Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/KBY0f6QDG-MODoAKcyeqMaAFjNc.roa
File: KBY0f6QDG-MODoAKcyeqMaAFjNc.roa (raw, json)
Hash identifier: entFwHl2zO+6RwsM5WI/wlNzfeu9tBj1QivisZBPEBg=
Subject key identifier: 28:16:34:7F:A4:03:1B:E3:0E:0E:80:0A:73:27:AA:31:A0:05:8C:D7
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0D06
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/KBY0f6QDG-MODoAKcyeqMaAFjNc.roa
Signing time: Mon 15 Jan 2024 21:24:20 +0000
ROA not before: Mon 15 Jan 2024 21:24:20 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131142
IP address blocks: 223.22.0.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3334 (0xd06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Jan 15 21:24:20 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2816347FA4031BE30E0E800A7327AA31A0058CD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:2c:13:f7:89:78:99:96:66:dd:03:fb:db:11:
fc:07:6f:2e:cc:cd:91:d1:09:1d:fa:26:9f:c5:48:
bd:78:89:52:09:a2:cd:13:2b:05:f4:13:8e:21:ee:
66:ca:53:93:fc:1b:25:07:1a:84:9d:86:07:c5:2a:
7a:17:7a:fb:3e:2d:98:39:e5:54:61:29:3b:9e:59:
03:83:21:c3:eb:b9:4d:92:db:78:28:51:12:26:78:
cc:1c:7a:28:ff:d5:87:7f:49:79:62:f4:40:26:01:
97:85:85:a1:c7:81:fa:29:07:fa:87:34:cd:ea:31:
15:d7:0f:a8:8b:62:95:c1:27:4c:b8:fe:1d:b6:d5:
74:fa:35:4d:12:a0:58:07:cd:76:43:64:e3:fa:01:
af:cb:bd:c4:bc:dc:d0:e8:9c:ea:96:68:51:6e:45:
e2:9f:36:e4:b2:2e:98:e2:92:50:bf:cd:e4:0f:1e:
1b:79:e7:bd:d8:10:83:48:0f:02:81:da:68:ea:b2:
23:94:49:99:ac:67:15:83:d7:aa:97:02:1a:1d:bf:
54:46:bf:e2:9e:ed:24:33:1b:e5:c4:73:8b:b0:ff:
0c:09:91:77:75:31:7e:59:db:1b:6c:35:99:fa:e3:
ae:ce:61:4a:f7:d0:e4:13:81:ae:b9:d6:1b:86:71:
f5:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:16:34:7F:A4:03:1B:E3:0E:0E:80:0A:73:27:AA:31:A0:05:8C:D7
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/KBY0f6QDG-MODoAKcyeqMaAFjNc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.22.0.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:a5:3d:51:fe:79:a1:70:55:d9:01:29:a2:46:ca:ed:68:48:
db:76:3e:dc:b3:42:9f:64:33:8b:35:09:e9:a3:76:1e:97:dd:
14:02:a9:f2:2e:10:76:ea:f1:84:12:9e:99:4f:4f:97:0c:24:
14:ff:03:50:b9:dc:c7:ca:49:56:3d:c8:2c:2c:fe:64:5f:68:
e1:60:77:43:61:e0:84:28:f6:af:79:9d:48:45:1a:62:2b:5f:
af:70:24:89:cf:63:47:e6:dd:7a:8a:56:5b:27:51:d5:83:e8:
d6:79:6d:e3:f4:02:05:b1:cd:26:00:2b:b7:33:c7:cd:d5:db:
0d:8d:de:ba:a7:d3:00:d8:45:6e:87:3b:58:09:ed:92:d7:9b:
9e:fa:03:3e:f3:f6:61:4b:81:2e:6b:2d:49:c5:46:05:3b:96:
6a:18:c3:ef:98:fb:2b:6a:ca:53:7d:e3:f8:21:6a:65:92:bd:
7e:7c:70:2b:35:e9:b3:39:4e:34:58:30:44:ee:92:14:cd:7b:
b6:ef:79:e3:b5:75:98:4b:31:bc:1d:2d:b2:81:2a:74:21:8c:
c9:72:7e:8d:b8:ce:e3:62:16:7d:91:16:cf:ec:61:1d:f3:fa:
34:10:f5:db:df:bc:48:73:c8:34:b3:93:54:47:60:14:29:c7:
37:06:1c:0b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDQYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTI0MjBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI4MTYzNDdGQTQwMzFC
RTMwRTBFODAwQTczMjdBQTMxQTAwNThDRDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDELBP3iXiZlmbdA/vbEfwHby7MzZHRCR36Jp/FSL14iVIJos0T
KwX0E44h7mbKU5P8GyUHGoSdhgfFKnoXevs+LZg55VRhKTueWQODIcPruU2S23go
URImeMwceij/1Yd/SXli9EAmAZeFhaHHgfopB/qHNM3qMRXXD6iLYpXBJ0y4/h22
1XT6NU0SoFgHzXZDZOP6Aa/LvcS83NDonOqWaFFuReKfNuSyLpjiklC/zeQPHht5
573YEINIDwKB2mjqsiOUSZmsZxWD16qXAhodv1RGv+Ke7SQzG+XEc4uw/wwJkXd1
MX5Z2xtsNZn6467OYUr30OQTga651huGcfVBAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUKBY0f6QDG+MODoAKcyeqMaAFjNcwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0tCWTBmNlFERy1NT0RvQUtjeWVxTWFB
RmpOYy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATfFgAwDQYJ
KoZIhvcNAQELBQADggEBAI2lPVH+eaFwVdkBKaJGyu1oSNt2PtyzQp9kM4s1Cemj
dh6X3RQCqfIuEHbq8YQSnplPT5cMJBT/A1C53MfKSVY9yCws/mRfaOFgd0Nh4IQo
9q95nUhFGmIrX69wJInPY0fm3XqKVlsnUdWD6NZ5beP0AgWxzSYAK7czx83V2w2N
3rqn0wDYRW6HO1gJ7ZLXm576Az7z9mFLgS5rLUnFRgU7lmoYw++Y+ytqylN94/gh
amWSvX58cCs16bM5TjRYMETukhTNe7bveeO1dZhLMbwdLbKBKnQhjMlyfo24zuNi
Fn2RFs/sYR3z+jQQ9dvfvEhzyDSzk1RHYBQpxzcGHAs=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org