Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/HnKKC_NDanAmTWEfTbWCgPZG7hc.roa
File: HnKKC_NDanAmTWEfTbWCgPZG7hc.roa (raw, json)
Hash identifier: HM+aVPGWsAgyh0mH+jDK81RozqPdAnWl5fsxNSx4XLg=
Subject key identifier: 1E:72:8A:0B:F3:43:6A:70:26:4D:61:1F:4D:B5:82:80:F6:46:EE:17
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0DF4
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/HnKKC_NDanAmTWEfTbWCgPZG7hc.roa
Signing time: Mon 15 Jan 2024 21:35:40 +0000
ROA not before: Mon 15 Jan 2024 21:35:40 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 211.76.96.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3572 (0xdf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Jan 15 21:35:40 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1E728A0BF3436A70264D611F4DB58280F646EE17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f3:c6:33:6b:e9:10:7f:8c:61:5b:09:10:0a:
48:12:0f:a3:1a:64:62:f7:31:6f:99:d6:6a:39:74:
3d:75:02:5f:98:ee:00:c1:70:3e:02:c1:5f:18:99:
6b:fd:4f:8f:1a:eb:f2:62:3f:5c:69:e5:e3:d8:58:
3e:25:c7:92:70:15:c1:e3:ab:91:6d:23:d8:39:dc:
63:0a:e8:05:0b:0b:98:d5:17:e1:07:55:17:99:6a:
39:18:f4:36:42:ac:e5:53:b5:98:f4:c6:78:c6:75:
12:3e:19:db:78:f2:6f:4c:38:74:4e:17:b2:79:41:
e7:88:8e:7c:9a:70:57:b7:0c:c1:69:de:6e:e9:9a:
57:c5:9f:90:61:1a:2e:d1:ad:56:d4:23:ce:35:3f:
eb:e2:12:36:3b:95:db:8b:6e:ab:c4:8e:8c:fc:2d:
3d:84:f7:b0:75:4e:4e:be:51:6c:e1:f4:61:0d:26:
1a:fc:af:d9:f6:53:b7:54:24:5e:b5:6c:2e:4f:54:
db:ec:50:cb:4e:e2:01:ee:24:63:1c:e2:89:a8:5f:
0e:6f:fd:ae:8c:97:8c:c5:77:57:8a:6f:68:f3:fd:
8e:d0:ab:31:06:c2:59:a2:54:d4:49:88:5a:b8:a0:
dc:79:e9:fc:f9:1f:2a:79:19:f0:92:19:28:54:db:
d9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:72:8A:0B:F3:43:6A:70:26:4D:61:1F:4D:B5:82:80:F6:46:EE:17
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/HnKKC_NDanAmTWEfTbWCgPZG7hc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.96.0/20
Signature Algorithm: sha256WithRSAEncryption
4a:de:0c:a6:ab:25:0e:86:50:a9:b7:39:df:f8:20:2b:3e:46:
96:f7:65:40:36:5d:2a:f1:c8:6f:a1:aa:98:32:29:8b:84:a1:
e0:d2:ed:a1:98:45:10:32:4c:46:b1:a5:45:70:96:7f:2f:2d:
76:c1:fd:ba:ea:d3:e8:d7:a1:27:a0:9e:47:62:fd:a9:2f:31:
dc:57:42:2d:53:23:b1:92:6f:61:42:19:d6:4f:b9:f7:4a:d8:
53:d3:95:45:e6:00:41:04:30:b4:4d:30:76:59:15:3f:d9:29:
9e:1d:67:89:75:18:48:42:70:a6:93:66:12:eb:41:1e:b1:b4:
7a:14:3e:8a:d9:fd:9d:ea:dc:18:04:24:45:8d:fb:8d:da:48:
70:68:b8:7b:0d:ae:27:6c:28:7b:7f:b0:fd:f6:0d:33:08:14:
aa:21:7a:db:d1:bf:d3:24:84:bd:0a:59:99:ad:bd:48:67:a8:
c4:63:a8:6a:cf:48:6c:38:a1:67:0d:d7:0f:bf:c7:b3:fe:8a:
a5:65:e9:36:f8:ac:d0:20:b1:44:a6:b8:30:db:95:de:69:1d:
f4:28:80:cb:02:b7:28:7f:19:12:9f:ba:66:c5:4b:02:83:25:
a8:60:1d:75:5a:66:65:1d:24:bf:f0:fd:0b:f6:0f:2e:70:88:
4d:b5:c6:4f
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDfQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTM1NDBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFFNzI4QTBCRjM0MzZB
NzAyNjRENjExRjREQjU4MjgwRjY0NkVFMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDH88Yza+kQf4xhWwkQCkgSD6MaZGL3MW+Z1mo5dD11Al+Y7gDB
cD4CwV8YmWv9T48a6/JiP1xp5ePYWD4lx5JwFcHjq5FtI9g53GMK6AULC5jVF+EH
VReZajkY9DZCrOVTtZj0xnjGdRI+Gdt48m9MOHROF7J5QeeIjnyacFe3DMFp3m7p
mlfFn5BhGi7RrVbUI841P+viEjY7lduLbqvEjoz8LT2E97B1Tk6+UWzh9GENJhr8
r9n2U7dUJF61bC5PVNvsUMtO4gHuJGMc4omoXw5v/a6Ml4zFd1eKb2jz/Y7QqzEG
wlmiVNRJiFq4oNx56fz5Hyp5GfCSGShU29nBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUHnKKC/NDanAmTWEfTbWCgPZG7hcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0huS0tDX05EYW5BbVRXRWZUYldDZ1Ba
RzdoYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATTTGAwDQYJ
KoZIhvcNAQELBQADggEBAEreDKarJQ6GUKm3Od/4ICs+Rpb3ZUA2XSrxyG+hqpgy
KYuEoeDS7aGYRRAyTEaxpUVwln8vLXbB/brq0+jXoSegnkdi/akvMdxXQi1TI7GS
b2FCGdZPufdK2FPTlUXmAEEEMLRNMHZZFT/ZKZ4dZ4l1GEhCcKaTZhLrQR6xtHoU
PorZ/Z3q3BgEJEWN+43aSHBouHsNridsKHt/sP32DTMIFKohetvRv9MkhL0KWZmt
vUhnqMRjqGrPSGw4oWcN1w+/x7P+iqVl6Tb4rNAgsUSmuDDbld5pHfQogMsCtyh/
GRKfumbFSwKDJahgHXVaZmUdJL/w/Qv2Dy5wiE21xk8=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org