Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EMAX/z9WOA70wvTGg71fFeAasqhOTOYY.roa
File: z9WOA70wvTGg71fFeAasqhOTOYY.roa (raw, json)
Hash identifier: yb83jFbrPcQFYH9EfEAQZmXeKjTsYqM5Xzdv8nG14mo=
Subject key identifier: CF:D5:8E:03:BD:30:BD:31:A0:EF:57:C5:78:06:AC:AA:13:93:39:86
Certificate issuer: /CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Certificate serial: 0E64
Authority key identifier: 2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/z9WOA70wvTGg71fFeAasqhOTOYY.roa
Signing time: Fri 01 Sep 2023 08:49:38 +0000
ROA not before: Fri 01 Sep 2023 08:49:38 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17809
IP address blocks: 121.254.72.0/21 maxlen: 21
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3684 (0xe64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2A478155382731E5C0F6821DD5389F9E52E1E4D6
Validity
Not Before: Sep 1 08:49:38 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CFD58E03BD30BD31A0EF57C57806ACAA13933986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0e:64:05:e9:b6:43:7c:9d:45:fc:2f:4d:b2:
1d:38:e3:95:dd:4e:1b:16:88:80:a5:86:0e:53:d5:
c1:eb:a9:92:db:9d:ee:a5:bb:8c:f9:2e:a9:3b:45:
73:b1:78:b2:e2:bf:d9:93:6e:be:58:38:2f:29:1a:
cf:b6:39:0d:45:91:9b:e5:05:3d:92:1e:2d:81:ed:
48:be:eb:dc:1a:84:13:29:bc:c3:cb:84:15:44:bb:
2c:a4:75:af:74:43:f6:ee:ff:9b:29:ca:56:1c:55:
ce:1c:69:40:3f:6c:c6:80:05:f3:75:5c:9c:bc:08:
3b:74:67:a2:9d:88:1b:3f:74:6d:01:b4:15:8e:05:
13:88:8a:73:06:a0:b0:97:7b:86:ba:f2:38:9d:7e:
51:3d:be:f9:d9:0c:94:96:cd:4b:08:b5:66:21:0b:
14:b4:ca:ac:c6:9f:75:43:05:6f:e4:a0:19:db:fd:
95:b5:57:2b:26:8e:56:76:d7:71:f5:50:7b:7b:8f:
2c:06:cf:97:48:36:f3:ef:9b:5d:f0:d5:db:57:a6:
1f:16:6f:36:d4:c6:87:2d:ef:a8:48:79:ba:65:3c:
e0:fa:b1:e2:01:82:ba:32:dc:08:be:80:55:67:63:
90:a1:f7:78:49:fe:6c:04:69:4c:99:7f:b4:33:27:
b6:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D5:8E:03:BD:30:BD:31:A0:EF:57:C5:78:06:AC:AA:13:93:39:86
X509v3 Authority Key Identifier:
keyid:2A:47:81:55:38:27:31:E5:C0:F6:82:1D:D5:38:9F:9E:52:E1:E4:D6
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/KkeBVTgnMeXA9oId1TifnlLh5NY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KkeBVTgnMeXA9oId1TifnlLh5NY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EMAX/z9WOA70wvTGg71fFeAasqhOTOYY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
121.254.72.0/21
Signature Algorithm: sha256WithRSAEncryption
3e:dc:8c:d6:f3:29:cb:29:6c:88:0e:be:63:76:f6:42:df:43:
6b:b3:d4:14:cd:40:81:d6:21:4f:e1:4a:1b:a7:be:c9:26:48:
2e:0f:e4:6c:79:fd:17:21:aa:11:a4:30:12:9d:28:d1:22:ba:
c8:8d:89:85:9f:ca:9c:47:0c:f1:e1:79:a3:eb:6c:bc:16:b5:
f8:6b:c2:a9:f5:48:20:00:6a:7a:cd:3c:ef:db:27:95:1e:36:
48:c4:88:ba:ef:af:2e:71:e6:53:00:5e:97:c5:74:4f:f5:98:
3a:0f:45:4e:ee:b6:91:b0:ae:d2:96:5d:c7:bf:27:30:02:ba:
83:e6:8f:3d:1f:57:8d:8c:36:d1:29:f9:87:bb:66:5d:86:9c:
fc:9c:07:50:c1:94:54:7f:6e:eb:88:a8:5d:20:b5:57:a2:e0:
c7:92:16:80:d6:b2:cc:24:e8:e5:d7:2a:a0:4c:ad:bd:de:11:
60:39:b8:c0:16:fc:38:ce:8e:47:55:0d:ee:a3:36:90:8e:51:
7b:45:cc:65:4e:d8:08:a9:00:1e:a1:5e:b7:28:c2:2f:1e:3d:
28:51:7a:11:17:23:3c:dd:ec:d2:7a:c0:13:ad:ba:ba:2d:e2:
11:88:9c:a7:56:10:46:46:63:91:a7:34:f0:73:f4:36:b9:a9:
f1:37:49:cc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDmQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkE0
NzgxNTUzODI3MzFFNUMwRjY4MjFERDUzODlGOUU1MkUxRTRENjAeFw0yMzA5MDEw
ODQ5MzhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENGRDU4RTAzQkQzMEJE
MzFBMEVGNTdDNTc4MDZBQ0FBMTM5MzM5ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3DmQF6bZDfJ1F/C9Nsh0445XdThsWiIClhg5T1cHrqZLbne6l
u4z5Lqk7RXOxeLLiv9mTbr5YOC8pGs+2OQ1FkZvlBT2SHi2B7Ui+69wahBMpvMPL
hBVEuyykda90Q/bu/5spylYcVc4caUA/bMaABfN1XJy8CDt0Z6KdiBs/dG0BtBWO
BROIinMGoLCXe4a68jidflE9vvnZDJSWzUsItWYhCxS0yqzGn3VDBW/koBnb/ZW1
VysmjlZ213H1UHt7jywGz5dINvPvm13w1dtXph8WbzbUxoct76hIebplPOD6seIB
groy3Ai+gFVnY5Ch93hJ/mwEaUyZf7QzJ7YHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUz9WOA70wvTGg71fFeAasqhOTOYYwHwYDVR0jBBgwFoAUKkeBVTgnMeXA9oId
1TifnlLh5NYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRU1BWC9L
a2VCVlRnbk1lWEE5b0lkMVRpZm5sTGg1TlkuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0trZUJWVGduTWVYQTlvSWQxVGlmbmxMaDVOWS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0VNQVgvejlXT0E3MHd2VEdnNzFmRmVBYXNx
aE9UT1lZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA3n+SDAN
BgkqhkiG9w0BAQsFAAOCAQEAPtyM1vMpyylsiA6+Y3b2Qt9Da7PUFM1AgdYhT+FK
G6e+ySZILg/kbHn9FyGqEaQwEp0o0SK6yI2JhZ/KnEcM8eF5o+tsvBa1+GvCqfVI
IABqes0879snlR42SMSIuu+vLnHmUwBel8V0T/WYOg9FTu62kbCu0pZdx78nMAK6
g+aPPR9XjYw20Sn5h7tmXYac/JwHUMGUVH9u64ioXSC1V6Lgx5IWgNayzCTo5dcq
oEytvd4RYDm4wBb8OM6OR1UN7qM2kI5Re0XMZU7YCKkAHqFetyjCLx49KFF6ERcj
PN3s0nrAE626ui3iEYicp1YQRkZjkac08HP0Nrmp8TdJzA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org