Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/YOv12faJqiSKluEKJZ3_AIG-CP4.roa
File: YOv12faJqiSKluEKJZ3_AIG-CP4.roa (raw, json)
Hash identifier: QTSwjqYkT+z29uoUQF2UHjCu/NX5+BHnwgkFRd94w/o=
Subject key identifier: 60:EB:F5:D9:F6:89:AA:24:8A:96:E1:0A:25:9D:FF:00:81:BE:08:FE
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E42
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/YOv12faJqiSKluEKJZ3_AIG-CP4.roa
Signing time: Fri 01 Sep 2023 08:49:29 +0000
ROA not before: Fri 01 Sep 2023 08:49:29 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 203.222.16.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3650 (0xe42)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:29 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=60EBF5D9F689AA248A96E10A259DFF0081BE08FE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fc:7e:2c:aa:3c:70:72:8d:f3:b3:87:70:45:
8b:db:78:7e:4f:51:e5:96:33:60:97:6a:0c:fa:8d:
2d:c1:ad:65:c2:b0:fa:7d:81:5e:5a:7f:39:82:80:
8c:fa:22:49:1b:b2:42:b1:fa:2c:58:3c:81:1a:bd:
88:ec:b8:9d:37:50:f7:7d:10:40:bf:44:79:3a:ec:
f6:e3:fa:70:7c:31:03:ff:56:c2:e4:df:04:6c:9f:
d9:bd:00:a4:ab:94:18:87:8a:26:06:13:7b:c3:79:
6e:c2:40:3e:4b:91:3e:ee:f5:75:23:a2:65:ba:e2:
d7:44:bb:30:ad:7d:80:a2:a5:f1:20:15:14:20:0c:
9f:b3:64:74:05:97:76:4a:e6:6d:5d:9a:4a:8e:b4:
72:c3:51:3c:9e:d6:4e:4e:9e:06:85:8b:be:ba:48:
56:c9:13:d9:91:ea:79:a6:6d:09:e0:13:b8:7f:56:
0a:32:db:96:a3:f5:7e:f6:88:cf:77:f6:ab:08:79:
c1:ca:83:37:b8:18:e1:4e:c2:11:b9:0b:0e:e7:d2:
c4:a3:f8:8c:c8:4b:b8:c5:b4:7b:52:e2:85:ec:34:
70:44:10:b4:b4:29:0f:da:03:77:07:60:11:e7:c1:
90:a7:a4:6b:0d:bb:a8:03:6d:a6:cb:03:b2:76:53:
68:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:EB:F5:D9:F6:89:AA:24:8A:96:E1:0A:25:9D:FF:00:81:BE:08:FE
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/YOv12faJqiSKluEKJZ3_AIG-CP4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.16.0/21
Signature Algorithm: sha256WithRSAEncryption
85:9e:b1:12:ab:34:c4:d9:54:21:f6:72:d5:9d:92:16:07:ab:
dd:2f:bd:8f:3a:b1:c4:46:08:38:55:30:23:a6:f0:35:db:05:
5f:d9:32:84:38:75:3b:9d:42:d3:bb:14:2d:1d:a4:d0:ef:78:
ed:f1:0f:0b:61:fe:cc:3e:70:6a:60:91:3f:2a:8d:92:12:9e:
44:a4:c4:e3:30:d5:cc:cd:41:d4:2c:e2:21:aa:93:42:f4:b7:
6b:48:2d:f3:60:78:4c:77:9c:02:8a:25:59:1e:31:80:47:ab:
bf:82:bc:56:0d:fb:6d:08:0b:3c:c0:31:b7:56:5b:5c:94:11:
49:d1:23:e2:0b:9f:9c:9f:35:3b:5e:08:45:41:b7:06:bd:43:
e3:79:d1:41:c8:d5:91:95:a1:ad:2d:d4:ab:f4:1f:5c:c1:3a:
64:f2:c1:71:c2:70:60:1e:9b:15:8a:35:3a:90:bf:4b:7e:e8:
61:20:84:5c:c8:fe:6f:eb:b4:19:3d:ab:91:7f:72:61:38:00:
3c:c8:1f:d3:10:a0:eb:72:f9:e0:d0:0d:92:3c:66:8f:b5:7c:
4c:5f:08:64:cc:4b:7f:d5:48:b1:7a:3c:59:da:0f:6c:75:90:
ae:f4:07:9e:a7:c3:65:d6:64:f7:8a:10:0e:77:5f:17:94:ad:
fc:b3:d0:2e
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MjlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDYwRUJGNUQ5RjY4OUFB
MjQ4QTk2RTEwQTI1OURGRjAwODFCRTA4RkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCy/H4sqjxwco3zs4dwRYvbeH5PUeWWM2CXagz6jS3BrWXCsPp9
gV5afzmCgIz6IkkbskKx+ixYPIEavYjsuJ03UPd9EEC/RHk67Pbj+nB8MQP/VsLk
3wRsn9m9AKSrlBiHiiYGE3vDeW7CQD5LkT7u9XUjomW64tdEuzCtfYCipfEgFRQg
DJ+zZHQFl3ZK5m1dmkqOtHLDUTye1k5OngaFi766SFbJE9mR6nmmbQngE7h/Vgoy
25aj9X72iM939qsIecHKgze4GOFOwhG5Cw7n0sSj+IzIS7jFtHtS4oXsNHBEELS0
KQ/aA3cHYBHnwZCnpGsNu6gDbabLA7J2U2hBAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUYOv12faJqiSKluEKJZ3/AIG+CP4wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvWU92MTJmYUpxaVNLbHVFS0paM19B
SUctQ1A0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8veEDAN
BgkqhkiG9w0BAQsFAAOCAQEAhZ6xEqs0xNlUIfZy1Z2SFger3S+9jzqxxEYIOFUw
I6bwNdsFX9kyhDh1O51C07sULR2k0O947fEPC2H+zD5wamCRPyqNkhKeRKTE4zDV
zM1B1CziIaqTQvS3a0gt82B4THecAoolWR4xgEerv4K8Vg37bQgLPMAxt1ZbXJQR
SdEj4gufnJ81O14IRUG3Br1D43nRQcjVkZWhrS3Uq/QfXME6ZPLBccJwYB6bFYo1
OpC/S37oYSCEXMj+b+u0GT2rkX9yYTgAPMgf0xCg63L54NANkjxmj7V8TF8IZMxL
f9VIsXo8WdoPbHWQrvQHnqfDZdZk94oQDndfF5St/LPQLg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org