Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/DQFSpg8AQzE2KOD8kFUVysa7i3Y.roa
File: DQFSpg8AQzE2KOD8kFUVysa7i3Y.roa (raw, json)
Hash identifier: iEXq+wPsCgWZRxvrid5aa/LvsazhElGeVL5eL20ERG4=
Subject key identifier: 0D:01:52:A6:0F:00:43:31:36:28:E0:FC:90:55:15:CA:C6:BB:8B:76
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C75
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/DQFSpg8AQzE2KOD8kFUVysa7i3Y.roa
Signing time: Fri 01 Sep 2023 08:26:35 +0000
ROA not before: Fri 01 Sep 2023 08:26:35 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 61.57.136.0/21 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3189 (0xc75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:35 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0D0152A60F0043313628E0FC905515CAC6BB8B76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:ad:a0:19:9f:93:ce:66:74:a7:31:8e:a4:
76:e9:6b:34:84:79:bd:52:1d:e7:b1:ba:41:05:66:
8d:df:b7:42:ae:70:13:cc:34:a3:2c:dd:12:64:46:
53:7d:1e:4e:1b:c6:b6:6e:d8:69:c0:52:b1:80:71:
d2:b7:13:a8:e0:e7:cc:2b:b3:9c:59:18:58:86:ba:
27:7b:e5:37:2c:7f:a8:5c:57:a8:56:09:a7:af:06:
05:a4:b2:46:06:8b:69:e2:c1:0c:9f:fe:32:fe:64:
a2:13:f9:12:57:8c:91:d0:4e:b8:10:7c:1f:c0:61:
24:57:79:08:dd:4a:21:be:ff:27:3d:67:f5:a6:05:
61:a3:4e:9d:2e:d9:b5:cd:2c:b4:ed:6e:5b:47:dc:
04:43:58:b2:8d:e1:e6:6b:4f:8c:62:eb:3e:2c:92:
0c:55:38:51:a8:c1:09:63:34:95:2e:f6:3c:e4:b4:
c4:98:78:cf:97:ec:88:c3:87:a9:3f:d8:93:ca:00:
0b:e4:d1:04:33:3c:fe:39:98:af:e4:e8:5c:de:5c:
15:75:85:2c:7a:29:e6:a1:67:01:bc:ee:47:80:f4:
02:9a:50:25:2f:fc:19:d3:0b:39:a0:7c:f6:2d:77:
1b:c0:d8:90:9d:af:f5:e8:02:f3:2b:ef:b7:61:72:
c4:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:01:52:A6:0F:00:43:31:36:28:E0:FC:90:55:15:CA:C6:BB:8B:76
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/DQFSpg8AQzE2KOD8kFUVysa7i3Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.136.0/21
Signature Algorithm: sha256WithRSAEncryption
40:6a:69:66:87:10:be:00:96:23:a5:e9:6c:c0:5e:2a:21:b0:
59:63:03:a4:82:ab:9e:a2:ee:c8:03:2c:43:a8:2b:65:ca:a5:
8b:46:45:33:50:a3:ac:59:a6:ae:5d:6c:97:56:64:e2:78:0f:
ba:5f:dc:6c:80:5b:35:f0:c7:6a:e2:ca:89:b6:c8:00:72:cd:
89:94:73:8c:e0:49:88:7e:f8:70:b8:0d:0b:41:62:be:07:fc:
86:dd:90:20:06:12:38:59:66:d4:42:b0:91:62:31:b5:4f:67:
78:16:1b:1f:3b:01:84:14:ac:e8:cf:33:be:3a:d5:8a:54:15:
3f:43:42:6c:ca:6a:81:96:39:40:32:82:3d:5c:10:ec:83:bf:
37:17:e7:63:b5:29:d6:c9:4d:96:d0:e3:81:e9:1c:bf:85:83:
a9:2a:8b:af:50:e1:84:dc:b8:d5:6a:5c:b0:93:6e:48:1a:16:
50:ce:7e:90:7a:15:5d:30:ad:e4:a5:5d:da:07:07:99:fe:7d:
f7:ca:c9:bd:17:fa:fa:64:59:fe:9c:ee:54:cb:d0:9a:d7:ad:
9f:aa:28:5d:c7:c1:bb:ba:eb:ad:4a:35:58:82:fe:bf:30:fe:
52:f4:cc:f5:38:62:f0:4d:97:f0:a6:66:19:03:d8:a6:54:23:
84:e8:c9:a2
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDHUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MzVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBEMDE1MkE2MEYwMDQz
MzEzNjI4RTBGQzkwNTUxNUNBQzZCQjhCNzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyKa2gGZ+TzmZ0pzGOpHbpazSEeb1SHeexukEFZo3ft0KucBPM
NKMs3RJkRlN9Hk4bxrZu2GnAUrGAcdK3E6jg58wrs5xZGFiGuid75Tcsf6hcV6hW
CaevBgWkskYGi2niwQyf/jL+ZKIT+RJXjJHQTrgQfB/AYSRXeQjdSiG+/yc9Z/Wm
BWGjTp0u2bXNLLTtbltH3ARDWLKN4eZrT4xi6z4skgxVOFGowQljNJUu9jzktMSY
eM+X7IjDh6k/2JPKAAvk0QQzPP45mK/k6FzeXBV1hSx6KeahZwG87keA9AKaUCUv
/BnTCzmgfPYtdxvA2JCdr/XoAvMr77dhcsTnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUDQFSpg8AQzE2KOD8kFUVysa7i3YwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9EUUZTcGc4QVF6RTJLT0Q4a0ZV
VnlzYTdpM1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmI
MA0GCSqGSIb3DQEBCwUAA4IBAQBAamlmhxC+AJYjpelswF4qIbBZYwOkgqueou7I
AyxDqCtlyqWLRkUzUKOsWaauXWyXVmTieA+6X9xsgFs18Mdq4sqJtsgAcs2JlHOM
4EmIfvhwuA0LQWK+B/yG3ZAgBhI4WWbUQrCRYjG1T2d4FhsfOwGEFKzozzO+OtWK
VBU/Q0JsymqBljlAMoI9XBDsg783F+djtSnWyU2W0OOB6Ry/hYOpKouvUOGE3LjV
alywk25IGhZQzn6QehVdMK3kpV3aBweZ/n33ysm9F/r6ZFn+nO5Uy9Ca162fqihd
x8G7uuutSjVYgv6/MP5S9Mz1OGLwTZfwpmYZA9imVCOE6Mmi
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org