Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z3tz4oLkW-sVdJZt1MDtelHdw5Y.roa
File: Z3tz4oLkW-sVdJZt1MDtelHdw5Y.roa (raw, json)
Hash identifier: cAewx9VKT0ulK6vQkPtpTpCDxSKlzlNZ+bxkta8ilF4=
Subject key identifier: 67:7B:73:E2:82:E4:5B:EB:15:74:96:6D:D4:C0:ED:7A:51:DD:C3:96
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0F60
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z3tz4oLkW-sVdJZt1MDtelHdw5Y.roa
Signing time: Fri 01 Sep 2023 08:29:03 +0000
ROA not before: Fri 01 Sep 2023 08:29:03 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131627
IP address blocks: 150.117.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3936 (0xf60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 1 08:29:03 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=677B73E282E45BEB1574966DD4C0ED7A51DDC396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:98:00:b9:a5:6d:23:75:71:f1:97:7c:df:9b:
e0:87:81:65:88:92:97:da:15:c0:41:12:78:f2:1b:
45:60:12:e5:f8:75:f7:2f:9f:0f:0e:c3:8f:37:6d:
2f:13:83:4f:f5:44:15:98:3a:57:97:bb:97:d8:7d:
c9:d1:aa:e0:42:b6:29:72:54:d7:ad:1e:58:e5:01:
eb:cf:c3:9f:bc:86:a0:b3:07:f0:94:dc:5b:a7:63:
48:d1:4c:6c:75:3e:89:2d:b2:38:e1:d4:e8:df:88:
96:bd:0b:72:13:12:2d:d2:89:f9:57:30:6a:08:9b:
2b:10:48:de:25:e8:a3:e2:00:32:27:bb:4c:5a:db:
6b:8b:6f:73:a2:3d:6e:15:85:d3:e2:23:a9:df:de:
8c:11:72:b6:3e:6c:34:a6:69:1c:7d:0f:2e:46:4b:
75:81:46:4c:e1:8c:6f:4a:35:8f:b9:4b:43:ed:92:
90:b8:6e:7e:13:ac:cb:62:12:c8:8d:7b:60:a0:a7:
64:0b:1a:38:a4:8b:98:fb:0e:31:d0:25:9b:a4:78:
47:f6:83:d8:d4:38:63:05:7b:66:d0:cf:58:f7:a6:
a0:f4:c8:87:40:c2:fd:f7:84:55:35:c6:85:a3:34:
10:70:41:76:3c:98:80:81:7c:76:67:02:67:0a:70:
fe:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:7B:73:E2:82:E4:5B:EB:15:74:96:6D:D4:C0:ED:7A:51:DD:C3:96
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Z3tz4oLkW-sVdJZt1MDtelHdw5Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.240.0/20
Signature Algorithm: sha256WithRSAEncryption
6c:8e:42:b6:bd:35:b6:bf:dd:84:4b:12:c1:05:bb:18:ff:39:
b0:44:17:69:0f:14:0c:31:87:c5:b5:e9:16:03:8b:c7:b0:c1:
98:16:36:cf:51:c5:31:34:3e:51:2d:eb:8b:80:16:fb:ad:04:
ff:67:be:41:59:53:3f:40:df:a1:c3:1a:7f:0a:a7:ae:61:ce:
a6:41:12:79:5d:37:9d:51:d9:1f:1c:06:fb:ff:3e:a3:66:25:
c7:75:89:ed:a5:09:94:93:d8:31:cf:3f:d4:8b:1a:c1:f0:13:
86:79:8d:13:18:1d:da:35:ad:6f:ab:ff:fe:73:ec:64:04:a2:
dc:32:b9:4a:06:f1:f5:60:5e:0d:1c:46:11:03:87:2a:6c:f7:
3c:a9:b3:1a:f1:1f:e0:b4:78:10:8c:27:10:69:af:a9:74:4b:
03:b8:d4:58:35:74:47:25:11:c5:57:26:16:6c:97:c2:d7:f7:
97:91:25:eb:da:d9:45:71:14:25:12:b0:0f:c5:0e:94:17:47:
4e:11:70:10:ba:72:1d:bd:9f:3a:9f:d9:67:54:0a:d5:84:e3:
aa:79:fa:16:ec:6a:06:55:2f:a2:49:f0:3f:31:4d:68:51:1a:
87:6c:0a:53:38:eb:9a:43:82:a7:b5:b4:8f:ae:d3:42:3d:22:
26:e8:8b:b0
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY3N0I3M0UyODJFNDVC
RUIxNTc0OTY2REQ0QzBFRDdBNTFEREMzOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4mAC5pW0jdXHxl3zfm+CHgWWIkpfaFcBBEnjyG0VgEuX4dfcv
nw8Ow483bS8Tg0/1RBWYOleXu5fYfcnRquBCtilyVNetHljlAevPw5+8hqCzB/CU
3FunY0jRTGx1Poktsjjh1OjfiJa9C3ITEi3SiflXMGoImysQSN4l6KPiADInu0xa
22uLb3OiPW4VhdPiI6nf3owRcrY+bDSmaRx9Dy5GS3WBRkzhjG9KNY+5S0PtkpC4
bn4TrMtiEsiNe2Cgp2QLGjiki5j7DjHQJZukeEf2g9jUOGMFe2bQz1j3pqD0yIdA
wv33hFU1xoWjNBBwQXY8mICBfHZnAmcKcP5bAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUZ3tz4oLkW+sVdJZt1MDtelHdw5YwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9aM3R6NG9Ma1ctc1Zk
Slp0MU1EdGVsSGR3NVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQElnXwMA0GCSqGSIb3DQEBCwUAA4IBAQBsjkK2vTW2v92ESxLBBbsY/zmwRBdp
DxQMMYfFtekWA4vHsMGYFjbPUcUxND5RLeuLgBb7rQT/Z75BWVM/QN+hwxp/Cqeu
Yc6mQRJ5XTedUdkfHAb7/z6jZiXHdYntpQmUk9gxzz/UixrB8BOGeY0TGB3aNa1v
q//+c+xkBKLcMrlKBvH1YF4NHEYRA4cqbPc8qbMa8R/gtHgQjCcQaa+pdEsDuNRY
NXRHJRHFVyYWbJfC1/eXkSXr2tlFcRQlErAPxQ6UF0dOEXAQunIdvZ86n9lnVArV
hOOqefoW7GoGVS+iSfA/MU1oURqHbApTOOuaQ4KntbSPrtNCPSIm6Iuw
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org