ed:42:c1:
28:e6:8d:d0:8a:40:1b:84:57:54:e6:36:00:5c:70:1a:e2:68:
91:3c:36:b7
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICEn8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRkIw
NjQyMzBGM0UzOUJFRkJCNzNBN0Q0RERCMjZGRTJENDQ2RUUyNTAeFw0yMzA5MDEw
ODA0MzNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENEOUQyQkVFMTA3ODlB
MjAxQzJFQTM3M0MxREFENTIwMTNFREEyQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4PwFUhYiuTA+Akj8HUPhcW1HjlkXG7+b0y1A+r0QnF1vu6Acx
/l6QNMUdJBq1j6vskaHWFPPG9QIajvJhUbBrjfJzT+XCeq3VnE3kUE5M0XDkqkXw
1bn3HckxAfOS5wMVoIPkknciPsdIqfA7HspSmcc588vmz+mrmqWEs2yYJbZx4G6K
MRsozAA9qOrQ0e90g6iLH3b60+hYRNotMUlVWV5Lursy27lIU6nuXIh1TL74jXL3
pDxJwANpmZ0MR1HJtGHYhmvuWrLKjSStOu2VH40c/v8qkt3m0WnQFrcabR7v6Xfx
x9jOOppffEf3nZjqMjMoQBOWbVGpBV5WFyJxAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUzZ0r7hB4miAcLqNzwdrVIBPtorMwHwYDVR0jBBgwFoAU+wZCMPPjm++7c6fU
3bJv4tRG7iUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBPTC8t
d1pDTVBQam0tLTdjNmZVM2JKdjR0Ukc3aVUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
Ly13WkNNUFBqbS0tN2M2ZlUzYkp2NHRSRzdpVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0FQT0wvelowcjdoQjRtaUFjTHFOendkclZJ
QlB0b3JNLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB9tbADAN
BgkqhkiG9w0BAQsFAAOCAQEAHNZyT+Q8OAsJ9vfGirS8gemMq22Y82rU1SI1wQ3Z
3MpFW59rcJ+kXbVDCXvx7osmZj29hnYNF/TKm5eKAjIwa8bflxk08HUavBTVtcfI
ETXlM68zDS9Za4giAUtJ3PCZON8brE4OkDXguLIiF6R0sVt2RzZZBt3SFXXi9y8d
WhT/FPnxjlYOqcMjpelABsnizowRKoIcOuHe36wvzWE9RDR8B6goLloEmDoiMEnd
KDSJd57BSfboIJ8TS3KvPm8oAJnmadCEc4Urfazjpf66XAhF+HCqSnWKfKVe4JXb
rSPfJRG8TKtM7ULBKOaN0IpAG4RXVOY2AFxwGuJokTw2tw==
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:33 2024 by rpki-client on console-ams.rpki-client.org