Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/PGHsuKKZwL-QAroRS3KM46ufysY.roa
File: PGHsuKKZwL-QAroRS3KM46ufysY.roa (raw, json)
Hash identifier: AXESdcF4xbMsTfJn8M9y4aXRczdLRRM6ZqCsUw9kRbc=
Subject key identifier: 3C:61:EC:B8:A2:99:C0:BF:90:02:BA:11:4B:72:8C:E3:AB:9F:CA:C6
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C6E
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/PGHsuKKZwL-QAroRS3KM46ufysY.roa
Signing time: Fri 01 Sep 2023 08:26:33 +0000
ROA not before: Fri 01 Sep 2023 08:26:33 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 61.57.152.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3182 (0xc6e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:33 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=3C61ECB8A299C0BF9002BA114B728CE3AB9FCAC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ea:c9:34:19:c0:b6:61:f7:b4:3d:0c:11:86:
30:9e:c2:29:61:a6:80:9e:ff:ee:6b:ff:d5:7f:c7:
03:01:1e:57:a6:c5:c7:af:e4:bd:7d:17:a2:62:ea:
14:51:d4:8e:e1:15:9f:f8:2c:8e:4a:3b:91:65:14:
21:f1:30:bf:45:ac:be:f6:16:d0:b8:70:bd:6d:69:
51:52:8f:8a:3f:ec:e6:2e:9b:23:87:30:4c:30:1c:
5b:e8:c9:9c:55:ee:56:6a:09:c8:bf:90:f3:39:c9:
df:5f:8f:ac:17:7a:ee:29:bf:ca:39:2f:76:43:22:
7e:1d:f5:d2:2f:da:87:40:4c:60:1b:bb:d0:c4:3a:
aa:94:f0:63:9f:c9:95:31:a2:3c:b1:25:31:b6:19:
af:79:a4:0e:8d:3e:9f:e9:53:ef:e4:f4:44:e3:0a:
69:ca:90:d1:7c:23:49:71:e8:1e:b0:8e:fa:b0:f0:
94:09:51:a0:34:c5:67:23:46:97:c2:c7:25:fd:36:
6a:57:da:98:cc:fa:a6:90:e1:b2:31:6c:65:10:dd:
94:a1:51:cb:e4:36:a8:09:4b:57:16:91:39:7a:1d:
43:bf:3a:32:fb:44:b4:a8:f6:96:f7:e4:e5:84:67:
1e:0f:ca:48:2b:a0:d3:4b:dd:06:e4:da:57:7d:31:
88:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:61:EC:B8:A2:99:C0:BF:90:02:BA:11:4B:72:8C:E3:AB:9F:CA:C6
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/PGHsuKKZwL-QAroRS3KM46ufysY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.57.152.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:1e:3f:f7:51:5d:e7:c1:c8:d6:a5:4b:8b:ef:84:c5:fe:83:
8b:b9:1c:f2:5a:05:9e:08:a9:9c:52:c9:08:98:56:d7:f4:91:
20:a6:6e:68:10:03:35:64:d6:4f:58:3b:e6:c4:33:ef:0d:ef:
39:e2:85:33:ea:93:95:3c:c6:4f:9f:1e:7c:ff:52:f4:53:27:
55:1d:c1:96:21:51:94:48:37:0a:9d:fb:12:8c:9e:7b:fd:66:
51:89:8e:ff:f4:4b:a2:86:e4:e4:a4:93:5e:8d:e1:f4:3a:fb:
d1:8b:17:dc:4c:1f:15:dd:3e:50:ae:3a:56:49:93:1b:66:a1:
e4:25:9a:ec:e9:51:d9:62:7d:c3:0e:93:f3:cd:21:16:2a:0f:
36:fc:cf:e5:12:5d:b7:7f:ff:7d:f7:6d:d5:ba:f8:70:4a:03:
ce:b6:82:40:a2:60:58:6c:3b:af:30:a0:49:70:b3:d2:5b:77:
e1:35:7f:db:2a:be:bc:1e:75:7c:8e:bb:6c:bc:21:6f:7d:9b:
9b:af:7d:42:cc:d7:12:cd:b6:6b:1a:1b:1c:5c:1f:31:b9:68:
41:9c:dd:3a:e1:fd:44:61:d5:ec:11:da:17:51:e9:52:1a:ea:
eb:39:65:0f:4c:93:56:bd:4f:86:cf:be:3c:48:bf:ac:da:7d:
5f:b8:d9:d0
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDG4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MzNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDNDNjFFQ0I4QTI5OUMw
QkY5MDAyQkExMTRCNzI4Q0UzQUI5RkNBQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC36sk0GcC2Yfe0PQwRhjCewilhpoCe/+5r/9V/xwMBHlemxcev
5L19F6Ji6hRR1I7hFZ/4LI5KO5FlFCHxML9FrL72FtC4cL1taVFSj4o/7OYumyOH
MEwwHFvoyZxV7lZqCci/kPM5yd9fj6wXeu4pv8o5L3ZDIn4d9dIv2odATGAbu9DE
OqqU8GOfyZUxojyxJTG2Ga95pA6NPp/pU+/k9ETjCmnKkNF8I0lx6B6wjvqw8JQJ
UaA0xWcjRpfCxyX9NmpX2pjM+qaQ4bIxbGUQ3ZShUcvkNqgJS1cWkTl6HUO/OjL7
RLSo9pb35OWEZx4PykgroNNL3Qbk2ld9MYh7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUPGHsuKKZwL+QAroRS3KM46ufysYwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9QR0hzdUtLWndMLVFBcm9SUzNL
TTQ2dWZ5c1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDPTmY
MA0GCSqGSIb3DQEBCwUAA4IBAQBvHj/3UV3nwcjWpUuL74TF/oOLuRzyWgWeCKmc
UskImFbX9JEgpm5oEAM1ZNZPWDvmxDPvDe854oUz6pOVPMZPnx58/1L0UydVHcGW
IVGUSDcKnfsSjJ57/WZRiY7/9EuihuTkpJNejeH0OvvRixfcTB8V3T5QrjpWSZMb
ZqHkJZrs6VHZYn3DDpPzzSEWKg82/M/lEl23f/99923VuvhwSgPOtoJAomBYbDuv
MKBJcLPSW3fhNX/bKr68HnV8jrtsvCFvfZubr31CzNcSzbZrGhscXB8xuWhBnN06
4f1EYdXsEdoXUelSGurrOWUPTJNWvU+Gz748SL+s2n1fuNnQ
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org