Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/qIdUO3VU7cxiUcHNX_fTtFH0IEg.roa
File: qIdUO3VU7cxiUcHNX_fTtFH0IEg.roa (raw, json)
Hash identifier: 7U6njC8+xLCjhJHD/fTxcpziDpTQMYxOcf3hz7mOdg0=
Subject key identifier: A8:87:54:3B:75:54:ED:CC:62:51:C1:CD:5F:F7:D3:B4:51:F4:20:48
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0F7D
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/qIdUO3VU7cxiUcHNX_fTtFH0IEg.roa
Signing time: Fri 01 Sep 2023 08:29:11 +0000
ROA not before: Fri 01 Sep 2023 08:29:11 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17408
IP address blocks: 150.116.239.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3965 (0xf7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 1 08:29:11 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A887543B7554EDCC6251C1CD5FF7D3B451F42048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b0:db:fa:06:7f:61:90:f5:bc:61:15:80:2b:
b3:04:7e:b4:74:11:a3:f7:79:bf:43:7c:22:9e:69:
b8:a4:11:61:92:15:84:25:e4:49:5c:ca:8c:e9:77:
6a:75:38:4b:84:9a:78:c0:d3:8a:c5:5b:97:3b:60:
5a:a6:77:ac:ba:5b:83:dc:69:6c:cb:ba:03:da:69:
7b:fd:8a:ba:2d:81:d4:a9:ca:aa:e3:75:28:60:64:
4a:da:10:3c:fc:8b:51:6c:71:1f:51:1a:e0:f9:d8:
77:12:81:db:7b:a7:22:ea:09:3b:7e:22:8d:84:eb:
0f:48:46:7c:20:c5:85:46:82:db:1f:40:10:be:62:
d4:89:13:01:2a:06:47:41:78:51:cc:33:f7:d3:c6:
8a:8b:e0:d4:cf:57:c2:16:37:83:fd:21:84:0e:25:
43:c6:5b:77:30:81:af:c5:bc:16:4e:fa:56:c4:ec:
ee:ea:1e:3e:34:b8:d6:eb:a4:b6:48:38:b8:a8:a9:
ab:fb:4d:b3:6d:1a:2f:08:5b:bb:f1:ca:d0:2b:28:
64:28:49:be:18:20:2a:08:f0:9c:1d:08:5a:7c:df:
c3:23:19:b3:89:a9:47:7a:a3:b3:bf:f5:3a:38:24:
ae:b8:02:9e:cd:d7:de:d0:f4:cf:6c:5d:e9:28:31:
3b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:87:54:3B:75:54:ED:CC:62:51:C1:CD:5F:F7:D3:B4:51:F4:20:48
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/qIdUO3VU7cxiUcHNX_fTtFH0IEg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.239.0/24
Signature Algorithm: sha256WithRSAEncryption
16:4d:53:19:cd:3f:1e:b1:33:86:3e:ed:67:a9:fc:74:50:81:
6d:91:46:eb:6b:f3:b8:e8:2e:59:2f:3d:ff:11:ef:a4:01:52:
c4:d4:7c:99:c4:75:62:eb:3b:0d:78:c7:7c:59:3e:14:9c:28:
b3:cd:f0:2a:7e:1d:4a:44:71:6f:49:a1:e5:98:0f:fd:14:3a:
33:98:75:9c:58:49:2b:cc:1f:39:69:76:a0:3a:9a:37:1e:75:
86:71:7d:d3:22:05:95:58:ed:41:a1:03:28:c8:a7:36:9a:e8:
90:a4:51:0c:09:0f:d0:af:73:c0:61:3b:78:ca:6c:7c:85:d7:
6a:d8:0e:27:69:fe:f7:7a:fa:e9:c6:4c:fb:e7:d5:b5:e3:15:
91:69:e8:7f:03:bd:3f:11:cb:fc:02:6b:bb:ed:5b:ab:06:ed:
fd:d2:6e:8e:d8:44:4b:c7:6e:8a:ef:8e:2c:52:a6:81:ef:07:
1a:e9:8e:e4:60:26:a4:d2:b3:e0:b5:95:7e:21:b4:db:f5:e0:
f5:c2:2c:e5:ed:97:5e:f0:28:36:75:e3:fe:7f:2a:9e:55:4d:
9f:e9:3e:c2:de:4c:c8:f3:0a:ad:f9:5c:52:09:96:a3:8d:de:
e3:e6:3d:cf:c4:2a:06:35:df:ae:7c:d2:94:59:c0:94:37:b0:
bb:5f:24:a3
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD30wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEE4ODc1NDNCNzU1NEVE
Q0M2MjUxQzFDRDVGRjdEM0I0NTFGNDIwNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPsNv6Bn9hkPW8YRWAK7MEfrR0EaP3eb9DfCKeabikEWGSFYQl
5Elcyozpd2p1OEuEmnjA04rFW5c7YFqmd6y6W4PcaWzLugPaaXv9irotgdSpyqrj
dShgZEraEDz8i1FscR9RGuD52HcSgdt7pyLqCTt+Io2E6w9IRnwgxYVGgtsfQBC+
YtSJEwEqBkdBeFHMM/fTxoqL4NTPV8IWN4P9IYQOJUPGW3cwga/FvBZO+lbE7O7q
Hj40uNbrpLZIOLioqav7TbNtGi8IW7vxytArKGQoSb4YICoI8JwdCFp838MjGbOJ
qUd6o7O/9To4JK64Ap7N197Q9M9sXekoMTsbAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUqIdUO3VU7cxiUcHNX/fTtFH0IEgwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9xSWRVTzNWVTdjeGlV
Y0hOWF9mVHRGSDBJRWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAlnTvMA0GCSqGSIb3DQEBCwUAA4IBAQAWTVMZzT8esTOGPu1nqfx0UIFtkUbr
a/O46C5ZLz3/Ee+kAVLE1HyZxHVi6zsNeMd8WT4UnCizzfAqfh1KRHFvSaHlmA/9
FDozmHWcWEkrzB85aXagOpo3HnWGcX3TIgWVWO1BoQMoyKc2muiQpFEMCQ/Qr3PA
YTt4ymx8hddq2A4naf73evrpxkz759W14xWRaeh/A70/Ecv8Amu77VurBu390m6O
2ERLx26K744sUqaB7wca6Y7kYCak0rPgtZV+IbTb9eD1wizl7Zde8Cg2deP+fyqe
VU2f6T7C3kzI8wqt+VxSCZajjd7j5j3PxCoGNd+ufNKUWcCUN7C7XySj
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org