Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/A0fvjKkNzCdH8oUcAyYIa1spiqk.roa
File: A0fvjKkNzCdH8oUcAyYIa1spiqk.roa (raw, json)
Hash identifier: bxbip4a83MSwDQHKGhrtoEwYNyDP8szugxkTHs50gGI=
Subject key identifier: 03:47:EF:8C:A9:0D:CC:27:47:F2:85:1C:03:26:08:6B:5B:29:8A:A9
Certificate issuer: /CN=3BF441B57C86BD9D193451A005D26CE1A3C6DEE7
Certificate serial: 0138
Authority key identifier: 3B:F4:41:B5:7C:86:BD:9D:19:34:51:A0:05:D2:6C:E1:A3:C6:DE:E7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/A0fvjKkNzCdH8oUcAyYIa1spiqk.roa
Signing time: Fri 01 Sep 2023 08:49:57 +0000
ROA not before: Fri 01 Sep 2023 08:49:57 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18041
IP address blocks: 2406:ee40::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312 (0x138)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BF441B57C86BD9D193451A005D26CE1A3C6DEE7
Validity
Not Before: Sep 1 08:49:57 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0347EF8CA90DCC2747F2851C0326086B5B298AA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a2:ba:44:ed:73:72:4b:55:89:ad:0b:97:11:
b0:13:f6:35:f5:2e:d3:91:da:da:21:58:74:ff:fc:
c4:d2:64:dc:c2:db:14:c4:e9:87:6e:52:29:88:4f:
81:c7:f1:31:8d:ff:19:3c:4c:13:9a:42:c4:5a:92:
78:18:ae:c5:e2:3e:b6:3b:65:a9:ff:31:74:97:ce:
dd:cf:47:fb:a8:f7:71:52:57:99:2a:fc:6a:19:b1:
04:af:b3:fd:b2:76:0f:44:69:cd:f7:71:20:24:a9:
9e:2f:25:8e:0a:42:1c:8a:23:f5:02:dc:54:cc:46:
72:44:0a:c9:36:5f:51:c6:2c:b3:2e:a0:4b:f3:7a:
70:94:5e:93:df:e2:fb:0b:b0:43:38:b6:b2:53:b4:
1a:42:81:3f:bd:f5:c6:54:22:69:92:58:a6:ad:a7:
fd:19:a2:2a:ab:ae:b1:eb:cb:27:bf:67:7d:56:0a:
66:15:27:b5:4e:a1:56:81:29:2d:81:96:50:77:0a:
9a:39:e8:5d:86:32:e5:2f:9e:f1:c5:df:87:86:a2:
93:8d:a3:ae:77:58:7f:f5:29:bc:b8:46:36:df:90:
b8:64:e4:c3:55:c7:e5:d8:d9:95:04:cd:ad:62:97:
42:ff:bd:98:e3:87:86:a3:e3:34:f1:ed:6a:ea:a6:
49:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:47:EF:8C:A9:0D:CC:27:47:F2:85:1C:03:26:08:6B:5B:29:8A:A9
X509v3 Authority Key Identifier:
keyid:3B:F4:41:B5:7C:86:BD:9D:19:34:51:A0:05:D2:6C:E1:A3:C6:DE:E7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O_RBtXyGvZ0ZNFGgBdJs4aPG3uc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ERAYINFO/A0fvjKkNzCdH8oUcAyYIa1spiqk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:ee40::/32
Signature Algorithm: sha256WithRSAEncryption
b2:44:e5:78:40:ba:41:b5:6a:95:b8:66:e6:bb:da:26:c9:db:
44:ed:43:65:ce:75:7f:d0:78:3d:f7:1f:52:3c:34:f9:49:38:
52:bd:6e:dd:5a:9d:86:5b:76:de:d5:99:e3:73:65:9c:d1:bb:
af:21:a1:99:89:32:c6:8a:19:d2:b8:06:35:ce:07:a1:b6:68:
7c:0a:f3:27:56:45:65:95:50:ed:52:f7:f1:53:0e:69:0d:8c:
2d:3c:df:84:65:61:0c:68:41:f6:3a:4e:a8:ed:d1:c1:82:f3:
b8:71:1a:63:5e:49:26:89:54:3b:59:5c:a6:90:14:e9:7f:65:
42:ba:76:51:be:19:12:e9:ca:bc:ff:80:58:0c:f6:30:8b:ad:
36:63:71:b4:11:b5:20:37:15:8a:f1:02:72:b7:a8:37:d8:e9:
7a:76:b8:3a:ad:6a:55:d6:c3:28:09:d7:2d:63:bd:56:b5:c2:
b9:f4:71:f2:36:90:81:b0:53:f8:1e:96:c7:d5:da:76:59:67:
8e:f8:98:fc:04:b5:a5:74:f0:c3:b7:bd:f3:df:37:7e:d1:8c:
de:7a:04:f1:5b:76:b5:64:ad:c0:f7:de:70:e4:d2:1c:e8:64:
6d:64:0f:3b:10:63:45:6e:eb:48:c8:cb:c1:d7:70:e1:c1:f5:
fc:73:14:e0
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICATgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JG
NDQxQjU3Qzg2QkQ5RDE5MzQ1MUEwMDVEMjZDRTFBM0M2REVFNzAeFw0yMzA5MDEw
ODQ5NTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDAzNDdFRjhDQTkwREND
Mjc0N0YyODUxQzAzMjYwODZCNUIyOThBQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXorpE7XNyS1WJrQuXEbAT9jX1LtOR2tohWHT//MTSZNzC2xTE
6YduUimIT4HH8TGN/xk8TBOaQsRakngYrsXiPrY7Zan/MXSXzt3PR/uo93FSV5kq
/GoZsQSvs/2ydg9Eac33cSAkqZ4vJY4KQhyKI/UC3FTMRnJECsk2X1HGLLMuoEvz
enCUXpPf4vsLsEM4trJTtBpCgT+99cZUImmSWKatp/0ZoiqrrrHryye/Z31WCmYV
J7VOoVaBKS2BllB3Cpo56F2GMuUvnvHF34eGopONo653WH/1Kby4RjbfkLhk5MNV
x+XY2ZUEza1il0L/vZjjh4aj4zTx7WrqpkkjAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUA0fvjKkNzCdH8oUcAyYIa1spiqkwHwYDVR0jBBgwFoAUO/RBtXyGvZ0ZNFGg
BdJs4aPG3ucwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRVJBWUlO
Rk8vT19SQnRYeUd2WjBaTkZHZ0JkSnM0YVBHM3VjLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PX1JCdFh5R3ZaMFpORkdnQmRKczRhUEczdWMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FUkFZSU5GTy9BMGZ2aktrTnpDZEg4
b1VjQXlZSWExc3BpcWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAbuQDANBgkqhkiG9w0BAQsFAAOCAQEAskTleEC6QbVqlbhm5rvaJsnbRO1D
Zc51f9B4PfcfUjw0+Uk4Ur1u3Vqdhlt23tWZ43NlnNG7ryGhmYkyxooZ0rgGNc4H
obZofArzJ1ZFZZVQ7VL38VMOaQ2MLTzfhGVhDGhB9jpOqO3RwYLzuHEaY15JJolU
O1lcppAU6X9lQrp2Ub4ZEunKvP+AWAz2MIutNmNxtBG1IDcVivECcreoN9jpena4
Oq1qVdbDKAnXLWO9VrXCufRx8jaQgbBT+B6Wx9XadllnjviY/AS1pXTww7e98983
ftGM3noE8Vt2tWStwPfecOTSHOhkbWQPOxBjRW7rSMjLwddw4cH1/HMU4A==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org