Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/iqt-rkuwOp6GzTyOQ2uh9jMo1mg.roa
File: iqt-rkuwOp6GzTyOQ2uh9jMo1mg.roa (raw, json)
Hash identifier: 2M3R1+hfTqHWuR6XC/OS7Oh4gkHhAidAUEDiS1kw9AQ=
Subject key identifier: 8A:AB:7E:AE:4B:B0:3A:9E:86:CD:3C:8E:43:6B:A1:F6:33:28:D6:68
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E33
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/iqt-rkuwOp6GzTyOQ2uh9jMo1mg.roa
Signing time: Fri 01 Sep 2023 08:49:24 +0000
ROA not before: Fri 01 Sep 2023 08:49:24 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 203.217.120.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3635 (0xe33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:24 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8AAB7EAE4BB03A9E86CD3C8E436BA1F63328D668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:9a:5f:2c:d6:82:ad:c8:ce:d7:3f:07:cb:fd:
9d:4f:06:0b:1d:cf:e1:af:f1:38:04:3f:da:27:31:
37:0e:66:d5:2d:5f:a2:d2:e6:e6:69:0f:da:31:45:
c8:bb:df:4e:ad:52:cf:42:bc:50:63:e3:d2:4a:63:
27:bc:bb:d1:0f:f6:89:56:34:01:45:60:f5:30:27:
81:91:ec:2d:e6:ce:12:69:30:96:77:25:30:70:c2:
d2:51:ca:e7:f1:84:9f:7f:ab:65:db:f6:d4:97:fc:
b6:27:74:54:3e:70:91:4f:4c:df:b4:8d:51:f1:1e:
86:29:0e:74:12:1f:3a:79:d0:d2:be:4a:03:b8:af:
80:e9:29:0c:18:07:c8:ba:05:b0:20:46:30:a8:33:
23:24:ec:9f:9f:c9:5c:6d:15:be:50:aa:f2:ce:aa:
2f:04:48:e9:c0:f0:a9:dc:d1:fa:57:11:ad:fa:eb:
47:3d:94:9f:38:4a:7f:d1:bb:fd:08:88:bd:cb:87:
86:60:e3:21:75:83:c6:3d:0f:a6:a6:86:5b:3c:a7:
e8:9a:d5:8f:62:44:71:3d:c6:0c:3f:e8:0f:31:3a:
22:37:ae:a1:9d:1f:d6:de:ab:6e:f7:7c:0d:63:c0:
92:78:cf:16:c6:d6:f7:3e:32:7c:f4:6a:dd:a8:4c:
e0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:AB:7E:AE:4B:B0:3A:9E:86:CD:3C:8E:43:6B:A1:F6:33:28:D6:68
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/iqt-rkuwOp6GzTyOQ2uh9jMo1mg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.217.120.0/21
Signature Algorithm: sha256WithRSAEncryption
b6:87:ac:7e:87:ab:d6:36:be:a0:9b:0d:00:2f:83:27:a6:be:
8c:b1:f1:2f:ba:e7:aa:2a:13:fa:17:6d:dd:15:1d:29:e0:9c:
1e:02:cb:6b:f7:38:25:fb:3b:3e:e4:45:f6:11:26:f2:c2:cb:
bf:89:dc:aa:a0:d6:02:9a:17:97:93:d0:61:b1:21:51:6e:96:
51:cd:e5:4b:26:41:d6:0b:d8:fe:c7:f2:9d:31:d7:8f:cd:b8:
6f:d7:96:d4:29:47:9f:2f:47:58:e7:2f:cd:e1:92:12:48:b7:
f7:06:93:42:c5:ba:99:96:34:ac:20:4f:09:e5:0a:0f:c5:28:
52:d2:8f:99:5c:17:12:34:df:30:d1:b8:e6:60:0b:fb:f8:c3:
4d:22:1e:82:b5:be:59:7e:4c:13:b4:52:92:d4:1f:f8:7a:4f:
63:4a:64:5c:9a:bc:54:a9:f8:b1:71:f0:9d:9f:46:3f:03:0e:
28:03:55:82:a5:70:af:61:4b:ee:eb:75:b9:e8:7e:96:84:75:
fa:8d:67:f7:e3:2a:eb:80:c6:79:14:c0:62:23:87:99:ff:98:
04:15:7b:81:76:c4:87:34:e7:4b:c6:b4:de:bf:8d:62:b9:40:
9e:cf:a3:25:74:fc:94:42:89:43:d7:8b:4d:92:b4:34:c8:56:
e8:e1:fd:80
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDjMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MjRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDhBQUI3RUFFNEJCMDNB
OUU4NkNEM0M4RTQzNkJBMUY2MzMyOEQ2NjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhml8s1oKtyM7XPwfL/Z1PBgsdz+Gv8TgEP9onMTcOZtUtX6LS
5uZpD9oxRci7306tUs9CvFBj49JKYye8u9EP9olWNAFFYPUwJ4GR7C3mzhJpMJZ3
JTBwwtJRyufxhJ9/q2Xb9tSX/LYndFQ+cJFPTN+0jVHxHoYpDnQSHzp50NK+SgO4
r4DpKQwYB8i6BbAgRjCoMyMk7J+fyVxtFb5QqvLOqi8ESOnA8Knc0fpXEa3660c9
lJ84Sn/Ru/0IiL3Lh4Zg4yF1g8Y9D6amhls8p+ia1Y9iRHE9xgw/6A8xOiI3rqGd
H9beq273fA1jwJJ4zxbG1vc+Mnz0at2oTOBNAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUiqt+rkuwOp6GzTyOQ2uh9jMo1mgwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvaXF0LXJrdXdPcDZHelR5T1EydWg5
ak1vMW1nLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8vZeDAN
BgkqhkiG9w0BAQsFAAOCAQEAtoesfoer1ja+oJsNAC+DJ6a+jLHxL7rnqioT+hdt
3RUdKeCcHgLLa/c4Jfs7PuRF9hEm8sLLv4ncqqDWApoXl5PQYbEhUW6WUc3lSyZB
1gvY/sfynTHXj824b9eW1ClHny9HWOcvzeGSEki39waTQsW6mZY0rCBPCeUKD8Uo
UtKPmVwXEjTfMNG45mAL+/jDTSIegrW+WX5ME7RSktQf+HpPY0pkXJq8VKn4sXHw
nZ9GPwMOKANVgqVwr2FL7ut1ueh+loR1+o1n9+Mq64DGeRTAYiOHmf+YBBV7gXbE
hzTnS8a03r+NYrlAns+jJXT8lEKJQ9eLTZK0NMhW6OH9gA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org