Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ETIME/ONBDWxQIK8udnVbWfmk-cnf9rOE.roa
File: ONBDWxQIK8udnVbWfmk-cnf9rOE.roa (raw, json)
Hash identifier: uQGyYVrpTXliKfxFanklSFbpfnyl51sou/S/Bs+2j3w=
Subject key identifier: 38:D0:43:5B:14:08:2B:CB:9D:9D:56:D6:7E:69:3E:72:77:FD:AC:E1
Certificate issuer: /CN=E0EA885A7E6971C99342777E7DDDBA65D0EB131F
Certificate serial: 02B5
Authority key identifier: E0:EA:88:5A:7E:69:71:C9:93:42:77:7E:7D:DD:BA:65:D0:EB:13:1F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4OqIWn5pccmTQnd-fd26ZdDrEx8.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ETIME/ONBDWxQIK8udnVbWfmk-cnf9rOE.roa
Signing time: Fri 01 Sep 2023 08:50:10 +0000
ROA not before: Fri 01 Sep 2023 08:50:10 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 134823
IP address blocks: 2406:c3c0::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 693 (0x2b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E0EA885A7E6971C99342777E7DDDBA65D0EB131F
Validity
Not Before: Sep 1 08:50:10 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=38D0435B14082BCB9D9D56D67E693E7277FDACE1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:25:f2:31:b7:95:f5:d3:d3:ff:0c:0d:b1:d5:
13:53:e7:62:0f:6c:b2:8c:87:36:fa:cb:9c:55:f2:
ab:fc:5c:a1:59:fc:84:fc:db:d3:e5:b3:ab:d6:66:
a4:96:93:41:ce:63:92:8c:9d:2b:3a:19:ba:24:80:
97:91:05:2f:40:eb:89:be:67:4f:91:5e:c2:4f:d0:
00:1a:3d:9a:18:0e:56:92:fc:6d:3d:3d:b2:d8:ae:
5d:d8:8a:72:95:4b:35:90:12:8d:4b:8e:f5:fa:0d:
a5:13:03:20:4f:27:73:3e:80:ca:5b:46:97:a7:32:
88:cc:8e:4e:c0:04:d9:ce:7c:07:dd:b3:24:ef:ec:
dc:8e:da:cc:ea:1a:1f:e5:9c:02:2f:45:24:d2:b1:
fb:0d:f2:19:b6:06:13:dc:ae:c2:e8:67:12:2f:39:
82:cc:6e:54:1c:96:f6:04:db:6f:cc:1e:27:db:67:
8c:f3:c1:aa:87:79:03:49:32:89:aa:82:9e:11:7e:
a4:79:8c:c6:10:2f:93:5e:af:f7:9c:62:4a:1c:60:
73:52:1e:c7:74:44:65:cf:38:e4:c8:d3:6f:a3:61:
3a:b4:68:df:38:6f:ea:1c:b4:b7:0c:c0:4c:26:1d:
22:06:09:0f:e5:04:8f:cb:10:d8:67:ae:e5:0d:2d:
6c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D0:43:5B:14:08:2B:CB:9D:9D:56:D6:7E:69:3E:72:77:FD:AC:E1
X509v3 Authority Key Identifier:
keyid:E0:EA:88:5A:7E:69:71:C9:93:42:77:7E:7D:DD:BA:65:D0:EB:13:1F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ETIME/4OqIWn5pccmTQnd-fd26ZdDrEx8.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4OqIWn5pccmTQnd-fd26ZdDrEx8.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ETIME/ONBDWxQIK8udnVbWfmk-cnf9rOE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:c3c0::/32
Signature Algorithm: sha256WithRSAEncryption
29:7f:69:90:a2:89:77:ee:20:9c:de:f4:cf:bd:8f:9f:d5:87:
97:78:d1:b0:1b:42:8b:04:87:d2:3b:7c:2d:24:36:01:5a:db:
dd:a9:03:df:a4:b9:b9:d2:30:37:05:d4:a6:4c:9f:ae:fb:8d:
45:42:97:4f:9d:5e:4e:b5:3e:c7:98:fa:8a:fc:21:ca:61:b5:
31:fa:27:00:35:b8:ed:c4:2b:44:c3:1d:c8:60:05:e9:49:30:
d2:a4:36:d6:2d:01:d0:49:76:cb:30:2e:54:89:12:a8:b6:a3:
43:5c:27:12:4f:00:1b:fe:81:69:e2:00:ba:d4:11:5c:67:29:
f9:0e:dd:53:e8:3c:be:6a:fc:39:48:67:5d:5d:65:ab:5b:61:
d1:f6:67:c0:3e:0c:68:17:ab:fb:ab:13:d7:0b:59:17:03:a0:
56:36:cb:8d:0e:57:97:60:69:0d:71:8a:e3:8d:cb:60:7a:02:
63:be:ba:82:03:c2:2a:0b:12:95:67:6a:69:ce:10:68:09:78:
fe:42:7f:57:cb:15:9e:78:3b:24:5f:b4:c9:d8:a8:02:f0:a4:
6b:7e:82:51:75:46:e9:fb:77:9d:22:69:f4:24:6c:1c:4b:e6:
3a:24:60:73:ec:2c:5f:9d:ff:70:af:7d:40:16:c5:7b:b7:a0:
7d:8e:e4:de
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICArUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTBF
QTg4NUE3RTY5NzFDOTkzNDI3NzdFN0REREJBNjVEMEVCMTMxRjAeFw0yMzA5MDEw
ODUwMTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM4RDA0MzVCMTQwODJC
Q0I5RDlENTZENjdFNjkzRTcyNzdGREFDRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZJfIxt5X109P/DA2x1RNT52IPbLKMhzb6y5xV8qv8XKFZ/IT8
29Pls6vWZqSWk0HOY5KMnSs6GbokgJeRBS9A64m+Z0+RXsJP0AAaPZoYDlaS/G09
PbLYrl3YinKVSzWQEo1LjvX6DaUTAyBPJ3M+gMpbRpenMojMjk7ABNnOfAfdsyTv
7NyO2szqGh/lnAIvRSTSsfsN8hm2BhPcrsLoZxIvOYLMblQclvYE22/MHifbZ4zz
waqHeQNJMomqgp4RfqR5jMYQL5Ner/ecYkocYHNSHsd0RGXPOOTI02+jYTq0aN84
b+octLcMwEwmHSIGCQ/lBI/LENhnruUNLWwJAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUONBDWxQIK8udnVbWfmk+cnf9rOEwHwYDVR0jBBgwFoAU4OqIWn5pccmTQnd+
fd26ZdDrEx8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRVRJTUUv
NE9xSVduNXBjY21UUW5kLWZkMjZaZERyRXg4LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80T3FJV241cGNjbVRRbmQtZmQyNlpkRHJFeDguY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9FVElNRS9PTkJEV3hRSUs4dWRuVmJXZm1r
LWNuZjlyT0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAJAbD
wDANBgkqhkiG9w0BAQsFAAOCAQEAKX9pkKKJd+4gnN70z72Pn9WHl3jRsBtCiwSH
0jt8LSQ2AVrb3akD36S5udIwNwXUpkyfrvuNRUKXT51eTrU+x5j6ivwhymG1Mfon
ADW47cQrRMMdyGAF6Ukw0qQ21i0B0El2yzAuVIkSqLajQ1wnEk8AG/6BaeIAutQR
XGcp+Q7dU+g8vmr8OUhnXV1lq1th0fZnwD4MaBer+6sT1wtZFwOgVjbLjQ5Xl2Bp
DXGK443LYHoCY766ggPCKgsSlWdqac4QaAl4/kJ/V8sVnng7JF+0ydioAvCka36C
UXVG6ft3nSJp9CRsHEvmOiRgc+wsX53/cK99QBbFe7egfY7k3g==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org