Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ASNET/Jf8fKjBcLoJzVoSWorOwq23bBlY.roa
File: Jf8fKjBcLoJzVoSWorOwq23bBlY.roa (raw, json)
Hash identifier: /eQBbz2kE9iv+upcyiEugLPYiuZ4Kq017VWqFSV012E=
Subject key identifier: 25:FF:1F:2A:30:5C:2E:82:73:56:84:96:A2:B3:B0:AB:6D:DB:06:56
Certificate issuer: /CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
Certificate serial: 0C23
Authority key identifier: 70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/Jf8fKjBcLoJzVoSWorOwq23bBlY.roa
Signing time: Fri 26 Jul 2024 07:59:08 +0000
ROA not before: Fri 26 Jul 2024 07:59:08 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9264
IP address blocks: 2400:4500::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3107 (0xc23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70984F008CA28F6475DB426353BFD1C433D8BC1A
Validity
Not Before: Jul 26 07:59:08 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=25FF1F2A305C2E8273568496A2B3B0AB6DDB0656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:01:f7:93:8a:2d:23:c6:5c:ad:b7:32:ec:d4:
c8:25:61:00:14:75:2e:a7:cf:bf:c2:0b:c0:46:8f:
09:12:6d:df:a4:f5:4c:a9:1b:45:e6:36:bb:2f:11:
df:93:43:b1:0e:19:67:4c:25:ff:37:1e:06:22:79:
4e:96:14:c5:78:77:6b:c7:ca:f6:b6:fd:d4:2f:90:
eb:b0:c1:d3:37:56:b5:6e:78:c9:c5:6c:44:86:a8:
0d:6f:23:8f:60:de:d6:b5:20:fe:f8:74:4f:cd:7d:
bc:eb:45:81:6c:92:24:9c:e4:16:7d:eb:0d:eb:53:
de:6b:5d:e1:cd:fc:89:69:82:07:ca:bb:7a:e4:dd:
a8:ad:b0:53:50:e4:45:af:9f:cd:61:91:db:c3:34:
8c:67:b6:6b:13:0a:46:7f:91:ce:0d:a9:6f:6d:ed:
83:9f:4c:b0:6d:b1:14:b4:02:f1:15:10:b5:e4:00:
6b:97:b4:a4:17:04:6b:78:45:42:f7:38:31:d7:0d:
5f:01:85:92:47:28:0c:8c:59:e4:8d:2c:cf:1a:19:
92:61:5e:05:b8:21:9b:36:d0:c9:56:5d:01:50:1a:
f6:88:38:68:11:c3:94:56:58:e2:ac:eb:04:a9:31:
76:ff:5a:16:70:07:f9:74:5d:44:41:b9:4e:c9:ce:
e7:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:FF:1F:2A:30:5C:2E:82:73:56:84:96:A2:B3:B0:AB:6D:DB:06:56
X509v3 Authority Key Identifier:
keyid:70:98:4F:00:8C:A2:8F:64:75:DB:42:63:53:BF:D1:C4:33:D8:BC:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/cJhPAIyij2R120JjU7_RxDPYvBo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/cJhPAIyij2R120JjU7_RxDPYvBo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ASNET/Jf8fKjBcLoJzVoSWorOwq23bBlY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:4500::/32
Signature Algorithm: sha256WithRSAEncryption
59:84:ab:4d:03:e5:4e:11:12:1d:2d:f2:39:07:ba:97:9d:75:
61:78:b3:eb:3b:ca:cf:e9:c0:a9:0d:2d:16:2a:24:27:80:55:
7c:4c:40:20:9a:94:03:4e:44:16:08:2e:de:0f:d6:26:fb:b3:
b4:b0:08:f6:89:20:7b:28:5c:d5:3e:47:14:6e:dc:6f:04:f8:
e4:cb:bd:91:a8:6e:9e:a2:a7:4e:0e:cf:c2:ed:7b:84:40:59:
5a:4e:b4:4f:7b:f4:64:46:0b:c7:75:38:d6:f2:18:d2:2e:1c:
21:e1:51:50:fa:59:10:77:74:0f:ec:00:f9:cc:25:15:f1:cb:
5e:f9:b6:74:5b:9b:f3:71:70:51:23:f3:12:3d:08:79:d9:63:
4d:fe:38:79:79:d3:f5:1a:8e:4a:c0:0d:81:b8:cc:c9:0d:cf:
49:87:7b:56:dd:a1:51:74:07:3f:2b:ae:94:c9:ed:cd:05:c1:
03:81:b4:0b:9d:88:fb:07:da:bc:ae:1d:6c:16:c0:ba:c4:49:
f6:66:30:b9:dd:46:43:b5:5a:56:88:21:ca:d9:f9:bf:7e:fb:
f1:80:20:09:59:5b:8f:68:5a:4a:9d:23:3a:55:1e:e3:c8:30:
5c:6d:fb:70:7f:9f:b5:37:22:09:ec:5c:26:ea:69:65:b3:40:
24:3e:45:41
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICDCMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzA5
ODRGMDA4Q0EyOEY2NDc1REI0MjYzNTNCRkQxQzQzM0Q4QkMxQTAeFw0yNDA3MjYw
NzU5MDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI1RkYxRjJBMzA1QzJF
ODI3MzU2ODQ5NkEyQjNCMEFCNkREQjA2NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9AfeTii0jxlyttzLs1MglYQAUdS6nz7/CC8BGjwkSbd+k9Uyp
G0XmNrsvEd+TQ7EOGWdMJf83HgYieU6WFMV4d2vHyva2/dQvkOuwwdM3VrVueMnF
bESGqA1vI49g3ta1IP74dE/NfbzrRYFskiSc5BZ96w3rU95rXeHN/IlpggfKu3rk
3aitsFNQ5EWvn81hkdvDNIxntmsTCkZ/kc4NqW9t7YOfTLBtsRS0AvEVELXkAGuX
tKQXBGt4RUL3ODHXDV8BhZJHKAyMWeSNLM8aGZJhXgW4IZs20MlWXQFQGvaIOGgR
w5RWWOKs6wSpMXb/WhZwB/l0XURBuU7JzucFAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUJf8fKjBcLoJzVoSWorOwq23bBlYwHwYDVR0jBBgwFoAUcJhPAIyij2R120Jj
U7/RxDPYvBowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVNORVQv
Y0poUEFJeWlqMlIxMjBKalU3X1J4RFBZdkJvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9jSmhQQUl5aWoyUjEyMEpqVTdfUnhEUFl2Qm8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9BU05FVC9KZjhmS2pCY0xvSnpWb1NXb3JP
d3EyM2JCbFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJABF
ADANBgkqhkiG9w0BAQsFAAOCAQEAWYSrTQPlThESHS3yOQe6l511YXiz6zvKz+nA
qQ0tFiokJ4BVfExAIJqUA05EFggu3g/WJvuztLAI9okgeyhc1T5HFG7cbwT45Mu9
kahunqKnTg7Pwu17hEBZWk60T3v0ZEYLx3U41vIY0i4cIeFRUPpZEHd0D+wA+cwl
FfHLXvm2dFub83FwUSPzEj0IedljTf44eXnT9RqOSsANgbjMyQ3PSYd7Vt2hUXQH
PyuulMntzQXBA4G0C52I+wfavK4dbBbAusRJ9mYwud1GQ7VaVoghytn5v3778YAg
CVlbj2haSp0jOlUe48gwXG37cH+ftTciCexcJuppZbNAJD5FQQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:10 2024 by rpki-client on console-ams.rpki-client.org