Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/LksTtGU-9EjIfMFK0XpA6_aAri0.roa
File: LksTtGU-9EjIfMFK0XpA6_aAri0.roa (raw, json)
Hash identifier: 58wEKEhz+dTMs+cYYHrVXWEmnd88/05u+Vu1VI3PZik=
Subject key identifier: 2E:4B:13:B4:65:3E:F4:48:C8:7C:C1:4A:D1:7A:40:EB:F6:80:AE:2D
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E1A
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/LksTtGU-9EjIfMFK0XpA6_aAri0.roa
Signing time: Fri 01 Sep 2023 08:49:18 +0000
ROA not before: Fri 01 Sep 2023 08:49:18 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 203.217.96.0/19 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3610 (0xe1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:18 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2E4B13B4653EF448C87CC14AD17A40EBF680AE2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:33:be:4d:97:b8:5d:3d:16:fb:fc:0b:00:e1:
7c:0b:6d:d9:00:ae:b3:68:08:1c:ae:4e:2c:76:af:
a0:6f:45:01:70:98:b8:a7:a7:0b:63:61:fd:48:9d:
00:fb:47:86:15:11:a6:58:95:c9:b8:79:6e:51:be:
b2:5d:ff:95:95:e0:c4:ca:36:06:02:29:22:54:56:
3a:93:7b:7f:07:77:59:86:bc:a8:e6:50:33:df:54:
06:cf:74:04:9e:bc:dc:90:8b:d7:a0:56:4e:b2:4b:
5d:de:c0:ad:2f:93:f2:58:51:ac:ce:0a:1e:12:ef:
94:6c:2c:47:e6:95:cf:01:5a:7b:e1:9b:10:09:62:
b4:62:a7:12:b7:d6:bf:79:b2:34:4d:11:f9:2f:44:
df:77:66:fb:82:55:ed:7f:12:2f:fd:f7:b7:38:91:
78:bc:c6:8b:43:cf:2f:c0:17:3a:00:c4:b6:3c:8b:
c2:3a:6a:14:e9:d1:a1:16:c6:34:eb:c0:41:5c:c1:
6e:8a:32:d0:e8:d1:37:54:c1:fa:08:b3:fa:e5:c7:
90:82:b6:e3:a9:71:03:41:f6:15:c2:48:29:c4:e4:
fa:20:13:a6:2d:9c:df:9f:26:54:96:f4:e1:5d:64:
04:54:f9:bd:c4:f7:41:90:18:85:e2:1d:8a:c2:13:
57:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:4B:13:B4:65:3E:F4:48:C8:7C:C1:4A:D1:7A:40:EB:F6:80:AE:2D
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/LksTtGU-9EjIfMFK0XpA6_aAri0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.96.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:03:b6:26:db:4f:0f:78:e9:16:b0:e3:eb:69:a8:5c:73:15:
cc:1b:79:68:8f:7a:dc:29:d6:f5:17:c1:99:09:7a:b6:c0:2c:
d3:5d:73:46:91:8b:91:18:a0:f3:9a:89:ec:1d:8e:99:92:7e:
86:2f:be:0f:8e:b1:eb:76:be:e0:40:53:17:70:4b:18:bd:2d:
35:08:51:c1:6b:80:24:51:a9:8b:35:58:94:a9:d2:ee:30:67:
ba:59:27:89:bd:6e:69:81:19:a8:6b:3f:d5:11:f3:68:37:69:
e9:a1:6a:08:f1:db:03:a3:0c:5d:1d:1b:a1:c0:1b:66:aa:8e:
84:15:bb:17:1c:f6:93:58:91:34:c9:58:d3:ad:b4:2b:3b:27:
9b:ef:e8:b1:80:84:6a:43:ac:33:e2:94:2d:e7:1a:f8:a5:a3:
f7:bd:e0:73:ff:0e:f3:f1:8a:5c:13:42:a3:53:8e:74:53:a0:
dd:1a:5a:3e:7b:51:25:24:d6:76:29:01:1c:87:ed:fe:46:85:
14:c0:fd:88:20:28:93:6e:9c:2c:72:1a:31:80:83:f7:64:98:
01:00:6e:08:0e:ca:dd:27:41:68:10:db:a5:c8:b2:af:41:7a:
c9:5d:ec:10:71:18:93:c0:fa:fa:dc:03:54:cf:33:e0:30:9b:
05:f2:44:20
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MThaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJFNEIxM0I0NjUzRUY0
NDhDODdDQzE0QUQxN0E0MEVCRjY4MEFFMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCM75Nl7hdPRb7/AsA4XwLbdkArrNoCByuTix2r6BvRQFwmLin
pwtjYf1InQD7R4YVEaZYlcm4eW5RvrJd/5WV4MTKNgYCKSJUVjqTe38Hd1mGvKjm
UDPfVAbPdASevNyQi9egVk6yS13ewK0vk/JYUazOCh4S75RsLEfmlc8BWnvhmxAJ
YrRipxK31r95sjRNEfkvRN93ZvuCVe1/Ei/997c4kXi8xotDzy/AFzoAxLY8i8I6
ahTp0aEWxjTrwEFcwW6KMtDo0TdUwfoIs/rlx5CCtuOpcQNB9hXCSCnE5PogE6Yt
nN+fJlSW9OFdZARU+b3E90GQGIXiHYrCE1ePAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQULksTtGU+9EjIfMFK0XpA6/aAri0wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvTGtzVHRHVS05RWpJZk1GSzBYcEE2
X2FBcmkwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcvZYDAN
BgkqhkiG9w0BAQsFAAOCAQEAOwO2JttPD3jpFrDj62moXHMVzBt5aI963CnW9RfB
mQl6tsAs011zRpGLkRig85qJ7B2OmZJ+hi++D46x63a+4EBTF3BLGL0tNQhRwWuA
JFGpizVYlKnS7jBnulknib1uaYEZqGs/1RHzaDdp6aFqCPHbA6MMXR0bocAbZqqO
hBW7Fxz2k1iRNMlY0620Kzsnm+/osYCEakOsM+KULeca+KWj973gc/8O8/GKXBNC
o1OOdFOg3RpaPntRJSTWdikBHIft/kaFFMD9iCAok26cLHIaMYCD92SYAQBuCA7K
3SdBaBDbpciyr0F6yV3sEHEYk8D6+twDVM8z4DCbBfJEIA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org