Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/kZUqfeJA9Y2wtPZL9teP6c-1mBk.roa
File: kZUqfeJA9Y2wtPZL9teP6c-1mBk.roa (raw, json)
Hash identifier: jcrYUyPAblQfsgTLkK03zQbrtTt82tly6i060ZINhHY=
Subject key identifier: 91:95:2A:7D:E2:40:F5:8D:B0:B4:F6:4B:F6:D7:8F:E9:CF:B5:98:19
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C62
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/kZUqfeJA9Y2wtPZL9teP6c-1mBk.roa
Signing time: Fri 01 Sep 2023 08:26:30 +0000
ROA not before: Fri 01 Sep 2023 08:26:30 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 124.155.160.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3170 (0xc62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:30 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=91952A7DE240F58DB0B4F64BF6D78FE9CFB59819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:68:0f:d0:6f:5a:41:64:e3:4e:bc:2f:fd:ab:
11:d2:f1:f6:92:c0:f3:6f:55:4e:f7:d7:9a:6f:27:
b7:c5:55:f3:3d:e5:1c:9b:43:d7:0a:11:09:fa:00:
ac:d3:80:33:66:1c:c6:af:31:cd:2c:b3:eb:33:93:
57:60:f0:24:83:01:74:40:cc:b6:a1:42:a5:be:79:
77:66:df:16:97:67:ba:0a:01:03:52:42:85:93:e2:
a1:18:e5:ed:01:c3:d2:80:aa:ed:a1:14:b0:b0:d5:
af:f7:9b:ad:a6:6b:eb:46:7d:9d:0a:86:2b:89:09:
67:99:fb:fe:c9:60:3f:87:57:b6:00:d2:36:68:a1:
b3:6d:23:94:15:4c:61:3f:10:3c:df:ef:99:7c:ac:
8c:68:d9:72:f7:34:0a:43:60:8a:10:9d:40:28:08:
da:8d:ed:50:ea:cc:d5:4c:7a:a2:4f:02:bc:f4:59:
2d:81:90:dd:f3:f9:cd:bc:f0:67:30:b5:21:b5:19:
9b:cb:3d:1c:36:51:25:76:cb:d4:ba:88:d2:3c:7b:
b0:26:ef:10:80:44:f2:b6:1d:d3:43:4c:a1:ef:c3:
4d:57:ff:a8:bc:5b:d3:a9:39:0d:f8:05:58:7d:83:
b7:34:9a:1f:f5:c4:07:a4:00:50:6b:f7:b3:5e:fc:
24:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:95:2A:7D:E2:40:F5:8D:B0:B4:F6:4B:F6:D7:8F:E9:CF:B5:98:19
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/kZUqfeJA9Y2wtPZL9teP6c-1mBk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.155.160.0/21
Signature Algorithm: sha256WithRSAEncryption
00:6d:b9:16:ea:06:0c:35:7c:a1:81:34:07:06:21:52:7c:99:
7e:07:13:0a:9f:3e:a7:d3:ec:1b:47:df:b8:17:aa:81:a6:07:
3b:b3:2f:6b:82:40:fa:9b:8d:52:a9:f5:61:d2:e6:dc:89:e2:
85:63:06:03:91:ec:63:46:23:c5:07:79:cc:1a:b1:7c:3a:f9:
27:53:f3:c2:01:d2:b9:86:66:b6:d1:ec:d1:d6:5b:ce:af:cf:
b4:29:bf:32:dd:64:e8:b5:82:86:cd:1b:07:3b:97:35:5b:7c:
ac:c0:e7:d8:2a:4a:85:c8:88:d3:3e:76:06:7d:c2:04:9a:a1:
f5:12:c3:5f:8d:86:a7:a3:0c:06:e4:c1:79:c3:8e:69:aa:b7:
68:1f:a5:7a:0b:99:8f:cd:bb:15:11:1d:4f:1d:fc:17:86:f9:
0c:bf:be:89:49:4a:46:21:4d:bc:00:c4:3b:6e:57:7b:32:f7:
70:60:88:c1:55:02:4a:68:4d:ff:50:ba:6a:c1:83:0c:1e:a2:
82:61:28:c6:55:af:fe:62:41:7c:04:64:5d:3f:50:73:b7:fd:
42:9c:a8:a6:84:32:ad:21:d3:d9:8d:c3:42:8a:ec:fe:77:e9:
8d:ab:ff:38:03:c7:2d:05:97:7f:78:8a:c1:7b:c0:2f:5e:c8:
5d:f5:d2:f8
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDGIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkxOTUyQTdERTI0MEY1
OERCMEI0RjY0QkY2RDc4RkU5Q0ZCNTk4MTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgaA/Qb1pBZONOvC/9qxHS8faSwPNvVU7315pvJ7fFVfM95Ryb
Q9cKEQn6AKzTgDNmHMavMc0ss+szk1dg8CSDAXRAzLahQqW+eXdm3xaXZ7oKAQNS
QoWT4qEY5e0Bw9KAqu2hFLCw1a/3m62ma+tGfZ0KhiuJCWeZ+/7JYD+HV7YA0jZo
obNtI5QVTGE/EDzf75l8rIxo2XL3NApDYIoQnUAoCNqN7VDqzNVMeqJPArz0WS2B
kN3z+c288GcwtSG1GZvLPRw2USV2y9S6iNI8e7Am7xCARPK2HdNDTKHvw01X/6i8
W9OpOQ34BVh9g7c0mh/1xAekAFBr97Ne/CR1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUkZUqfeJA9Y2wtPZL9teP6c+1mBkwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9rWlVxZmVKQTlZMnd0UFpMOXRl
UDZjLTFtQmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDfJug
MA0GCSqGSIb3DQEBCwUAA4IBAQAAbbkW6gYMNXyhgTQHBiFSfJl+BxMKnz6n0+wb
R9+4F6qBpgc7sy9rgkD6m41SqfVh0ubcieKFYwYDkexjRiPFB3nMGrF8OvknU/PC
AdK5hma20ezR1lvOr8+0Kb8y3WTotYKGzRsHO5c1W3yswOfYKkqFyIjTPnYGfcIE
mqH1EsNfjYanowwG5MF5w45pqrdoH6V6C5mPzbsVER1PHfwXhvkMv76JSUpGIU28
AMQ7bld7MvdwYIjBVQJKaE3/ULpqwYMMHqKCYSjGVa/+YkF8BGRdP1Bzt/1CnKim
hDKtIdPZjcNCiuz+d+mNq/84A8ctBZd/eIrBe8AvXshd9dL4
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org