Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/NHsvWOzPXyPZBCjRC5WhHS0NSwg.roa
File: NHsvWOzPXyPZBCjRC5WhHS0NSwg.roa (raw, json)
Hash identifier: 8faZ6lCVl7Yszr0g4tLIE2m0+7yWPj1HBMMj7pi98bc=
Subject key identifier: 34:7B:2F:58:EC:CF:5F:23:D9:04:28:D1:0B:95:A1:1D:2D:0D:4B:08
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0E05
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/NHsvWOzPXyPZBCjRC5WhHS0NSwg.roa
Signing time: Fri 01 Sep 2023 08:36:23 +0000
ROA not before: Fri 01 Sep 2023 08:36:23 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131641
IP address blocks: 103.136.60.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3589 (0xe05)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 1 08:36:23 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=347B2F58ECCF5F23D90428D10B95A11D2D0D4B08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:46:c4:3f:e4:81:2b:05:13:02:d6:de:82:3d:
1b:de:60:9d:9b:0e:62:f4:f7:c4:36:fb:34:29:15:
9b:48:96:ff:26:c7:66:02:de:f7:e9:cf:84:96:03:
91:72:4b:a8:c5:ff:47:12:6a:a7:3c:fd:36:db:a8:
44:1d:26:e1:e6:ec:b0:62:9b:1b:d3:d8:99:38:8a:
0c:f4:fc:0b:4c:e2:86:0a:1c:50:1e:6e:70:38:93:
e7:be:56:d2:18:2c:7f:57:c5:05:f6:ab:c3:f7:d8:
6c:20:55:ff:f3:93:9e:12:0d:20:b9:7a:43:5d:7c:
37:02:b6:b3:a3:27:7a:93:36:9a:ea:b7:56:96:e1:
ab:1f:39:84:5c:19:9c:87:b6:ab:ba:4a:99:ee:6e:
07:ac:5b:a2:c7:ef:49:c3:04:59:18:e5:bb:fa:72:
2c:d5:0b:fc:0c:34:56:00:ea:29:06:45:85:c8:96:
72:b2:55:21:fb:f9:f0:96:2e:18:d9:8d:3f:8e:5a:
c7:33:a2:b1:87:41:5c:8f:b6:67:e9:64:74:4e:90:
e9:b6:f1:e8:6f:9d:3d:34:21:02:e8:01:4b:c8:a2:
26:9b:ed:66:b2:16:82:6e:4e:73:a0:9a:c4:ae:60:
24:ae:65:9d:00:83:dc:c4:e4:66:a0:f3:61:6e:58:
f3:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:7B:2F:58:EC:CF:5F:23:D9:04:28:D1:0B:95:A1:1D:2D:0D:4B:08
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/NHsvWOzPXyPZBCjRC5WhHS0NSwg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:43:aa:ec:45:a0:ee:15:7c:c5:98:5e:00:f6:ea:d7:d8:f6:
2f:6d:c9:4f:0b:1b:c9:75:28:1f:9c:a5:28:07:7e:b0:3b:b6:
9f:4f:6c:b0:e8:40:4d:8b:fa:4e:81:6c:df:8d:15:be:fb:fb:
75:37:50:0f:8f:ea:60:75:ed:8e:6a:fb:03:9e:cc:c6:8d:e5:
d0:27:ae:0d:78:4a:04:da:72:d4:95:eb:d4:0f:b3:7b:55:a6:
7b:cf:88:b5:e0:e5:95:42:2a:20:89:ce:a8:aa:da:83:67:f4:
47:f4:eb:59:80:f2:a2:7d:66:76:c2:04:88:ff:43:5e:fd:09:
a8:1c:76:98:96:e4:c6:f3:63:13:f7:db:ed:b5:a8:fa:cf:92:
ff:b9:4f:0b:0a:31:e0:1d:ab:f4:32:84:08:c5:86:ef:2c:92:
b3:44:83:90:6b:45:3e:dc:47:45:38:b5:66:a5:9c:13:c8:c5:
66:3e:b6:cc:92:f8:92:94:5d:4e:28:0c:dc:44:41:27:62:3a:
b9:8a:7d:d0:c2:28:f2:1c:1f:ae:8b:94:1e:14:6a:ba:f9:28:
3b:f4:f6:20:b2:1e:9a:8b:2e:2e:56:30:e7:28:61:08:98:68:
f0:14:fe:78:f4:57:b4:1e:ca:04:f9:6b:d3:09:db:68:24:81:
28:34:cc:0c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDgUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMzA5MDEw
ODM2MjNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM0N0IyRjU4RUNDRjVG
MjNEOTA0MjhEMTBCOTVBMTFEMkQwRDRCMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+RsQ/5IErBRMC1t6CPRveYJ2bDmL098Q2+zQpFZtIlv8mx2YC
3vfpz4SWA5FyS6jF/0cSaqc8/TbbqEQdJuHm7LBimxvT2Jk4igz0/AtM4oYKHFAe
bnA4k+e+VtIYLH9XxQX2q8P32GwgVf/zk54SDSC5ekNdfDcCtrOjJ3qTNprqt1aW
4asfOYRcGZyHtqu6SpnubgesW6LH70nDBFkY5bv6cizVC/wMNFYA6ikGRYXIlnKy
VSH7+fCWLhjZjT+OWsczorGHQVyPtmfpZHROkOm28ehvnT00IQLoAUvIoiab7Way
FoJuTnOgmsSuYCSuZZ0Ag9zE5Gag82FuWPNRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUNHsvWOzPXyPZBCjRC5WhHS0NSwgwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL05Ic3ZXT3pQWHlQWkJDalJDNVdoSFMw
TlN3Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFniDwwDQYJ
KoZIhvcNAQELBQADggEBAEpDquxFoO4VfMWYXgD26tfY9i9tyU8LG8l1KB+cpSgH
frA7tp9PbLDoQE2L+k6BbN+NFb77+3U3UA+P6mB17Y5q+wOezMaN5dAnrg14SgTa
ctSV69QPs3tVpnvPiLXg5ZVCKiCJzqiq2oNn9Ef061mA8qJ9ZnbCBIj/Q179Cagc
dpiW5MbzYxP32+21qPrPkv+5TwsKMeAdq/QyhAjFhu8skrNEg5BrRT7cR0U4tWal
nBPIxWY+tsyS+JKUXU4oDNxEQSdiOrmKfdDCKPIcH66LlB4Uarr5KDv09iCyHpqL
Li5WMOcoYQiYaPAU/nj0V7QeygT5a9MJ22gkgSg0zAw=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:18 2024 by rpki-client on console-fra.rpki-client.org