Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WSt64QxOY4pw0vgbNsCrLb2UBtQ.roa
File: WSt64QxOY4pw0vgbNsCrLb2UBtQ.roa (raw, json)
Hash identifier: d7XNen1w1CzSaufIMckuOVlBTPzfyDmiKHh8KYXqN1o=
Subject key identifier: 59:2B:7A:E1:0C:4E:63:8A:70:D2:F8:1B:36:C0:AB:2D:BD:94:06:D4
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0FA9
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WSt64QxOY4pw0vgbNsCrLb2UBtQ.roa
Signing time: Fri 01 Sep 2023 08:29:23 +0000
ROA not before: Fri 01 Sep 2023 08:29:23 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 10085
IP address blocks: 150.117.96.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4009 (0xfa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 1 08:29:23 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=592B7AE10C4E638A70D2F81B36C0AB2DBD9406D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:97:b7:aa:54:98:3b:d7:ef:41:67:ea:6e:6e:
12:6b:33:7c:dd:74:89:e1:f2:3e:03:7c:8a:26:93:
54:ea:f3:44:3f:57:17:07:a9:cf:c7:c4:ec:52:2d:
46:d2:33:c6:58:da:3c:8a:06:ed:78:00:c1:4a:97:
8c:79:72:2d:e0:ac:b0:53:43:d8:c4:9e:71:05:ba:
0c:41:ba:3a:3f:9a:d6:74:02:e0:5c:0b:17:59:47:
f5:49:6c:f2:c3:47:59:79:12:3b:d3:00:5d:0e:4e:
e9:5c:bb:eb:54:c3:6e:07:27:c0:68:ad:13:08:d6:
8f:54:ce:80:bc:d3:2b:b6:2e:4b:73:e0:89:6c:7b:
95:ec:47:f7:48:19:48:fc:4f:43:1b:24:da:c7:72:
44:0b:71:ee:e4:cc:fa:05:11:6c:e5:06:14:7f:85:
9a:e4:73:ab:e3:4f:9c:f7:97:5f:f3:cb:ac:7a:84:
4e:2f:81:c0:57:8b:ba:67:61:e9:f2:95:91:8d:1d:
2e:9f:5e:8a:43:9e:1e:12:ad:5c:19:4a:12:ae:20:
ad:06:be:1a:02:ed:0d:de:b7:35:8a:0c:a1:6e:d3:
3c:55:0e:62:79:76:d6:d4:8f:f0:c0:8a:2d:73:2c:
3c:e6:8b:88:67:6a:ea:51:3d:0f:33:31:46:6c:f8:
16:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2B:7A:E1:0C:4E:63:8A:70:D2:F8:1B:36:C0:AB:2D:BD:94:06:D4
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WSt64QxOY4pw0vgbNsCrLb2UBtQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.96.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:a3:b6:69:a8:72:90:ad:8b:2e:1f:eb:1d:b2:2b:8d:f5:c3:
0c:ca:95:8a:c2:c6:2a:b3:73:6d:f6:3f:ae:2a:7a:9b:18:de:
6f:ae:c0:3f:41:11:5e:20:31:ba:c3:6c:1b:95:58:11:4c:0a:
e1:83:f0:9c:ba:33:ee:e3:14:8e:71:d6:59:3f:fe:c4:61:48:
83:44:0e:4e:f5:8f:67:12:d3:33:2b:6c:0a:66:70:b4:f0:3d:
6b:8b:5a:5b:5b:10:0c:88:34:9d:0c:94:b6:ef:38:83:3e:32:
63:0b:e9:9c:8c:ae:f0:84:0e:f6:b3:de:94:e6:18:ea:be:2d:
94:9e:08:7a:a7:cb:48:1b:be:45:71:cf:ba:05:89:17:38:dd:
d9:58:50:a7:36:17:d9:55:c4:81:67:03:d7:51:6d:7a:86:b8:
e0:f6:02:8f:67:e6:34:0d:bc:a8:8f:85:72:f6:6d:9e:3d:d3:
8e:4d:e8:3e:4c:43:3d:00:d7:7a:e6:20:1b:bb:5c:6c:0d:1c:
9a:f4:8e:f3:3d:d9:2b:f7:53:86:ee:2e:bd:8a:42:1d:aa:99:
14:62:81:5f:f8:64:7d:d6:52:aa:c2:4f:57:30:e6:66:17:d8:
9f:59:47:20:aa:bb:fa:c1:7a:15:d6:70:f6:d5:06:44:f0:df:
32:16:71:02
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MjNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDU5MkI3QUUxMEM0RTYz
OEE3MEQyRjgxQjM2QzBBQjJEQkQ5NDA2RDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChl7eqVJg71+9BZ+pubhJrM3zddInh8j4DfIomk1Tq80Q/VxcH
qc/HxOxSLUbSM8ZY2jyKBu14AMFKl4x5ci3grLBTQ9jEnnEFugxBujo/mtZ0AuBc
CxdZR/VJbPLDR1l5EjvTAF0OTulcu+tUw24HJ8BorRMI1o9UzoC80yu2Lktz4Ils
e5XsR/dIGUj8T0MbJNrHckQLce7kzPoFEWzlBhR/hZrkc6vjT5z3l1/zy6x6hE4v
gcBXi7pnYenylZGNHS6fXopDnh4SrVwZShKuIK0GvhoC7Q3etzWKDKFu0zxVDmJ5
dtbUj/DAii1zLDzmi4hnaupRPQ8zMUZs+BZzAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUWSt64QxOY4pw0vgbNsCrLb2UBtQwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9XU3Q2NFF4T1k0cHcw
dmdiTnNDckxiMlVCdFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnVgMA0GCSqGSIb3DQEBCwUAA4IBAQA+o7ZpqHKQrYsuH+sdsiuN9cMMypWK
wsYqs3Nt9j+uKnqbGN5vrsA/QRFeIDG6w2wblVgRTArhg/CcujPu4xSOcdZZP/7E
YUiDRA5O9Y9nEtMzK2wKZnC08D1ri1pbWxAMiDSdDJS27ziDPjJjC+mcjK7whA72
s96U5hjqvi2Ungh6p8tIG75Fcc+6BYkXON3ZWFCnNhfZVcSBZwPXUW16hrjg9gKP
Z+Y0Dbyoj4Vy9m2ePdOOTeg+TEM9ANd65iAbu1xsDRya9I7zPdkr91OG7i69ikId
qpkUYoFf+GR91lKqwk9XMOZmF9ifWUcgqrv6wXoV1nD21QZE8N8yFnEC
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org