Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/98iFnMAWgpY4ULrio52NcwitUGc.roa
File: 98iFnMAWgpY4ULrio52NcwitUGc.roa (raw, json)
Hash identifier: xYMOYmM0zJrLMhL4QuTDY3tomo4WDI0q1r3jHGgDMEg=
Subject key identifier: F7:C8:85:9C:C0:16:82:96:38:50:BA:E2:A3:9D:8D:73:08:AD:50:67
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C56
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/98iFnMAWgpY4ULrio52NcwitUGc.roa
Signing time: Fri 01 Sep 2023 08:26:26 +0000
ROA not before: Fri 01 Sep 2023 08:26:26 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 124.155.168.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3158 (0xc56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:26 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F7C8859CC01682963850BAE2A39D8D7308AD5067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:7b:33:07:95:74:47:2c:a5:ac:c3:91:f8:2f:
09:00:cd:3f:11:4e:c8:69:ae:62:68:40:86:5d:4e:
40:5c:64:d0:c1:e9:b3:31:24:04:86:65:99:ef:a0:
01:f9:88:5a:08:a9:06:c7:80:8e:a5:c7:b6:f5:85:
df:5f:09:24:68:0b:70:61:f3:33:f9:7d:32:58:30:
fa:f4:95:80:92:44:93:34:b5:e9:7e:a6:2c:49:e1:
b6:f0:c6:f3:2d:9b:20:cf:67:98:43:ce:0d:a2:ff:
e8:c1:77:64:9e:31:72:48:e0:ce:06:ff:5a:34:2d:
07:a5:f1:cd:30:ff:f8:26:03:fa:dd:72:83:9a:23:
b6:2c:db:8a:d0:21:d9:94:83:89:5b:59:2a:45:a7:
1b:dc:78:3c:c0:49:6f:7e:e1:19:b7:14:33:7b:cb:
c9:ed:bd:a9:b0:d2:8d:f2:10:53:ba:35:5f:00:da:
3a:d3:25:95:0a:89:70:6b:ed:8b:ed:80:10:4a:38:
32:8d:ca:f9:c1:9c:75:5f:9a:47:88:90:ba:c3:58:
22:44:7a:d5:f9:00:18:79:ec:e1:d1:10:70:c3:16:
36:98:6a:d4:1d:af:25:fb:94:96:3c:7f:b1:64:f6:
a9:80:22:da:97:e6:e6:cd:cb:53:89:f5:1d:36:40:
42:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C8:85:9C:C0:16:82:96:38:50:BA:E2:A3:9D:8D:73:08:AD:50:67
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/98iFnMAWgpY4ULrio52NcwitUGc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.168.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:2e:8b:74:80:9d:14:ab:4a:82:92:e6:3a:09:5d:ee:e6:66:
09:6e:87:d2:85:9c:e3:0b:f4:32:16:a8:8d:4a:bd:b7:ba:2d:
6b:63:6f:ab:d5:1d:93:bc:d6:8c:1d:0f:63:19:54:7f:cb:ba:
68:c4:21:cf:9e:24:c6:cd:03:37:fd:71:65:28:52:9e:11:be:
f8:0f:b6:a2:8f:89:16:0d:d5:ef:61:cf:93:28:01:22:f4:47:
ae:6c:3e:06:58:33:b0:db:d0:85:01:09:90:ed:ed:39:c6:c1:
ef:db:b0:d1:30:a1:e8:07:40:55:1f:6c:af:0d:29:56:0b:28:
4e:d3:64:63:af:45:6d:e9:4a:74:c1:c8:17:a2:d4:ec:2b:ea:
b2:a7:e0:36:85:50:51:a1:25:67:8e:b1:6c:85:b2:31:76:dc:
21:8c:f7:38:5c:a9:1a:e4:eb:7c:8b:ac:81:7e:7e:15:3e:8a:
95:e6:39:d6:a2:a8:cd:5a:d7:c0:df:a9:ec:87:46:c3:15:ab:
d3:09:96:aa:0c:4e:83:25:81:22:58:76:4b:3a:58:7a:41:bc:
2e:38:f6:4b:0d:e0:b1:e9:31:8f:6f:e0:16:0d:7e:3b:d9:e9:
e4:d9:8d:28:4e:01:89:dc:c5:a2:cb:51:34:cb:1e:e7:c1:b5:
cd:6a:12:f9
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDFYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MjZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEY3Qzg4NTlDQzAxNjgy
OTYzODUwQkFFMkEzOUQ4RDczMDhBRDUwNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtezMHlXRHLKWsw5H4LwkAzT8RTshprmJoQIZdTkBcZNDB6bMx
JASGZZnvoAH5iFoIqQbHgI6lx7b1hd9fCSRoC3Bh8zP5fTJYMPr0lYCSRJM0tel+
pixJ4bbwxvMtmyDPZ5hDzg2i/+jBd2SeMXJI4M4G/1o0LQel8c0w//gmA/rdcoOa
I7Ys24rQIdmUg4lbWSpFpxvceDzASW9+4Rm3FDN7y8ntvamw0o3yEFO6NV8A2jrT
JZUKiXBr7YvtgBBKODKNyvnBnHVfmkeIkLrDWCJEetX5ABh57OHREHDDFjaYatQd
ryX7lJY8f7Fk9qmAItqX5ubNy1OJ9R02QEL7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU98iFnMAWgpY4ULrio52NcwitUGcwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC85OGlGbk1BV2dwWTRVTHJpbzUy
TmN3aXRVR2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBfJuo
MA0GCSqGSIb3DQEBCwUAA4IBAQA7Lot0gJ0Uq0qCkuY6CV3u5mYJbofShZzjC/Qy
FqiNSr23ui1rY2+r1R2TvNaMHQ9jGVR/y7poxCHPniTGzQM3/XFlKFKeEb74D7ai
j4kWDdXvYc+TKAEi9EeubD4GWDOw29CFAQmQ7e05xsHv27DRMKHoB0BVH2yvDSlW
CyhO02Rjr0Vt6Up0wcgXotTsK+qyp+A2hVBRoSVnjrFshbIxdtwhjPc4XKka5Ot8
i6yBfn4VPoqV5jnWoqjNWtfA36nsh0bDFavTCZaqDE6DJYEiWHZLOlh6QbwuOPZL
DeCx6TGPb+AWDX472enk2Y0oTgGJ3MWiy1E0yx7nwbXNahL5
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org