Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCT/1MdRs5z3c8zgpXeSpWz5CEYA8rI.roa
File: 1MdRs5z3c8zgpXeSpWz5CEYA8rI.roa (raw, json)
Hash identifier: GOJv165qqcIcr/AfHhXvCXIro2z36kOTrBbOPQ2XWjI=
Subject key identifier: D4:C7:51:B3:9C:F7:73:CC:E0:A5:77:92:A5:6C:F9:08:46:00:F2:B2
Certificate issuer: /CN=9B062D74C7F512F04AE60955C5456FC19755337F
Certificate serial: 0B2B
Authority key identifier: 9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/1MdRs5z3c8zgpXeSpWz5CEYA8rI.roa
Signing time: Fri 01 Sep 2023 08:34:45 +0000
ROA not before: Fri 01 Sep 2023 08:34:45 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131601
IP address blocks: 103.252.196.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2859 (0xb2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B062D74C7F512F04AE60955C5456FC19755337F
Validity
Not Before: Sep 1 08:34:45 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D4C751B39CF773CCE0A57792A56CF9084600F2B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:de:a1:a8:c6:90:31:63:46:d8:7e:97:c8:9b:
eb:32:4e:20:42:35:f4:cf:d4:0a:4a:a4:8d:aa:6b:
0f:03:19:57:f0:e8:f9:6c:37:c1:1a:84:e9:c1:19:
a7:d8:bb:6e:f2:c6:28:a2:eb:7b:d8:50:75:80:b8:
61:a2:45:ae:16:51:f7:dd:90:73:88:43:a9:80:f8:
48:73:c5:a3:40:4c:f5:2c:a0:21:94:71:40:50:40:
27:f4:79:c0:48:fa:b5:35:69:fd:80:e3:04:c8:bd:
07:c2:9f:19:52:e1:d4:2b:f9:0c:14:f3:45:6d:a3:
20:9b:2a:8c:88:92:08:fa:1e:84:f1:78:2b:24:44:
58:a0:fa:61:d3:d8:75:13:10:a8:7f:1c:29:4c:db:
96:cf:21:aa:76:e5:cc:28:9a:14:40:cf:7f:29:5c:
92:60:fb:82:6b:71:d0:8e:52:40:eb:00:cd:16:6b:
73:5c:0f:69:14:82:1b:fd:e9:5e:11:63:04:14:c8:
41:de:26:47:3e:cf:d6:47:7e:10:a8:2a:72:8d:d9:
07:1b:21:28:ae:a3:3f:cf:bc:60:fe:f9:7e:d4:38:
48:d6:8c:39:cc:44:78:37:19:90:b0:7b:57:a8:45:
ff:4b:65:03:e0:5d:c9:2c:90:8c:63:14:98:a4:f2:
76:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:C7:51:B3:9C:F7:73:CC:E0:A5:77:92:A5:6C:F9:08:46:00:F2:B2
X509v3 Authority Key Identifier:
keyid:9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/1MdRs5z3c8zgpXeSpWz5CEYA8rI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.196.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:5c:5f:72:ff:42:83:19:a0:d9:e3:28:00:c1:c3:8d:f1:35:
b8:2a:29:a2:c0:b6:3c:af:be:d7:60:5c:5f:29:27:f9:8b:f9:
3a:a3:de:50:78:35:d8:31:f9:ce:22:7f:83:85:c1:f0:d1:98:
3e:0f:cb:8d:80:fe:c8:b0:7e:76:e8:e8:54:a4:cb:f8:09:01:
ca:68:86:a9:a5:89:c8:9b:92:b7:ca:f6:8b:47:ba:d0:75:0a:
2a:2a:d8:2c:0d:44:46:ef:c4:6e:4e:94:1d:59:14:e9:d3:f7:
be:48:4c:88:d7:b8:a9:c4:a5:05:5d:3a:16:af:b8:3b:a8:96:
2d:da:7c:d2:98:9b:ef:75:46:01:8f:5b:12:55:e2:8f:10:81:
98:82:ec:6d:30:9b:1b:41:c2:f0:93:af:69:4e:b0:6e:d2:30:
22:44:89:1d:bc:ba:6c:7b:d1:57:73:b7:7f:87:a8:98:a8:24:
57:be:83:89:5a:7d:59:66:b5:c8:77:f6:8c:3e:61:0f:16:65:
42:6c:80:e5:55:7c:af:e0:57:38:ee:ba:4e:d4:7b:86:d5:6e:
74:a9:b0:9e:ec:93:21:a7:28:c9:1a:33:e5:47:e2:65:85:01:
cc:8f:e6:f3:50:88:bf:ca:5c:aa:ac:64:6d:9b:2c:a9:38:0c:
f2:9b:7d:b9
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCyswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUIw
NjJENzRDN0Y1MTJGMDRBRTYwOTU1QzU0NTZGQzE5NzU1MzM3RjAeFw0yMzA5MDEw
ODM0NDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ0Qzc1MUIzOUNGNzcz
Q0NFMEE1Nzc5MkE1NkNGOTA4NDYwMEYyQjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCY3qGoxpAxY0bYfpfIm+syTiBCNfTP1ApKpI2qaw8DGVfw6Pls
N8EahOnBGafYu27yxiii63vYUHWAuGGiRa4WUffdkHOIQ6mA+EhzxaNATPUsoCGU
cUBQQCf0ecBI+rU1af2A4wTIvQfCnxlS4dQr+QwU80VtoyCbKoyIkgj6HoTxeCsk
RFig+mHT2HUTEKh/HClM25bPIap25cwomhRAz38pXJJg+4JrcdCOUkDrAM0Wa3Nc
D2kUghv96V4RYwQUyEHeJkc+z9ZHfhCoKnKN2QcbISiuoz/PvGD++X7UOEjWjDnM
RHg3GZCwe1eoRf9LZQPgXckskIxjFJik8nb5AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU1MdRs5z3c8zgpXeSpWz5CEYA8rIwHwYDVR0jBBgwFoAUmwYtdMf1EvBK5glV
xUVvwZdVM38wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL213
WXRkTWYxRXZCSzVnbFZ4VVZ2d1pkVk0zOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bXdZdGRNZjFFdkJLNWdsVnhVVnZ3WmRWTTM4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRENULzFNZFJzNXozYzh6Z3BYZVNwV3o1Q0VZ
QThySS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/MQwDQYJ
KoZIhvcNAQELBQADggEBAKxcX3L/QoMZoNnjKADBw43xNbgqKaLAtjyvvtdgXF8p
J/mL+Tqj3lB4Ndgx+c4if4OFwfDRmD4Py42A/siwfnbo6FSky/gJAcpohqmlicib
krfK9otHutB1Cioq2CwNREbvxG5OlB1ZFOnT975ITIjXuKnEpQVdOhavuDuoli3a
fNKYm+91RgGPWxJV4o8QgZiC7G0wmxtBwvCTr2lOsG7SMCJEiR28umx70Vdzt3+H
qJioJFe+g4lafVlmtch39ow+YQ8WZUJsgOVVfK/gVzjuuk7Ue4bVbnSpsJ7skyGn
KMkaM+VH4mWFAcyP5vNQiL/KXKqsZG2bLKk4DPKbfbk=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:11 2024 by rpki-client on console-ams.rpki-client.org