Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/IKRikHumMDoKb-XM1moKYmaPoHc.roa
File: IKRikHumMDoKb-XM1moKYmaPoHc.roa (raw, json)
Hash identifier: Y+pO0CCPOSGst3r+LUSYUoVcRgndmzrv0fk9HAEz9go=
Subject key identifier: 20:A4:62:90:7B:A6:30:3A:0A:6F:E5:CC:D6:6A:0A:62:66:8F:A0:77
Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial: 0B95
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/IKRikHumMDoKb-XM1moKYmaPoHc.roa
Signing time: Fri 01 Sep 2023 08:35:41 +0000
ROA not before: Fri 01 Sep 2023 08:35:41 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131597
IP address blocks: 61.65.224.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2965 (0xb95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Validity
Not Before: Sep 1 08:35:41 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=20A462907BA6303A0A6FE5CCD66A0A62668FA077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:74:19:8a:13:95:bc:67:07:f6:ed:87:87:59:
4d:d1:13:03:30:99:eb:85:72:1a:a6:20:80:57:ae:
8e:1f:be:bc:b7:72:ad:c3:5f:df:1e:51:03:7b:f8:
d2:92:f8:76:20:35:38:c9:c3:ed:d3:3c:5b:21:bf:
c1:16:b3:96:3b:c4:ab:16:3e:88:b8:d2:d5:0d:06:
8b:9c:43:5f:cb:50:05:56:f8:6e:e7:8d:17:2c:55:
d7:8b:3b:32:3e:ba:d6:bc:3f:18:e3:24:c9:87:b5:
33:7c:23:96:89:85:b2:8d:dc:d6:22:6b:a5:3c:6c:
99:90:1f:80:22:75:4e:54:e6:9c:1d:0f:c6:d1:82:
f2:d5:03:f1:93:bf:66:bd:04:0f:a2:f0:ea:ad:68:
69:f9:99:7e:78:86:ee:76:bd:43:a9:86:57:68:1f:
48:e2:13:42:af:1e:3a:60:09:1e:bd:69:5a:e5:29:
dd:1d:fb:27:c3:64:e7:e2:48:8e:21:90:7c:44:8c:
ae:2c:b2:04:15:84:07:98:89:21:e4:cb:e4:a9:a3:
fb:72:1c:dc:ca:84:12:eb:6a:06:e9:09:41:50:d2:
ee:18:25:40:8e:e0:c0:76:24:92:b1:9a:48:b0:52:
5a:80:72:a1:2d:c7:ec:ec:06:bd:34:b9:02:86:6f:
cc:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A4:62:90:7B:A6:30:3A:0A:6F:E5:CC:D6:6A:0A:62:66:8F:A0:77
X509v3 Authority Key Identifier:
keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/IKRikHumMDoKb-XM1moKYmaPoHc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.65.224.0/21
Signature Algorithm: sha256WithRSAEncryption
cf:15:68:e3:6a:e3:10:55:f5:3f:60:7e:61:c7:6f:08:e0:f7:
8e:44:5a:01:00:b1:e4:28:f7:d2:06:1d:65:cc:13:cb:0b:6a:
d9:38:97:e0:6b:51:f4:a9:ba:67:8c:13:55:67:79:8c:db:3a:
ea:dc:4f:b1:c0:6b:c0:22:33:81:1c:cf:8f:7b:b1:f1:5e:32:
0d:0e:e3:02:12:38:f3:12:cf:5b:d5:2e:df:08:9d:af:c5:dc:
12:f8:57:52:06:3d:14:ea:7e:5c:90:bc:98:68:ee:1c:98:79:
27:c9:21:1c:13:a4:b4:d8:a1:cf:c9:29:a4:84:6b:6c:de:35:
b5:53:36:1f:2c:85:79:21:0c:d4:50:2b:a3:23:d9:76:ab:91:
f2:57:ae:23:1e:8b:9d:1a:85:eb:ce:7c:c3:dd:ec:f7:4a:c6:
b2:77:95:27:d5:23:95:7b:f3:34:6b:89:6c:e7:16:9d:fc:aa:
b3:44:23:31:88:0f:aa:11:0d:e1:0a:32:04:6d:d8:1f:08:b1:
e8:d8:07:be:5a:ed:1c:bd:86:9f:b3:fc:5f:97:d5:9a:a4:28:
ab:54:fd:34:95:eb:cf:29:2d:6a:e6:32:13:8b:5b:b6:35:c5:
d1:29:99:a7:d6:a3:21:19:4b:62:9b:7b:5e:69:ed:07:6a:58:
32:79:60:06
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC5UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yMzA5MDEw
ODM1NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIwQTQ2MjkwN0JBNjMw
M0EwQTZGRTVDQ0Q2NkEwQTYyNjY4RkEwNzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXdBmKE5W8Zwf27YeHWU3REwMwmeuFchqmIIBXro4fvry3cq3D
X98eUQN7+NKS+HYgNTjJw+3TPFshv8EWs5Y7xKsWPoi40tUNBoucQ1/LUAVW+G7n
jRcsVdeLOzI+uta8PxjjJMmHtTN8I5aJhbKN3NYia6U8bJmQH4AidU5U5pwdD8bR
gvLVA/GTv2a9BA+i8OqtaGn5mX54hu52vUOphldoH0jiE0KvHjpgCR69aVrlKd0d
+yfDZOfiSI4hkHxEjK4ssgQVhAeYiSHky+Spo/tyHNzKhBLragbpCUFQ0u4YJUCO
4MB2JJKxmkiwUlqAcqEtx+zsBr00uQKGb8xfAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUIKRikHumMDoKb+XM1moKYmaPoHcwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9JS1Jpa0h1bU1Eb0ti
LVhNMW1vS1ltYVBvSGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDPUHgMA0GCSqGSIb3DQEBCwUAA4IBAQDPFWjjauMQVfU/YH5hx28I4PeORFoB
ALHkKPfSBh1lzBPLC2rZOJfga1H0qbpnjBNVZ3mM2zrq3E+xwGvAIjOBHM+Pe7Hx
XjINDuMCEjjzEs9b1S7fCJ2vxdwS+FdSBj0U6n5ckLyYaO4cmHknySEcE6S02KHP
ySmkhGts3jW1UzYfLIV5IQzUUCujI9l2q5HyV64jHoudGoXrznzD3ez3Ssayd5Un
1SOVe/M0a4ls5xad/KqzRCMxiA+qEQ3hCjIEbdgfCLHo2Ae+Wu0cvYafs/xfl9Wa
pCirVP00levPKS1q5jITi1u2NcXRKZmn1qMhGUtim3teae0HalgyeWAG
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org