Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/HS2sPsp87w1FG0W4jdH2KWad3xw.roa
File: HS2sPsp87w1FG0W4jdH2KWad3xw.roa (raw, json)
Hash identifier: uu91U+BQUmsdhtJOpQZhHm0GcspFJ0TLFQWogVkfUow=
Subject key identifier: 1D:2D:AC:3E:CA:7C:EF:0D:45:1B:45:B8:8D:D1:F6:29:66:9D:DF:1C
Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2
Certificate serial: 7A
Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/HS2sPsp87w1FG0W4jdH2KWad3xw.roa
Signing time: Tue 24 Oct 2023 11:31:38 +0000
ROA not before: Tue 24 Oct 2023 11:31:38 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131659
IP address blocks: 103.160.226.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122 (0x7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2
Validity
Not Before: Oct 24 11:31:38 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1D2DAC3ECA7CEF0D451B45B88DD1F629669DDF1C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b9:b3:86:b1:83:d1:ae:e7:f4:4d:56:c3:79:
b2:9b:ee:9e:09:1e:40:67:80:f6:89:9a:2e:90:8b:
68:09:ea:04:9a:f1:ad:e2:ad:76:4f:85:f6:c3:80:
2e:d4:63:f2:03:f7:6f:55:20:39:f1:86:c2:62:26:
70:e9:f4:25:19:33:89:a3:65:25:fd:63:37:96:de:
02:4b:e2:0a:82:a8:0c:a0:45:e5:2a:5c:e4:d2:27:
c0:41:49:f8:08:f3:e1:08:66:9b:66:bf:7e:ba:6d:
73:5e:47:90:4b:3d:64:c6:b9:a7:7a:80:94:33:1f:
f2:5a:ec:0d:3f:05:8a:61:a8:1e:75:2e:08:d0:ad:
ca:7d:f2:16:ca:41:56:96:33:a1:c4:e6:b3:e4:d2:
2b:e2:d4:02:95:9d:e1:46:f4:20:42:fb:23:e9:3b:
fb:7f:90:56:1b:6b:df:d5:32:3b:07:60:23:8e:6b:
ef:a5:3e:79:cb:12:58:15:12:bb:99:27:44:a1:6b:
79:06:ee:4f:c3:8a:75:dc:6b:96:5e:b7:59:de:e1:
8f:2c:58:65:b4:be:d2:d7:90:48:9e:89:d4:96:58:
5c:82:f0:94:a6:0c:dd:6d:e9:0f:a5:aa:13:bb:9e:
85:7d:b5:78:bf:6d:49:3f:0e:1d:3d:5b:87:5a:ff:
de:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2D:AC:3E:CA:7C:EF:0D:45:1B:45:B8:8D:D1:F6:29:66:9D:DF:1C
X509v3 Authority Key Identifier:
keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/HS2sPsp87w1FG0W4jdH2KWad3xw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.226.0/23
Signature Algorithm: sha256WithRSAEncryption
8c:79:ba:c4:f2:aa:f1:a4:bd:0d:59:e8:39:60:b3:3e:aa:0c:
bf:6c:15:c1:2d:d0:f1:56:72:dd:40:d1:aa:8e:c0:58:dd:23:
62:21:62:cf:6a:b1:69:77:3b:58:c0:c0:b6:46:8d:0b:8f:2d:
99:07:23:fa:e4:70:9d:9d:47:bf:33:51:01:50:e6:a1:07:12:
4c:9b:a7:15:35:86:78:9a:92:e5:b8:38:dc:1e:62:b7:0b:b5:
8a:cd:2e:f2:27:df:7b:cf:0d:d4:0e:17:ef:2c:06:79:93:55:
44:bf:aa:70:43:80:36:35:95:e5:e5:10:b8:f5:72:34:30:2d:
50:42:9a:50:35:80:6e:26:2a:3b:2d:ec:ec:5f:1e:31:d0:aa:
48:83:28:72:ea:ba:24:ce:84:fe:01:2b:77:d2:45:bd:e4:35:
95:2e:44:77:45:5a:86:bd:db:a0:a8:d2:a7:d1:5a:14:86:5b:
d3:71:21:4a:b1:84:da:06:83:6e:76:a0:17:32:5f:85:e3:12:
3c:19:07:de:56:98:a7:51:a0:89:27:0d:e9:fd:63:b1:76:10:
4f:9f:5b:1f:b2:ba:0f:91:60:f2:ed:d8:80:96:91:06:c4:67:
0b:92:4f:35:2f:ee:a4:07:c4:f0:1b:5d:c5:53:01:55:2f:aa:
b2:db:67:6a
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIBejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyNzc4
OTVFNjRCRTQxQjcxODI2NjRFMTM0NUNENTdFNUQzNkExQUYyMB4XDTIzMTAyNDEx
MzEzOFoXDTI0MDgzMTAzMTA1M1owMzExMC8GA1UEAxMoMUQyREFDM0VDQTdDRUYw
RDQ1MUI0NUI4OEREMUY2Mjk2NjlEREYxQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMK5s4axg9Gu5/RNVsN5spvungkeQGeA9omaLpCLaAnqBJrxreKt
dk+F9sOALtRj8gP3b1UgOfGGwmImcOn0JRkziaNlJf1jN5beAkviCoKoDKBF5Spc
5NInwEFJ+Ajz4Qhmm2a/frptc15HkEs9ZMa5p3qAlDMf8lrsDT8FimGoHnUuCNCt
yn3yFspBVpYzocTms+TSK+LUApWd4Ub0IEL7I+k7+3+QVhtr39UyOwdgI45r76U+
ecsSWBUSu5knRKFreQbuT8OKddxrll63Wd7hjyxYZbS+0teQSJ6J1JZYXILwlKYM
3W3pD6WqE7uehX21eL9tST8OHT1bh1r/3kMCAwEAAaOCAe4wggHqMB0GA1UdDgQW
BBQdLaw+ynzvDUUbRbiN0fYpZp3fHDAfBgNVHSMEGDAWgBQneJXmS+QbcYJmThNF
zVfl02oa8jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ETlNORVQv
SjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9KM2lWNWt2a0czR0NaazRUUmMxWDVkTnFHdkkuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ETlNORVQvSFMyc1BzcDg3dzFGRzBXNGpk
SDJLV2FkM3h3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeg
4jANBgkqhkiG9w0BAQsFAAOCAQEAjHm6xPKq8aS9DVnoOWCzPqoMv2wVwS3Q8VZy
3UDRqo7AWN0jYiFiz2qxaXc7WMDAtkaNC48tmQcj+uRwnZ1HvzNRAVDmoQcSTJun
FTWGeJqS5bg43B5itwu1is0u8iffe88N1A4X7ywGeZNVRL+qcEOANjWV5eUQuPVy
NDAtUEKaUDWAbiYqOy3s7F8eMdCqSIMocuq6JM6E/gErd9JFveQ1lS5Ed0Vahr3b
oKjSp9FaFIZb03EhSrGE2gaDbnagFzJfheMSPBkH3laYp1GgiScN6f1jsXYQT59b
H7K6D5Fg8u3YgJaRBsRnC5JPNS/upAfE8BtdxVMBVS+qsttnag==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org