Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/q0DG7zo92PRArwru6UKHYbtNPbk.roa
File: q0DG7zo92PRArwru6UKHYbtNPbk.roa (raw, json)
Hash identifier: U8854sWrcjjk0eNbUlAw7CmkbccSmtabBzagrkCjrq8=
Subject key identifier: AB:40:C6:EF:3A:3D:D8:F4:40:AF:0A:EE:E9:42:87:61:BB:4D:3D:B9
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E6F
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/q0DG7zo92PRArwru6UKHYbtNPbk.roa
Signing time: Fri 01 Sep 2023 08:49:41 +0000
ROA not before: Fri 01 Sep 2023 08:49:41 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 210.209.128.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3695 (0xe6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:41 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=AB40C6EF3A3DD8F440AF0AEEE9428761BB4D3DB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e4:6d:e3:8b:15:8c:6a:27:74:e0:db:33:74:
8d:bb:81:97:47:2a:46:25:f8:fe:3f:34:f9:c2:92:
9d:e5:1f:29:b4:ad:e8:b4:3e:70:7e:cc:5d:5f:9c:
1a:34:7d:7d:02:2d:f7:bb:b7:ed:31:3b:06:2f:4c:
e1:91:78:49:4b:ea:44:82:c4:98:17:62:f9:21:6d:
b6:dd:81:9c:f9:29:72:84:8e:67:3c:36:2b:f4:1c:
1a:5e:f3:84:63:41:69:f0:ec:59:d7:bf:2d:c9:17:
97:39:71:7d:34:f3:a3:87:83:80:e5:16:9e:a7:96:
3e:75:67:d0:72:90:6a:71:0b:62:dd:e6:9d:35:77:
12:07:79:2e:15:76:f0:19:70:89:9d:13:b8:3b:a0:
1a:64:9f:39:ec:83:55:d6:64:0d:15:d6:fe:c1:d9:
33:d0:e3:1a:3e:0c:22:92:16:24:4d:42:e9:8e:26:
df:61:f2:61:44:80:dc:57:8c:f6:cd:3f:b7:09:26:
31:b1:20:7a:25:d0:ff:a2:7e:eb:69:04:22:0d:bf:
2c:15:35:dd:c5:1c:39:52:a6:e7:39:68:1b:57:15:
c0:a5:50:f3:8c:50:d6:c2:2e:97:59:15:49:5b:b5:
8e:50:53:57:d7:0a:c5:d2:48:bc:60:34:f8:1e:94:
b5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:40:C6:EF:3A:3D:D8:F4:40:AF:0A:EE:E9:42:87:61:BB:4D:3D:B9
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/q0DG7zo92PRArwru6UKHYbtNPbk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.209.128.0/18
Signature Algorithm: sha256WithRSAEncryption
64:47:6b:2f:89:e9:3b:90:fc:37:2b:c7:5e:79:a1:58:bd:9f:
f7:53:d1:3c:a8:e7:69:50:96:9d:78:ee:6f:48:4b:f8:81:7d:
1b:b1:d2:af:92:a5:85:9a:8c:ee:50:41:df:ed:84:e6:d6:e0:
0e:01:ba:4f:5c:7f:f3:60:dc:99:83:3b:59:ad:19:75:e4:9e:
a6:d4:e9:63:ed:88:06:e4:61:42:ea:e3:6f:0b:bd:74:76:4f:
f8:16:c0:39:9d:eb:8e:db:97:f4:94:b3:10:13:84:14:0a:a4:
06:ea:13:34:e7:5a:53:3f:27:4f:32:03:50:63:bd:e8:44:3e:
6e:be:eb:a4:b4:25:2f:91:c7:9f:aa:5b:c0:45:2c:03:cd:5a:
e3:42:88:09:ec:bb:bb:f7:88:0a:87:ec:10:ea:53:2e:41:e3:
0c:b8:2e:52:57:85:1d:87:4c:2f:2a:b5:f0:af:4c:bd:8e:dc:
48:10:17:dc:19:69:14:13:aa:39:b6:22:00:39:04:29:38:44:
94:e6:f4:06:a4:66:62:ca:d7:d0:87:94:18:af:9b:4f:ed:23:
4b:a9:68:4c:86:cf:26:03:d3:25:bd:3c:e7:ce:09:a1:83:b6:
24:66:6f:2b:8c:67:15:e3:e0:e9:69:ab:04:77:e8:df:2f:55:
40:d5:86:f9
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDm8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5NDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFCNDBDNkVGM0EzREQ4
RjQ0MEFGMEFFRUU5NDI4NzYxQkI0RDNEQjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCp5G3jixWMaid04NszdI27gZdHKkYl+P4/NPnCkp3lHym0rei0
PnB+zF1fnBo0fX0CLfe7t+0xOwYvTOGReElL6kSCxJgXYvkhbbbdgZz5KXKEjmc8
Niv0HBpe84RjQWnw7FnXvy3JF5c5cX0086OHg4DlFp6nlj51Z9BykGpxC2Ld5p01
dxIHeS4VdvAZcImdE7g7oBpknznsg1XWZA0V1v7B2TPQ4xo+DCKSFiRNQumOJt9h
8mFEgNxXjPbNP7cJJjGxIHol0P+ifutpBCINvywVNd3FHDlSpuc5aBtXFcClUPOM
UNbCLpdZFUlbtY5QU1fXCsXSSLxgNPgelLWbAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUq0DG7zo92PRArwru6UKHYbtNPbkwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvcTBERzd6bzkyUFJBcndydTZVS0hZ
YnROUGJrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBtLRgDAN
BgkqhkiG9w0BAQsFAAOCAQEAZEdrL4npO5D8NyvHXnmhWL2f91PRPKjnaVCWnXju
b0hL+IF9G7HSr5KlhZqM7lBB3+2E5tbgDgG6T1x/82DcmYM7Wa0ZdeSeptTpY+2I
BuRhQurjbwu9dHZP+BbAOZ3rjtuX9JSzEBOEFAqkBuoTNOdaUz8nTzIDUGO96EQ+
br7rpLQlL5HHn6pbwEUsA81a40KICey7u/eICofsEOpTLkHjDLguUleFHYdMLyq1
8K9MvY7cSBAX3BlpFBOqObYiADkEKThElOb0BqRmYsrX0IeUGK+bT+0jS6loTIbP
JgPTJb08584JoYO2JGZvK4xnFePg6WmrBHfo3y9VQNWG+Q==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org