Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/CPa8q9IvV79QXTgOpWi0Y49Bdms.roa
File: CPa8q9IvV79QXTgOpWi0Y49Bdms.roa (raw, json)
Hash identifier: 4wIjdF9uvgBqxLgZ77+2Ep4dS5Gh6ml4fUI4SJETn/o=
Subject key identifier: 08:F6:BC:AB:D2:2F:57:BF:50:5D:38:0E:A5:68:B4:63:8F:41:76:6B
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E2D
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/CPa8q9IvV79QXTgOpWi0Y49Bdms.roa
Signing time: Fri 01 Sep 2023 08:49:22 +0000
ROA not before: Fri 01 Sep 2023 08:49:22 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 27.96.224.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3629 (0xe2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:22 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=08F6BCABD22F57BF505D380EA568B4638F41766B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:c4:7f:7b:f4:7f:56:8d:d8:69:fd:4b:72:
c3:26:c7:a9:c8:05:20:f4:0d:3d:9c:88:dd:36:ef:
8d:42:2a:23:b1:42:70:cc:68:56:ef:de:70:6b:9e:
d1:15:a1:2d:81:fd:f1:30:bf:28:fb:a5:82:46:6c:
e5:f9:36:62:fd:0e:69:9d:e8:59:49:68:7e:79:99:
58:af:fe:a0:4b:66:d9:1e:0e:88:2b:07:96:af:db:
8a:2d:7a:6a:ea:8d:1c:39:26:b9:1e:9d:87:5b:cd:
f9:82:b2:c8:0b:af:ab:e4:1c:8c:18:f7:f5:47:a6:
01:1c:57:5d:31:af:c9:53:4d:92:19:34:3b:85:6d:
78:e1:7a:08:98:ad:da:f7:d8:19:92:e3:4a:b3:eb:
91:39:f4:ad:b2:d1:63:5e:03:f8:17:63:04:3e:4d:
ad:98:57:1c:92:0e:83:5f:3e:b3:41:fd:92:ab:dd:
e6:6b:8b:58:99:17:fd:76:05:a1:10:56:29:85:f0:
78:98:18:78:fa:99:be:1e:1d:3a:f0:51:0b:47:38:
1e:79:a1:2a:64:f7:8d:5a:2f:02:ce:f4:bb:cf:75:
cd:b1:42:32:82:dd:51:dc:04:3d:91:67:9b:31:e7:
b5:5c:3d:da:ec:ed:53:92:c9:d2:d5:ee:8d:6f:7b:
eb:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:F6:BC:AB:D2:2F:57:BF:50:5D:38:0E:A5:68:B4:63:8F:41:76:6B
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/CPa8q9IvV79QXTgOpWi0Y49Bdms.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.224.0/22
Signature Algorithm: sha256WithRSAEncryption
91:e0:b7:64:4a:fd:94:ed:09:39:0d:44:37:a1:6a:36:90:fc:
18:36:09:ff:cb:45:f1:b4:76:42:b3:1f:10:6d:48:f4:75:bf:
ff:49:1b:03:b2:f3:c0:09:21:ef:1d:0f:f9:e3:fc:c3:3a:c8:
78:23:6a:68:30:15:53:30:8e:3c:3b:16:16:91:54:bf:09:5e:
2f:ff:da:fa:1f:d8:91:19:55:55:83:0d:de:af:b6:7c:1e:21:
5b:fb:32:de:8b:7f:76:d6:8f:00:64:31:ed:12:25:cd:6f:eb:
5d:57:26:85:37:a8:52:93:bf:f8:21:e4:90:0a:38:68:3e:4a:
2f:d6:8e:c2:61:87:bf:db:7e:54:a9:d0:ea:6f:ae:e6:65:ef:
66:37:7b:7b:7c:7e:7e:2f:da:02:fd:16:66:4e:b1:11:b9:fc:
c3:9d:60:08:a4:17:06:4a:99:a1:fe:7b:08:6b:15:c8:c1:9f:
5f:dc:66:d1:15:5d:b9:f0:9c:3e:1b:61:3a:c6:8a:fd:f3:5a:
ba:a0:85:4b:38:c8:ee:48:d1:a0:16:59:88:c9:26:b3:53:3f:
a3:5e:7e:f7:bf:38:67:15:70:75:0a:6e:40:4f:b9:66:4a:71:
1d:c7:1b:b4:38:df:92:7e:2b:fe:82:fd:16:35:6f:81:45:35:
98:a1:26:24
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDi0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDA4RjZCQ0FCRDIyRjU3
QkY1MDVEMzgwRUE1NjhCNDYzOEY0MTc2NkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvdsR/e/R/Vo3Yaf1LcsMmx6nIBSD0DT2ciN02741CKiOxQnDM
aFbv3nBrntEVoS2B/fEwvyj7pYJGbOX5NmL9Dmmd6FlJaH55mViv/qBLZtkeDogr
B5av24otemrqjRw5JrkenYdbzfmCssgLr6vkHIwY9/VHpgEcV10xr8lTTZIZNDuF
bXjhegiYrdr32BmS40qz65E59K2y0WNeA/gXYwQ+Ta2YVxySDoNfPrNB/ZKr3eZr
i1iZF/12BaEQVimF8HiYGHj6mb4eHTrwUQtHOB55oSpk941aLwLO9LvPdc2xQjKC
3VHcBD2RZ5sx57VcPdrs7VOSydLV7o1ve+vbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCPa8q9IvV79QXTgOpWi0Y49BdmswHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvQ1BhOHE5SXZWNzlRWFRnT3BXaTBZ
NDlCZG1zLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg4DAN
BgkqhkiG9w0BAQsFAAOCAQEAkeC3ZEr9lO0JOQ1EN6FqNpD8GDYJ/8tF8bR2QrMf
EG1I9HW//0kbA7LzwAkh7x0P+eP8wzrIeCNqaDAVUzCOPDsWFpFUvwleL//a+h/Y
kRlVVYMN3q+2fB4hW/sy3ot/dtaPAGQx7RIlzW/rXVcmhTeoUpO/+CHkkAo4aD5K
L9aOwmGHv9t+VKnQ6m+u5mXvZjd7e3x+fi/aAv0WZk6xEbn8w51gCKQXBkqZof57
CGsVyMGfX9xm0RVdufCcPhthOsaK/fNauqCFSzjI7kjRoBZZiMkms1M/o15+9784
ZxVwdQpuQE+5ZkpxHccbtDjfkn4r/oL9FjVvgUU1mKEmJA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org