Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/o-hgVDGPS438Xzq6Lrk_jHyLum4.roa
File: o-hgVDGPS438Xzq6Lrk_jHyLum4.roa (raw, json)
Hash identifier: KuTe+cWSq4UYnhFz2oBV1yZ2+iulcdhLB7Kqx0y0Z7s=
Subject key identifier: A3:E8:60:54:31:8F:4B:8D:FC:5F:3A:BA:2E:B9:3F:8C:7C:8B:BA:6E
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E58
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/o-hgVDGPS438Xzq6Lrk_jHyLum4.roa
Signing time: Fri 01 Sep 2023 08:49:35 +0000
ROA not before: Fri 01 Sep 2023 08:49:35 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 27.96.236.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3672 (0xe58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:35 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A3E86054318F4B8DFC5F3ABA2EB93F8C7C8BBA6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:74:9e:84:59:53:a2:ec:67:09:04:19:d5:66:
e4:a4:18:21:82:f4:27:8b:66:9a:c5:91:ff:5d:7e:
99:6a:00:83:0a:95:e7:39:ce:45:95:22:31:4c:c5:
d6:0d:da:0e:15:1e:99:bc:b6:5a:03:5f:7f:07:61:
89:bf:27:03:9c:49:6c:4a:6c:4c:ba:9b:de:6b:a0:
57:f6:f3:ed:58:c0:39:28:48:ec:5a:55:82:37:69:
fe:84:80:82:d7:9d:05:13:aa:ad:10:06:f1:86:98:
2e:84:05:90:78:d4:f3:89:02:63:00:11:25:71:8b:
c1:ba:7f:e0:2e:d2:ca:9f:be:c7:5e:1f:9c:8b:3d:
c3:20:91:a6:e3:ab:f5:6f:eb:a2:53:c2:69:a8:7c:
3b:1a:1d:50:24:41:c3:f5:94:1b:d3:ba:9e:1c:ce:
62:dd:3f:68:be:a7:92:e8:39:eb:f3:f5:4e:99:8e:
5c:40:8d:0c:3f:2a:60:1f:fd:9d:0c:15:43:65:15:
55:58:c0:99:f5:b8:da:c9:b7:d7:9e:cf:80:2a:b6:
81:20:34:e7:dc:a5:57:dd:bd:d1:47:68:76:c5:95:
ea:fe:a9:fc:bb:29:4f:df:21:41:1d:f1:50:b3:79:
85:75:8a:82:00:26:8c:24:80:23:1f:b0:98:70:60:
46:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E8:60:54:31:8F:4B:8D:FC:5F:3A:BA:2E:B9:3F:8C:7C:8B:BA:6E
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/o-hgVDGPS438Xzq6Lrk_jHyLum4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.96.236.0/22
Signature Algorithm: sha256WithRSAEncryption
65:c4:43:22:00:b5:a5:39:9b:ba:a4:65:a7:67:03:57:b8:bc:
6e:11:bf:ca:6d:7e:04:22:94:6c:4f:fe:92:b6:c8:30:d8:2e:
2a:ad:8b:1e:e8:14:f4:1f:5b:97:be:46:e8:a3:e2:18:bc:f0:
c7:f8:fa:06:aa:67:b0:9c:c6:b2:91:12:dc:33:49:2e:65:73:
dd:84:39:49:1d:1e:26:e1:5c:45:51:8a:ba:ea:d7:87:26:c0:
64:b7:33:72:17:19:f8:12:1d:5b:7c:e2:e6:ed:f9:99:b1:c2:
d9:98:62:14:4e:68:dd:ce:1c:39:9d:ec:65:5c:97:75:46:95:
37:4d:e3:14:b7:c3:32:08:71:b7:19:66:00:13:e0:fc:20:77:
81:73:a0:80:c0:58:ea:46:7b:b5:12:2b:b5:8c:c7:93:b9:ed:
70:35:c7:c2:f6:61:ac:d0:0e:d0:ca:6b:1b:fb:0e:af:f1:58:
d5:c1:d7:c8:1e:00:3b:d6:7a:09:c8:0b:04:7a:db:45:c4:88:
f6:3d:c8:db:28:97:8e:8a:9d:6a:c3:61:1d:6e:b1:a5:ad:6b:
8b:29:d8:fd:e9:51:22:7d:da:de:ee:e0:a5:72:9d:6a:27:30:
28:36:a3:d2:29:ad:79:98:bb:dd:92:4c:85:d6:86:8c:bd:e9:
80:ea:21:06
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDlgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MzVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEzRTg2MDU0MzE4RjRC
OERGQzVGM0FCQTJFQjkzRjhDN0M4QkJBNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMdJ6EWVOi7GcJBBnVZuSkGCGC9CeLZprFkf9dfplqAIMKlec5
zkWVIjFMxdYN2g4VHpm8tloDX38HYYm/JwOcSWxKbEy6m95roFf28+1YwDkoSOxa
VYI3af6EgILXnQUTqq0QBvGGmC6EBZB41POJAmMAESVxi8G6f+Au0sqfvsdeH5yL
PcMgkabjq/Vv66JTwmmofDsaHVAkQcP1lBvTup4czmLdP2i+p5LoOevz9U6ZjlxA
jQw/KmAf/Z0MFUNlFVVYwJn1uNrJt9eez4AqtoEgNOfcpVfdvdFHaHbFler+qfy7
KU/fIUEd8VCzeYV1ioIAJowkgCMfsJhwYEYRAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUo+hgVDGPS438Xzq6Lrk/jHyLum4wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvby1oZ1ZER1BTNDM4WHpxNkxya19q
SHlMdW00LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAhtg7DAN
BgkqhkiG9w0BAQsFAAOCAQEAZcRDIgC1pTmbuqRlp2cDV7i8bhG/ym1+BCKUbE/+
krbIMNguKq2LHugU9B9bl75G6KPiGLzwx/j6BqpnsJzGspES3DNJLmVz3YQ5SR0e
JuFcRVGKuurXhybAZLczchcZ+BIdW3zi5u35mbHC2ZhiFE5o3c4cOZ3sZVyXdUaV
N03jFLfDMghxtxlmABPg/CB3gXOggMBY6kZ7tRIrtYzHk7ntcDXHwvZhrNAO0Mpr
G/sOr/FY1cHXyB4AO9Z6CcgLBHrbRcSI9j3I2yiXjoqdasNhHW6xpa1riynY/elR
In3a3u7gpXKdaicwKDaj0imteZi73ZJMhdaGjL3pgOohBg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org