Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/ZdIst483a6d-kjAWtSZEz_4rEDw.roa
File: ZdIst483a6d-kjAWtSZEz_4rEDw.roa (raw, json)
Hash identifier: jiRFccKDhoZAQEXEye4yg4vfCQH6NNDiAxTcdGfE+AU=
Subject key identifier: 65:D2:2C:B7:8F:37:6B:A7:7E:92:30:16:B5:26:44:CF:FE:2B:10:3C
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C60
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ZdIst483a6d-kjAWtSZEz_4rEDw.roa
Signing time: Fri 01 Sep 2023 08:26:29 +0000
ROA not before: Fri 01 Sep 2023 08:26:29 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 45.64.232.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3168 (0xc60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:29 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=65D22CB78F376BA77E923016B52644CFFE2B103C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:68:30:65:af:0a:08:c7:5c:ef:a9:2f:a2:93:
fb:f7:a6:66:1c:9f:2a:0c:ff:a9:2b:9e:5e:27:84:
f1:10:db:d4:61:b3:0c:9a:44:73:85:cf:cd:d0:15:
f0:96:9d:f9:dc:84:20:9b:7e:cb:37:8d:ba:ac:e2:
00:24:88:05:57:0d:2b:5a:a0:e7:b5:63:d6:9b:ad:
0f:60:cd:7b:03:05:81:85:aa:d4:35:98:85:8d:ab:
a5:e0:26:68:2f:e7:05:8b:2e:a9:2c:64:a9:63:30:
1e:0a:c7:af:78:be:cd:cc:ac:e0:f1:aa:65:27:74:
f7:d8:dc:b5:55:f4:66:98:5a:27:c0:85:83:ed:87:
79:aa:dc:fe:ff:f3:ca:3f:1d:0c:4d:1e:64:fc:13:
12:f8:a3:82:66:9d:ea:f9:7e:4d:d8:04:5f:20:14:
15:51:f7:86:d6:cc:ca:fe:c2:9d:e7:bd:2a:be:8f:
8d:8b:14:06:28:17:74:a6:51:90:47:f4:e2:c4:a8:
a0:64:8f:c4:31:08:4e:0e:ae:50:1e:05:f2:54:df:
c9:d5:31:63:b8:09:03:9a:c7:06:2f:55:4c:33:a2:
b3:b1:f6:02:dd:89:38:5f:40:66:42:c1:9f:f8:e7:
85:5c:53:4f:86:c7:93:7e:6d:9e:8c:f0:a6:e1:4f:
f8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D2:2C:B7:8F:37:6B:A7:7E:92:30:16:B5:26:44:CF:FE:2B:10:3C
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/ZdIst483a6d-kjAWtSZEz_4rEDw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
45.64.232.0/22
Signature Algorithm: sha256WithRSAEncryption
2d:13:e3:48:a0:7c:3a:b3:36:06:bf:e6:f7:35:30:be:72:01:
ee:ce:55:14:94:c7:f7:26:cf:fe:87:d1:74:d4:91:34:50:32:
ac:d3:06:d9:37:e5:f5:ce:24:fc:9f:a0:a4:5b:c1:ad:c9:44:
fe:6a:6c:31:26:8b:5f:70:1e:e3:fe:a4:7e:ca:f7:41:27:0e:
cd:f3:33:96:1f:fc:a8:4a:e6:4f:1c:60:c9:f9:e7:f5:81:88:
ef:8e:6a:fd:ee:ad:99:71:eb:1e:a7:8b:3a:32:9b:b2:ad:1f:
f8:d0:04:bf:12:ce:20:31:c0:97:dd:32:25:c9:24:33:87:9d:
c6:5d:63:0d:43:4a:33:42:25:42:d5:d8:e6:0d:95:74:92:89:
1a:43:ae:bd:ae:7b:50:39:5f:3c:aa:21:20:cc:12:19:49:56:
c7:69:d2:1b:8d:7e:75:a0:c0:97:a6:6e:91:1b:00:2a:27:2d:
fd:47:78:65:8e:5e:16:21:85:79:8f:d5:e4:f8:d1:93:3b:9f:
72:9c:26:61:46:ce:a7:fc:de:1d:f5:e1:09:af:36:30:b0:ac:
bd:cc:62:3b:8d:35:07:11:e8:36:cc:e5:31:bd:32:37:03:d6:
29:4a:69:ff:74:5d:19:8f:65:ad:c2:fc:ba:2c:a2:6d:f9:31:
93:33:c0:21
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDGAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MjlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY1RDIyQ0I3OEYzNzZC
QTc3RTkyMzAxNkI1MjY0NENGRkUyQjEwM0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAaDBlrwoIx1zvqS+ik/v3pmYcnyoM/6krnl4nhPEQ29Rhswya
RHOFz83QFfCWnfnchCCbfss3jbqs4gAkiAVXDStaoOe1Y9abrQ9gzXsDBYGFqtQ1
mIWNq6XgJmgv5wWLLqksZKljMB4Kx694vs3MrODxqmUndPfY3LVV9GaYWifAhYPt
h3mq3P7/88o/HQxNHmT8ExL4o4Jmner5fk3YBF8gFBVR94bWzMr+wp3nvSq+j42L
FAYoF3SmUZBH9OLEqKBkj8QxCE4OrlAeBfJU38nVMWO4CQOaxwYvVUwzorOx9gLd
iThfQGZCwZ/454VcU0+Gx5N+bZ6M8KbhT/ijAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUZdIst483a6d+kjAWtSZEz/4rEDwwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9aZElzdDQ4M2E2ZC1rakFXdFNa
RXpfNHJFRHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLUDo
MA0GCSqGSIb3DQEBCwUAA4IBAQAtE+NIoHw6szYGv+b3NTC+cgHuzlUUlMf3Js/+
h9F01JE0UDKs0wbZN+X1ziT8n6CkW8GtyUT+amwxJotfcB7j/qR+yvdBJw7N8zOW
H/yoSuZPHGDJ+ef1gYjvjmr97q2Zcesep4s6MpuyrR/40AS/Es4gMcCX3TIlySQz
h53GXWMNQ0ozQiVC1djmDZV0kokaQ669rntQOV88qiEgzBIZSVbHadIbjX51oMCX
pm6RGwAqJy39R3hljl4WIYV5j9Xk+NGTO59ynCZhRs6n/N4d9eEJrzYwsKy9zGI7
jTUHEeg2zOUxvTI3A9YpSmn/dF0Zj2Wtwvy6LKJt+TGTM8Ah
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org