Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/djB8oNG4WOUlGEmZX55KMosPmSk.roa
File: djB8oNG4WOUlGEmZX55KMosPmSk.roa (raw, json)
Hash identifier: /r+o/1IP3n+jLLOwnjZ/3AySIgc1wEHyTzpZqqw6aAY=
Subject key identifier: 76:30:7C:A0:D1:B8:58:E5:25:18:49:99:5F:9E:4A:32:8B:0F:99:29
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E29
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/djB8oNG4WOUlGEmZX55KMosPmSk.roa
Signing time: Fri 01 Sep 2023 08:49:21 +0000
ROA not before: Fri 01 Sep 2023 08:49:21 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 203.222.20.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3625 (0xe29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:21 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=76307CA0D1B858E5251849995F9E4A328B0F9929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e1:8e:21:99:1a:d3:c6:13:b3:61:59:1b:5e:
e5:f4:80:1e:97:7c:46:9f:84:9a:74:c4:c4:d9:42:
91:85:84:83:2e:53:ed:2e:af:a7:c4:a3:c7:04:01:
33:01:02:95:4b:80:b5:c9:01:46:e2:f5:d3:ba:24:
2e:e7:ee:57:5e:4d:f7:a6:1a:bc:49:25:db:6b:df:
53:76:c3:2b:54:18:4e:42:f6:cc:a5:da:3b:17:6f:
16:6b:cc:27:0a:19:ed:59:82:7c:0d:3b:9c:47:8d:
36:9b:ed:fb:fc:e9:ab:14:3a:c3:6c:3e:85:31:e9:
98:22:60:5a:10:7c:92:3a:f7:28:6e:1e:ae:bc:80:
a6:1c:45:a6:c1:23:8f:d5:7a:4b:20:25:b6:33:21:
0b:68:28:45:4a:0f:51:92:cc:69:ab:fc:3e:46:50:
d1:80:ae:07:40:e2:d2:61:42:3b:18:7e:8f:3f:64:
f5:fb:df:d5:37:91:12:9a:68:a1:a5:dd:bc:dd:80:
68:9a:59:f9:94:6c:fe:9c:5e:35:1e:ff:fc:a1:d1:
ce:05:b0:e8:45:1d:ed:7a:c5:56:3a:3e:ef:1f:77:
1a:11:e8:72:e4:49:c6:e0:50:70:00:ad:93:00:b6:
c6:37:7e:f2:95:be:01:d0:34:8c:f4:1c:5e:eb:3c:
10:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:30:7C:A0:D1:B8:58:E5:25:18:49:99:5F:9E:4A:32:8B:0F:99:29
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/djB8oNG4WOUlGEmZX55KMosPmSk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.222.20.0/22
Signature Algorithm: sha256WithRSAEncryption
13:f4:67:c2:f4:9b:dc:8a:fc:18:4f:b1:d7:07:c9:15:bb:62:
f2:58:d2:59:84:bb:10:3d:47:33:02:f9:25:86:a8:57:3b:d7:
ac:01:89:f9:0d:71:8f:d3:60:40:db:33:f4:0f:e4:c0:02:66:
e4:95:bf:ec:10:9d:db:fa:85:8e:74:7f:b5:8a:be:85:ea:d7:
8b:82:08:2e:3d:f5:f1:d5:61:ea:07:e8:61:a2:96:29:1e:69:
cc:78:b6:b9:5a:03:16:2c:84:62:16:eb:41:e0:13:a9:d6:c6:
8d:36:ca:90:59:5c:ea:fb:ae:67:cd:39:dd:35:31:9c:6a:32:
72:e2:37:3f:95:cb:43:21:70:f4:3b:79:9a:23:06:c7:6c:ea:
37:ed:d2:95:99:bb:3d:77:fe:d4:49:e9:86:47:2e:e8:f3:ec:
82:4a:e6:19:cf:4c:d4:3a:ac:e4:94:38:14:67:56:d6:a6:d8:
81:21:24:8d:a1:4d:f8:96:e6:84:ad:df:36:93:77:4c:2c:1b:
d7:a5:69:7e:f4:71:dc:9d:53:3c:08:a4:9c:8b:70:fa:bb:24:
18:e1:38:53:2f:75:d9:ff:48:4d:36:fc:f4:77:81:b0:b9:b3:
80:e8:87:f2:f0:5b:03:c3:8a:a8:11:5c:03:bb:9a:b6:11:b6:
bc:3e:dc:02
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDikwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDc2MzA3Q0EwRDFCODU4
RTUyNTE4NDk5OTVGOUU0QTMyOEIwRjk5MjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr4Y4hmRrTxhOzYVkbXuX0gB6XfEafhJp0xMTZQpGFhIMuU+0u
r6fEo8cEATMBApVLgLXJAUbi9dO6JC7n7ldeTfemGrxJJdtr31N2wytUGE5C9syl
2jsXbxZrzCcKGe1ZgnwNO5xHjTab7fv86asUOsNsPoUx6ZgiYFoQfJI69yhuHq68
gKYcRabBI4/VeksgJbYzIQtoKEVKD1GSzGmr/D5GUNGArgdA4tJhQjsYfo8/ZPX7
39U3kRKaaKGl3bzdgGiaWfmUbP6cXjUe//yh0c4FsOhFHe16xVY6Pu8fdxoR6HLk
ScbgUHAArZMAtsY3fvKVvgHQNIz0HF7rPBAhAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUdjB8oNG4WOUlGEmZX55KMosPmSkwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvZGpCOG9ORzRXT1VsR0VtWlg1NUtN
b3NQbVNrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsveFDAN
BgkqhkiG9w0BAQsFAAOCAQEAE/RnwvSb3Ir8GE+x1wfJFbti8ljSWYS7ED1HMwL5
JYaoVzvXrAGJ+Q1xj9NgQNsz9A/kwAJm5JW/7BCd2/qFjnR/tYq+herXi4IILj31
8dVh6gfoYaKWKR5pzHi2uVoDFiyEYhbrQeATqdbGjTbKkFlc6vuuZ8053TUxnGoy
cuI3P5XLQyFw9Dt5miMGx2zqN+3SlZm7PXf+1Enphkcu6PPsgkrmGc9M1Dqs5JQ4
FGdW1qbYgSEkjaFN+JbmhK3fNpN3TCwb16VpfvRx3J1TPAiknItw+rskGOE4Uy91
2f9ITTb89HeBsLmzgOiH8vBbA8OKqBFcA7uathG2vD7cAg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org