Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/5TVwyXvr3CvLKSo10OaWNoXnPtQ.roa
File: 5TVwyXvr3CvLKSo10OaWNoXnPtQ.roa (raw, json)
Hash identifier: J6r8D3XDnMBwcWLKu4JN+IMOAsxn/+SQ0r8psX9iGFI=
Subject key identifier: E5:35:70:C9:7B:EB:DC:2B:CB:29:2A:35:D0:E6:96:36:85:E7:3E:D4
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0E0C
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/5TVwyXvr3CvLKSo10OaWNoXnPtQ.roa
Signing time: Fri 01 Sep 2023 08:36:25 +0000
ROA not before: Fri 01 Sep 2023 08:36:25 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24168
IP address blocks: 103.136.61.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3596 (0xe0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 1 08:36:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=E53570C97BEBDC2BCB292A35D0E6963685E73ED4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:21:34:c8:47:31:f5:24:89:34:75:1f:28:b8:
36:2d:77:86:67:cd:ae:57:8e:d0:49:2c:ea:77:21:
6f:3b:eb:a0:ff:27:0f:01:d0:4a:9c:c8:44:67:3a:
dc:a8:df:1a:9a:45:09:af:23:78:72:a1:ce:d8:46:
ba:7c:4b:b1:3f:ce:88:f3:d6:fd:cc:ac:01:48:e3:
39:10:87:5d:44:3e:03:45:ab:82:27:05:a4:6f:f1:
78:ae:96:2f:f4:62:7a:e0:0a:09:fc:c3:eb:67:6c:
80:23:86:16:72:10:29:e4:63:a4:6c:14:24:9a:1d:
25:8e:fc:64:3e:73:50:72:11:5c:82:ed:19:42:33:
67:27:2c:5c:8d:ab:16:b3:8c:a9:ae:7a:19:69:e4:
b5:fd:56:55:d5:60:66:fa:36:23:22:f3:54:fd:52:
44:e6:9a:c5:6c:21:d9:8e:0d:4a:a8:8d:d1:65:99:
ba:9e:13:31:3f:78:1a:61:5d:4c:3a:a5:08:7d:e7:
62:43:fe:f7:8e:26:5a:dc:cb:b6:7e:0d:48:7b:af:
4e:1f:e2:ac:31:eb:8c:c3:5f:45:82:fa:fa:f0:3d:
10:11:ab:90:c7:21:22:47:5e:d3:39:bc:7e:9b:94:
b4:b4:71:cd:4b:62:0f:ed:29:6d:30:fc:7b:66:dc:
b3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:35:70:C9:7B:EB:DC:2B:CB:29:2A:35:D0:E6:96:36:85:E7:3E:D4
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/5TVwyXvr3CvLKSo10OaWNoXnPtQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.61.0/24
Signature Algorithm: sha256WithRSAEncryption
84:bb:aa:8b:1d:50:d6:a8:f9:0f:33:ad:71:c0:d9:24:ca:de:
89:8d:e7:7d:35:bd:83:63:4a:3b:de:bc:34:64:d2:06:4e:b9:
16:7f:06:f8:2b:13:18:25:c4:d1:6d:b8:f7:35:ab:5b:2f:e9:
68:e2:78:da:85:b2:4b:9f:2c:89:3b:56:22:8d:41:ce:79:c7:
24:45:fd:16:74:b5:8f:0f:6c:1a:52:45:bd:02:53:72:b7:9b:
b6:e1:80:d6:94:c1:d9:f5:2e:de:4e:9e:fd:88:f8:9a:39:61:
db:0b:91:21:89:cb:12:b7:ab:c7:08:5e:d8:24:9f:9b:4d:2e:
4c:6a:66:3f:1b:16:e5:8f:a8:98:9a:db:3b:87:7d:19:88:8a:
93:94:f3:bf:f1:16:65:de:d4:4b:4e:a5:50:58:51:48:a4:0a:
78:50:8d:02:b9:8c:7d:ec:3e:70:b6:ad:c0:52:2b:e9:6c:bc:
e8:78:3b:f9:db:91:76:50:47:e6:91:b6:ac:4f:48:5a:6e:75:
d5:a6:ee:eb:ef:b1:e7:10:36:9a:c4:1e:4a:36:55:45:d5:47:
a7:e7:3d:74:8e:99:58:19:51:b3:bf:d6:17:75:25:3a:d9:c0:
a5:f1:be:21:fb:19:d9:95:44:28:93:a4:a4:1d:c0:fa:fd:39:
b0:dc:be:97
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMzA5MDEw
ODM2MjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEU1MzU3MEM5N0JFQkRD
MkJDQjI5MkEzNUQwRTY5NjM2ODVFNzNFRDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFITTIRzH1JIk0dR8ouDYtd4Znza5XjtBJLOp3IW8766D/Jw8B
0EqcyERnOtyo3xqaRQmvI3hyoc7YRrp8S7E/zojz1v3MrAFI4zkQh11EPgNFq4In
BaRv8Xiuli/0YnrgCgn8w+tnbIAjhhZyECnkY6RsFCSaHSWO/GQ+c1ByEVyC7RlC
M2cnLFyNqxazjKmuehlp5LX9VlXVYGb6NiMi81T9UkTmmsVsIdmODUqojdFlmbqe
EzE/eBphXUw6pQh952JD/veOJlrcy7Z+DUh7r04f4qwx64zDX0WC+vrwPRARq5DH
ISJHXtM5vH6blLS0cc1LYg/tKW0w/Htm3LPBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU5TVwyXvr3CvLKSo10OaWNoXnPtQwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzVUVnd5WHZyM0N2TEtTbzEwT2FXTm9Y
blB0US5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniD0wDQYJ
KoZIhvcNAQELBQADggEBAIS7qosdUNao+Q8zrXHA2STK3omN5301vYNjSjvevDRk
0gZOuRZ/BvgrExglxNFtuPc1q1sv6WjieNqFskufLIk7ViKNQc55xyRF/RZ0tY8P
bBpSRb0CU3K3m7bhgNaUwdn1Lt5Onv2I+Jo5YdsLkSGJyxK3q8cIXtgkn5tNLkxq
Zj8bFuWPqJia2zuHfRmIipOU87/xFmXe1EtOpVBYUUikCnhQjQK5jH3sPnC2rcBS
K+lsvOh4O/nbkXZQR+aRtqxPSFpuddWm7uvvsecQNprEHko2VUXVR6fnPXSOmVgZ
UbO/1hd1JTrZwKXxviH7GdmVRCiTpKQdwPr9ObDcvpc=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org