Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/r3QLXk6jJJ2xUhnTyiukeVmDyTE.roa
File: r3QLXk6jJJ2xUhnTyiukeVmDyTE.roa (raw, json)
Hash identifier: maABu675NKgVjMmovs//pAkGuM0VOsARkx1jjwLCYWU=
Subject key identifier: AF:74:0B:5E:4E:A3:24:9D:B1:52:19:D3:CA:2B:A4:79:59:83:C9:31
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0C76
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/r3QLXk6jJJ2xUhnTyiukeVmDyTE.roa
Signing time: Fri 01 Sep 2023 08:26:36 +0000
ROA not before: Fri 01 Sep 2023 08:26:36 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18429
IP address blocks: 27.147.48.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3190 (0xc76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Sep 1 08:26:36 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=AF740B5E4EA3249DB15219D3CA2BA4795983C931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:3d:1f:ff:0d:90:38:70:14:a2:05:fa:3f:23:
09:00:4b:3c:ad:01:13:f8:66:0d:e3:38:89:9e:cc:
d0:09:24:a6:6e:a8:b4:95:63:14:5b:8f:2d:e8:75:
65:be:83:7a:1e:cc:25:67:39:08:d2:da:75:6c:ea:
b0:96:bb:54:5a:41:19:e6:3f:86:7f:a8:aa:7d:c3:
3c:89:d0:5f:a6:c5:98:e0:0a:b3:51:08:67:87:35:
90:d2:66:7b:0c:33:02:81:42:56:b1:bf:17:08:a4:
c7:ff:b1:d0:1f:ba:50:e1:d5:12:45:60:ff:f6:14:
a4:9c:91:72:c3:cb:44:54:3e:69:89:d1:2c:d0:9d:
79:22:a9:e7:cc:0f:61:3f:41:0e:54:00:a9:56:24:
72:2e:68:9d:ee:b1:1c:0c:a7:17:34:ee:b8:1d:fd:
94:39:d2:a1:a6:be:fb:03:42:c3:2a:67:f5:03:7a:
54:38:6c:f4:26:4d:d2:8e:67:d7:79:95:8b:9b:37:
5b:fa:69:04:c9:42:c0:98:31:30:0f:ec:c9:be:0d:
57:77:65:df:1e:6c:bb:74:42:2b:6a:ea:61:c0:fe:
80:26:87:ae:52:94:9a:56:5c:06:c1:dc:a0:98:66:
b1:1e:50:95:a3:fa:6f:b1:14:73:9d:89:03:6e:59:
59:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:74:0B:5E:4E:A3:24:9D:B1:52:19:D3:CA:2B:A4:79:59:83:C9:31
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/r3QLXk6jJJ2xUhnTyiukeVmDyTE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.147.48.0/21
Signature Algorithm: sha256WithRSAEncryption
88:11:29:c7:02:b0:fb:0d:d5:8b:8a:e9:44:e8:9c:e7:2a:ef:
96:38:c8:63:13:03:9a:09:56:48:d6:ff:0e:04:1b:f2:4f:a8:
e5:23:6e:bd:77:4c:8e:c2:16:9c:14:e8:2c:10:5f:0f:49:da:
41:9e:3b:5d:20:fc:24:3e:49:89:f2:fe:d0:69:b5:b6:cb:35:
b2:85:59:6a:a2:fe:79:5f:0d:c2:b0:a1:02:65:52:8e:c9:ee:
e2:a4:82:6b:94:0c:60:19:8e:fc:8e:26:8d:de:00:f3:ed:f1:
95:3d:ef:f0:cc:76:b1:e0:62:3d:f1:85:08:df:f9:92:df:0d:
a0:cc:ba:94:4d:94:0a:32:53:6e:c0:9d:5d:4c:a2:b1:87:e9:
33:ec:e3:c9:2f:7c:5b:3b:83:64:9e:80:02:92:d9:f7:e4:f0:
01:ac:63:a0:64:7a:d9:e6:10:c9:58:c0:2d:a3:53:f5:05:5c:
9d:a0:3b:94:5d:0f:b8:cf:3f:79:77:a3:33:53:96:85:85:93:
3a:f5:04:a6:d7:a6:a3:28:b1:a1:f5:0b:26:a7:28:b4:35:75:
a0:72:0f:e5:bc:3a:f4:4b:54:9e:ca:ee:b8:0e:8a:84:bf:12:
07:9d:50:10:d4:8e:1a:70:90:52:e0:f1:64:2b:6f:14:06:b5:
a8:ca:a9:6e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDHYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMzA5MDEw
ODI2MzZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFGNzQwQjVFNEVBMzI0
OURCMTUyMTlEM0NBMkJBNDc5NTk4M0M5MzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvPR//DZA4cBSiBfo/IwkASzytARP4Zg3jOImezNAJJKZuqLSV
YxRbjy3odWW+g3oezCVnOQjS2nVs6rCWu1RaQRnmP4Z/qKp9wzyJ0F+mxZjgCrNR
CGeHNZDSZnsMMwKBQlaxvxcIpMf/sdAfulDh1RJFYP/2FKSckXLDy0RUPmmJ0SzQ
nXkiqefMD2E/QQ5UAKlWJHIuaJ3usRwMpxc07rgd/ZQ50qGmvvsDQsMqZ/UDelQ4
bPQmTdKOZ9d5lYubN1v6aQTJQsCYMTAP7Mm+DVd3Zd8ebLt0Qitq6mHA/oAmh65S
lJpWXAbB3KCYZrEeUJWj+m+xFHOdiQNuWVmbAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUr3QLXk6jJJ2xUhnTyiukeVmDyTEwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC9yM1FMWGs2akpKMnhVaG5UeWl1
a2VWbUR5VEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDG5Mw
MA0GCSqGSIb3DQEBCwUAA4IBAQCIESnHArD7DdWLiulE6JznKu+WOMhjEwOaCVZI
1v8OBBvyT6jlI269d0yOwhacFOgsEF8PSdpBnjtdIPwkPkmJ8v7QabW2yzWyhVlq
ov55Xw3CsKECZVKOye7ipIJrlAxgGY78jiaN3gDz7fGVPe/wzHax4GI98YUI3/mS
3w2gzLqUTZQKMlNuwJ1dTKKxh+kz7OPJL3xbO4NknoACktn35PABrGOgZHrZ5hDJ
WMAto1P1BVydoDuUXQ+4zz95d6MzU5aFhZM69QSm16ajKLGh9Qsmpyi0NXWgcg/l
vDr0S1Seyu64DoqEvxIHnVAQ1I4acJBS4PFkK28UBrWoyqlu
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org