Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/oO4v1B5RQyy-s8eWT10DvJkx544.roa
File: oO4v1B5RQyy-s8eWT10DvJkx544.roa (raw, json)
Hash identifier: 81zJxF1k7jLv670SYOJ0msBgLWLfwvRAt8I6lNmLepQ=
Subject key identifier: A0:EE:2F:D4:1E:51:43:2C:BE:B3:C7:96:4F:5D:03:BC:99:31:E7:8E
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E40
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/oO4v1B5RQyy-s8eWT10DvJkx544.roa
Signing time: Fri 01 Sep 2023 08:49:28 +0000
ROA not before: Fri 01 Sep 2023 08:49:28 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 211.79.112.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3648 (0xe40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:28 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A0EE2FD41E51432CBEB3C7964F5D03BC9931E78E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ea:f6:61:bf:bb:48:bd:a0:75:c9:56:31:07:
e3:9e:88:64:35:f6:59:89:90:06:a5:5f:1f:15:5d:
9c:10:be:eb:c7:6a:63:0e:47:5a:ea:09:b8:b0:f3:
76:06:be:c2:84:79:6f:09:9e:7f:d7:f1:be:4c:2b:
0f:b4:48:82:23:6e:9e:bc:98:71:a3:54:29:cf:fa:
35:0e:19:a3:af:30:bb:27:a8:0d:3a:f4:50:c3:59:
ae:d9:8a:92:a5:14:ca:97:6e:6a:b6:56:bc:eb:3b:
c9:a0:53:5e:fc:8e:09:7e:e4:6b:05:24:26:54:8e:
8e:be:58:f4:00:38:66:65:8e:96:87:4a:b4:ac:7d:
b1:31:53:15:3f:7d:cb:10:3e:10:6b:c9:5c:56:b3:
11:e0:d4:b4:96:95:b0:90:c4:85:ea:12:ea:df:78:
37:e0:69:7c:3b:d0:45:f7:00:cc:0d:37:3f:8a:cb:
a1:8c:be:e7:da:f5:9c:57:78:94:dd:50:a2:63:18:
df:43:6c:38:54:6c:b6:ce:0a:f7:b4:28:f1:7b:8a:
5c:5f:b2:22:3e:10:17:16:ed:c2:c0:59:44:80:4c:
dc:93:93:6b:4b:14:25:18:e7:12:46:cd:88:c0:ab:
bc:72:83:eb:b0:f0:7d:bb:9d:08:ab:61:b5:1a:4d:
e6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:EE:2F:D4:1E:51:43:2C:BE:B3:C7:96:4F:5D:03:BC:99:31:E7:8E
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/oO4v1B5RQyy-s8eWT10DvJkx544.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.79.112.0/20
Signature Algorithm: sha256WithRSAEncryption
1c:7b:07:87:37:cf:e3:1a:86:b2:1c:a9:f4:c9:1f:98:6f:f1:
ef:8d:69:fb:1d:1c:77:5a:12:d0:1d:49:c0:07:a6:1e:21:84:
8f:0b:cf:d7:9a:50:07:e6:73:ed:4e:4c:68:22:cf:37:a2:70:
88:4d:93:98:e1:87:d0:99:73:03:5a:b7:cc:42:a8:48:ec:98:
08:6d:b7:cd:93:8c:d3:c4:ee:c6:8a:28:92:f9:25:7e:5d:ce:
23:77:26:29:7f:0a:25:8f:ac:0a:c7:cc:25:9b:bf:7d:05:bf:
f2:bd:eb:aa:7b:bd:1e:97:5f:33:ca:14:8a:3a:d7:d4:54:fd:
e3:6f:e3:3e:88:92:f5:0f:4a:22:1b:4b:4d:4a:ea:62:f6:5a:
95:c0:ce:9a:0c:14:9a:0f:fa:06:24:33:e8:00:ee:4d:bc:fb:
96:0e:e1:80:0b:36:83:c4:13:8b:64:22:a1:00:49:3a:9e:5f:
0a:ff:3f:fa:36:62:d1:da:9c:c9:0d:38:26:63:1f:32:67:7f:
13:3d:80:eb:37:5f:4c:74:a3:1e:d6:37:1b:bf:68:5a:fe:e0:
7a:8b:fa:19:70:47:6c:c2:ec:d3:fd:6a:8f:42:e8:28:bd:ed:
e1:42:c6:a0:64:08:df:00:f6:92:47:d2:4f:28:88:3e:62:8b:
9e:8c:75:76
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDkAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MjhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEwRUUyRkQ0MUU1MTQz
MkNCRUIzQzc5NjRGNUQwM0JDOTkzMUU3OEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDv6vZhv7tIvaB1yVYxB+OeiGQ19lmJkAalXx8VXZwQvuvHamMO
R1rqCbiw83YGvsKEeW8Jnn/X8b5MKw+0SIIjbp68mHGjVCnP+jUOGaOvMLsnqA06
9FDDWa7ZipKlFMqXbmq2VrzrO8mgU178jgl+5GsFJCZUjo6+WPQAOGZljpaHSrSs
fbExUxU/fcsQPhBryVxWsxHg1LSWlbCQxIXqEurfeDfgaXw70EX3AMwNNz+Ky6GM
vufa9ZxXeJTdUKJjGN9DbDhUbLbOCve0KPF7ilxfsiI+EBcW7cLAWUSATNyTk2tL
FCUY5xJGzYjAq7xyg+uw8H27nQirYbUaTeYhAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUoO4v1B5RQyy+s8eWT10DvJkx544wHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvb080djFCNVJReXktczhlV1QxMER2
Smt4NTQ0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNNPcDAN
BgkqhkiG9w0BAQsFAAOCAQEAHHsHhzfP4xqGshyp9MkfmG/x741p+x0cd1oS0B1J
wAemHiGEjwvP15pQB+Zz7U5MaCLPN6JwiE2TmOGH0JlzA1q3zEKoSOyYCG23zZOM
08Tuxoookvklfl3OI3cmKX8KJY+sCsfMJZu/fQW/8r3rqnu9HpdfM8oUijrX1FT9
42/jPoiS9Q9KIhtLTUrqYvZalcDOmgwUmg/6BiQz6ADuTbz7lg7hgAs2g8QTi2Qi
oQBJOp5fCv8/+jZi0dqcyQ04JmMfMmd/Ez2A6zdfTHSjHtY3G79oWv7geov6GXBH
bMLs0/1qj0LoKL3t4ULGoGQI3wD2kkfSTyiIPmKLnox1dg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org