Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/U73xfX-hezTXeHlg4jWMWJEMzLo.roa
File: U73xfX-hezTXeHlg4jWMWJEMzLo.roa (raw, json)
Hash identifier: j20yO6iPzCtmNj8xX4W9rsBp2qnzMEz10DflXUvhwIc=
Subject key identifier: 53:BD:F1:7D:7F:A1:7B:34:D7:78:79:60:E2:35:8C:58:91:0C:CC:BA
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E67
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/U73xfX-hezTXeHlg4jWMWJEMzLo.roa
Signing time: Fri 01 Sep 2023 08:49:39 +0000
ROA not before: Fri 01 Sep 2023 08:49:39 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 203.222.0.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3687 (0xe67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:39 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=53BDF17D7FA17B34D7787960E2358C58910CCCBA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0c:34:d6:03:51:5a:75:11:f4:c2:22:27:4a:
a7:91:43:28:8f:14:05:42:c2:5b:c1:02:c9:07:a1:
51:c3:28:0b:00:61:cf:08:37:ab:08:44:47:4f:cb:
7f:01:10:02:d4:62:ff:36:af:3a:a3:02:95:25:6f:
bd:80:95:83:68:6d:73:e3:35:71:48:32:50:75:96:
56:57:fb:d9:f9:97:a9:60:8e:d1:3f:f0:6b:19:79:
e9:8b:d5:11:8f:76:3b:c7:13:0f:8d:80:df:d8:30:
6a:68:d4:89:b3:67:59:03:23:d7:3d:ec:45:e5:71:
30:37:2d:8f:94:87:58:f7:e8:b6:f6:6e:4d:62:bb:
8c:1d:3d:e3:61:83:24:f7:b8:51:05:f9:75:83:45:
8a:7c:45:7b:a9:9c:a3:71:42:87:ed:fe:fa:38:21:
79:ec:d0:95:79:3d:2c:e9:dd:c4:d5:c0:3b:8b:38:
92:ac:9a:39:65:17:65:12:cd:bf:9d:9a:7f:06:2b:
d1:49:c1:79:d9:79:c4:6b:b4:5a:e9:ed:5e:5f:57:
da:19:18:91:24:6d:a1:e6:73:e1:11:23:32:dc:d7:
8c:dd:b7:11:e8:93:b2:95:8f:29:95:38:a6:5e:e5:
74:a3:7c:1d:48:01:c2:56:68:62:09:47:b6:d3:ec:
23:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:BD:F1:7D:7F:A1:7B:34:D7:78:79:60:E2:35:8C:58:91:0C:CC:BA
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/U73xfX-hezTXeHlg4jWMWJEMzLo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.0.0/21
Signature Algorithm: sha256WithRSAEncryption
4a:25:e5:2a:b7:54:d5:fa:30:d4:5a:a5:18:38:ec:8c:5f:3b:
8b:5c:d5:65:0c:f8:e8:60:dc:1b:44:93:6e:fc:71:44:04:c3:
11:b0:08:e4:f2:e3:39:b8:46:4d:d0:b2:de:2d:fc:8b:5f:56:
3a:21:a1:63:17:99:fa:44:68:d7:00:de:59:37:dd:61:11:c1:
41:ad:7a:e8:96:3d:2f:8e:a1:a0:c9:80:c4:22:b4:90:01:fd:
9c:27:57:3b:f6:a5:2c:a2:39:03:a9:61:86:c6:70:d5:7f:f4:
2c:19:ba:99:c7:fd:11:94:36:ab:d7:9f:d2:a9:8c:54:1e:26:
22:3d:e5:4b:97:e2:05:d1:1e:96:91:6f:0d:1c:a0:ae:a2:f1:
05:07:12:11:fb:6f:49:6d:b7:ae:57:cb:a6:84:12:7d:7d:b9:
92:13:57:6c:7e:85:9e:af:ce:1b:05:d5:f4:de:bb:b6:51:26:
8a:4a:42:00:29:77:ba:91:b6:0c:ed:47:3f:b4:92:9e:f0:df:
80:d5:63:1b:f2:27:33:4b:e8:cf:d0:6e:67:df:f5:91:45:53:
a2:1e:84:08:a1:79:83:0d:65:4c:40:72:e5:a4:92:52:ab:4a:
0e:e8:54:ba:5f:f4:b4:fe:b5:df:19:65:87:54:6c:3c:ef:ea:
e6:2f:21:3a
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDmcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MzlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDUzQkRGMTdEN0ZBMTdC
MzRENzc4Nzk2MEUyMzU4QzU4OTEwQ0NDQkEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1DDTWA1FadRH0wiInSqeRQyiPFAVCwlvBAskHoVHDKAsAYc8I
N6sIREdPy38BEALUYv82rzqjApUlb72AlYNobXPjNXFIMlB1llZX+9n5l6lgjtE/
8GsZeemL1RGPdjvHEw+NgN/YMGpo1ImzZ1kDI9c97EXlcTA3LY+Uh1j36Lb2bk1i
u4wdPeNhgyT3uFEF+XWDRYp8RXupnKNxQoft/vo4IXns0JV5PSzp3cTVwDuLOJKs
mjllF2USzb+dmn8GK9FJwXnZecRrtFrp7V5fV9oZGJEkbaHmc+ERIzLc14zdtxHo
k7KVjymVOKZe5XSjfB1IAcJWaGIJR7bT7CM1AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUU73xfX+hezTXeHlg4jWMWJEMzLowHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvVTczeGZYLWhlelRYZUhsZzRqV01X
SkVNekxvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veADAN
BgkqhkiG9w0BAQsFAAOCAQEASiXlKrdU1fow1FqlGDjsjF87i1zVZQz46GDcG0ST
bvxxRATDEbAI5PLjObhGTdCy3i38i19WOiGhYxeZ+kRo1wDeWTfdYRHBQa166JY9
L46hoMmAxCK0kAH9nCdXO/alLKI5A6lhhsZw1X/0LBm6mcf9EZQ2q9ef0qmMVB4m
Ij3lS5fiBdEelpFvDRygrqLxBQcSEftvSW23rlfLpoQSfX25khNXbH6Fnq/OGwXV
9N67tlEmikpCACl3upG2DO1HP7SSnvDfgNVjG/InM0voz9BuZ9/1kUVToh6ECKF5
gw1lTEBy5aSSUqtKDuhUul/0tP613xllh1RsPO/q5i8hOg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org