Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EBT/-0qZX9hUjDl9gCfs11Nf0Sm0efQ.roa
File: -0qZX9hUjDl9gCfs11Nf0Sm0efQ.roa (raw, json)
Hash identifier: ydIO6KrQwzaMkFS1WB6kYnuMM1x7UsqT0CieZsTP1DE=
Subject key identifier: FB:4A:99:5F:D8:54:8C:39:7D:80:27:EC:D7:53:5F:D1:29:B4:79:F4
Certificate issuer: /CN=2D84CA269320E256216A2DEE2EA381A304526AB4
Certificate serial: 0B30
Authority key identifier: 2D:84:CA:26:93:20:E2:56:21:6A:2D:EE:2E:A3:81:A3:04:52:6A:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LYTKJpMg4lYhai3uLqOBowRSarQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EBT/-0qZX9hUjDl9gCfs11Nf0Sm0efQ.roa
Signing time: Fri 01 Sep 2023 08:39:05 +0000
ROA not before: Fri 01 Sep 2023 08:39:05 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 211.76.96.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2864 (0xb30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D84CA269320E256216A2DEE2EA381A304526AB4
Validity
Not Before: Sep 1 08:39:05 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=FB4A995FD8548C397D8027ECD7535FD129B479F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:1b:ed:93:37:23:74:7e:f8:44:18:f0:77:23:
cd:58:4e:a0:5e:37:a5:59:6c:0d:38:50:48:46:a9:
cf:17:b9:a7:01:fe:53:74:eb:2b:57:c0:a5:00:ee:
e5:7c:b1:6a:c9:54:52:2a:c2:7c:ee:c7:4f:dc:4d:
b6:64:64:f0:ec:ce:69:95:3f:9e:ad:e3:c4:6d:22:
af:41:a9:2c:f0:2f:0f:17:6d:f7:9d:d6:c1:d1:2f:
18:7e:94:39:be:81:8e:e0:39:4f:d2:f6:f7:1b:03:
30:97:fa:21:59:f1:b4:66:d4:90:29:1c:08:c9:2b:
b1:66:0c:e8:8a:d8:5d:ed:21:b7:0b:88:cd:30:d4:
a2:39:b0:0a:13:78:b7:b9:ba:03:3b:87:81:aa:4a:
cd:97:0d:5e:7b:8d:22:6c:1e:d7:71:de:ed:dd:e6:
61:81:b0:79:82:a8:c3:85:ae:5e:23:6e:01:fe:ab:
85:96:96:71:9d:fc:35:48:7d:9d:41:74:39:fb:fe:
f0:d9:bd:45:cc:0f:e3:d5:f4:bb:8a:7c:d7:fc:01:
9c:76:78:e5:c8:57:bd:d5:56:e1:4c:7b:a1:9e:a1:
70:13:57:03:66:6d:60:a2:e0:5c:ee:55:1e:c3:c6:
6d:81:d1:73:5c:ef:49:60:ea:f7:d2:bc:48:00:67:
0b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4A:99:5F:D8:54:8C:39:7D:80:27:EC:D7:53:5F:D1:29:B4:79:F4
X509v3 Authority Key Identifier:
keyid:2D:84:CA:26:93:20:E2:56:21:6A:2D:EE:2E:A3:81:A3:04:52:6A:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EBT/LYTKJpMg4lYhai3uLqOBowRSarQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LYTKJpMg4lYhai3uLqOBowRSarQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EBT/-0qZX9hUjDl9gCfs11Nf0Sm0efQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.96.0/20
Signature Algorithm: sha256WithRSAEncryption
b6:1c:40:63:2b:3d:d8:65:68:92:9a:d9:3f:db:1b:af:2e:3e:
22:08:b6:7a:fc:12:f9:ed:01:ae:c1:b0:1a:ad:c6:f5:33:81:
86:42:0e:6c:d7:79:38:31:af:22:77:07:76:49:88:76:6b:f5:
30:c6:76:69:f2:fb:6d:95:5c:28:bf:4e:0d:89:03:fa:39:3a:
19:0c:a7:dd:92:8b:a6:2b:a5:52:60:88:21:0b:27:43:3f:a6:
64:09:12:e9:44:0d:6f:6c:68:d4:8a:1c:fc:ae:03:6e:24:26:
a3:0d:10:8d:80:92:01:e3:56:43:72:1e:e5:1e:c7:42:a5:a5:
fd:7e:4b:7a:a8:b1:4b:6d:90:66:14:e2:b7:d1:4a:02:33:8e:
57:a6:fc:20:25:ff:66:ab:ee:75:67:c2:e8:0e:b3:e8:ff:21:
66:03:70:b9:b3:e1:13:bd:a4:9d:b4:bb:53:bc:56:79:94:1e:
87:f2:48:c4:e8:e6:eb:f8:87:9e:64:9b:66:a2:cc:7a:06:6c:
44:a9:eb:77:47:1e:6e:06:f0:85:8f:ba:f2:3f:85:71:46:ba:
44:12:18:69:3a:28:7f:42:fd:6a:db:57:f3:ae:50:68:67:7e:
db:7a:1f:9c:04:9b:b4:d0:4e:fe:a1:b3:f6:39:d3:ee:16:e6:
aa:96:8f:52
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCzAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ4
NENBMjY5MzIwRTI1NjIxNkEyREVFMkVBMzgxQTMwNDUyNkFCNDAeFw0yMzA5MDEw
ODM5MDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEZCNEE5OTVGRDg1NDhD
Mzk3RDgwMjdFQ0Q3NTM1RkQxMjlCNDc5RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiG+2TNyN0fvhEGPB3I81YTqBeN6VZbA04UEhGqc8XuacB/lN0
6ytXwKUA7uV8sWrJVFIqwnzux0/cTbZkZPDszmmVP56t48RtIq9BqSzwLw8Xbfed
1sHRLxh+lDm+gY7gOU/S9vcbAzCX+iFZ8bRm1JApHAjJK7FmDOiK2F3tIbcLiM0w
1KI5sAoTeLe5ugM7h4GqSs2XDV57jSJsHtdx3u3d5mGBsHmCqMOFrl4jbgH+q4WW
lnGd/DVIfZ1BdDn7/vDZvUXMD+PV9LuKfNf8AZx2eOXIV73VVuFMe6GeoXATVwNm
bWCi4FzuVR7Dxm2B0XNc70lg6vfSvEgAZwtHAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU+0qZX9hUjDl9gCfs11Nf0Sm0efQwHwYDVR0jBBgwFoAULYTKJpMg4lYhai3u
LqOBowRSarQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRUJUL0xZ
VEtKcE1nNGxZaGFpM3VMcU9Cb3dSU2FyUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFlUS0pwTWc0bFloYWkzdUxxT0Jvd1JTYXJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRUJULy0wcVpYOWhVakRsOWdDZnMxMU5mMFNt
MGVmUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATTTGAwDQYJ
KoZIhvcNAQELBQADggEBALYcQGMrPdhlaJKa2T/bG68uPiIItnr8EvntAa7BsBqt
xvUzgYZCDmzXeTgxryJ3B3ZJiHZr9TDGdmny+22VXCi/Tg2JA/o5OhkMp92Si6Yr
pVJgiCELJ0M/pmQJEulEDW9saNSKHPyuA24kJqMNEI2AkgHjVkNyHuUex0Klpf1+
S3qosUttkGYU4rfRSgIzjlem/CAl/2ar7nVnwugOs+j/IWYDcLmz4RO9pJ20u1O8
VnmUHofySMTo5uv4h55km2aizHoGbESp63dHHm4G8IWPuvI/hXFGukQSGGk6KH9C
/WrbV/OuUGhnftt6H5wEm7TQTv6hs/Y50+4W5qqWj1I=
-----END CERTIFICATE-----
Generated at Mon Jan 15 22:54:33 2024 by rpki-client on console-ams.rpki-client.org