Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/Qs0phUoFfT3UF5Yz_vB1PKvRtOM.roa
File: Qs0phUoFfT3UF5Yz_vB1PKvRtOM.roa (raw, json)
Hash identifier: iP7ry0AtZSJO7sW8VSDZmZButnvk/9nRKqbMIFaA5TU=
Subject key identifier: 42:CD:29:85:4A:05:7D:3D:D4:17:96:33:FE:F0:75:3C:AB:D1:B4:E3
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0BAC
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Qs0phUoFfT3UF5Yz_vB1PKvRtOM.roa
Signing time: Fri 01 Sep 2023 08:50:52 +0000
ROA not before: Fri 01 Sep 2023 08:50:52 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9674
IP address blocks: 27.51.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2988 (0xbac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Sep 1 08:50:52 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=42CD29854A057D3DD4179633FEF0753CABD1B4E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:28:02:be:a1:9b:f2:81:6c:cb:1e:d2:82:c2:
4c:47:bb:1f:a9:b5:1a:e2:87:4e:4b:01:3a:d5:d7:
4e:f7:e0:ca:fc:9b:5f:53:f3:10:7c:00:68:58:46:
07:35:5f:4b:8d:fc:98:e1:6e:0c:e8:da:31:ca:78:
fc:38:b0:ed:6b:e8:ff:40:a2:62:fe:8c:fb:27:26:
f3:ea:fd:a8:fe:b9:f6:a7:51:da:25:b8:0a:11:0c:
4f:38:ec:e0:b5:e4:7f:50:25:1c:11:f1:a7:79:08:
e1:02:76:6a:6f:e3:dc:bf:dc:e0:07:30:c7:cf:74:
50:1f:d8:a9:e3:95:df:55:5c:07:39:6d:bd:36:1e:
b2:f6:27:b4:db:1a:be:8c:ed:34:d9:c2:c9:68:80:
d4:5c:71:0a:bb:e3:d4:4d:f9:16:40:56:d9:10:34:
66:03:97:ab:70:71:fb:dc:33:cf:37:75:68:a3:4c:
c0:2d:ca:27:c3:c5:d4:e3:75:56:82:5d:14:53:2f:
94:d3:2a:d2:d3:19:99:ad:fd:5b:5a:08:23:d8:bd:
c4:3b:79:2b:f9:6d:87:52:b5:fe:1b:9f:a8:bc:fb:
38:1f:7b:88:4b:63:4c:01:64:90:d5:5a:01:2b:f3:
25:82:63:92:12:ab:7e:1b:aa:a9:c3:af:a6:c2:78:
89:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:CD:29:85:4A:05:7D:3D:D4:17:96:33:FE:F0:75:3C:AB:D1:B4:E3
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/Qs0phUoFfT3UF5Yz_vB1PKvRtOM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
27.51.0.0/16
Signature Algorithm: sha256WithRSAEncryption
38:f9:23:8e:13:9c:c5:44:a4:c9:f1:92:aa:1c:2f:12:13:ef:
eb:8e:3f:75:5c:d4:15:1f:72:6c:de:fb:60:9f:b2:a3:23:40:
0c:67:4d:cf:7d:a3:5b:b1:47:6e:ac:fa:d4:be:a7:dd:fd:2c:
82:1b:a0:2c:99:5b:d7:c4:af:42:df:86:cd:00:b8:e5:9a:95:
16:29:04:38:23:fd:3f:83:45:6f:8f:df:60:7c:11:de:6e:fe:
f7:75:40:fb:34:85:06:1f:a3:5f:d0:03:a2:ac:1c:96:25:69:
d3:e5:f3:50:fe:0f:5b:6a:9b:1d:c1:27:26:45:39:95:22:3d:
df:9d:fe:cb:c6:f1:7e:cf:a2:c4:d4:c0:03:92:3b:84:5f:72:
b1:63:4e:7c:8e:06:a7:c0:3c:e1:35:b1:04:66:9c:11:83:5e:
f2:c4:0d:aa:1d:69:68:b2:9d:c0:4a:c4:30:b1:61:0e:5a:28:
95:05:6f:7c:cb:ff:5b:ee:89:a2:72:b7:e1:bc:ff:69:31:7e:
39:b8:c0:1f:9a:c8:5d:4f:32:f6:41:16:84:2c:58:94:79:57:
81:69:0d:93:90:d5:a4:95:c7:ee:42:e9:b9:30:7c:42:8d:b3:
fd:8c:df:34:bb:22:c1:0f:fb:a1:f4:c4:ca:84:d7:8e:50:56:
e6:6d:71:b4
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICC6wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMzA5MDEw
ODUwNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDQyQ0QyOTg1NEEwNTdE
M0RENDE3OTYzM0ZFRjA3NTNDQUJEMUI0RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8KAK+oZvygWzLHtKCwkxHux+ptRrih05LATrV10734Mr8m19T
8xB8AGhYRgc1X0uN/Jjhbgzo2jHKePw4sO1r6P9AomL+jPsnJvPq/aj+ufanUdol
uAoRDE847OC15H9QJRwR8ad5COECdmpv49y/3OAHMMfPdFAf2Knjld9VXAc5bb02
HrL2J7TbGr6M7TTZwslogNRccQq749RN+RZAVtkQNGYDl6twcfvcM883dWijTMAt
yifDxdTjdVaCXRRTL5TTKtLTGZmt/VtaCCPYvcQ7eSv5bYdStf4bn6i8+zgfe4hL
Y0wBZJDVWgEr8yWCY5ISq34bqqnDr6bCeIltAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUQs0phUoFfT3UF5Yz/vB1PKvRtOMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1FzMHBoVW9GZlQzVUY1WXpfdkIxUEt2
UnRPTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwAbMzANBgkq
hkiG9w0BAQsFAAOCAQEAOPkjjhOcxUSkyfGSqhwvEhPv644/dVzUFR9ybN77YJ+y
oyNADGdNz32jW7FHbqz61L6n3f0sghugLJlb18SvQt+GzQC45ZqVFikEOCP9P4NF
b4/fYHwR3m7+93VA+zSFBh+jX9ADoqwcliVp0+XzUP4PW2qbHcEnJkU5lSI9353+
y8bxfs+ixNTAA5I7hF9ysWNOfI4Gp8A84TWxBGacEYNe8sQNqh1paLKdwErEMLFh
DloolQVvfMv/W+6JonK34bz/aTF+ObjAH5rIXU8y9kEWhCxYlHlXgWkNk5DVpJXH
7kLpuTB8Qo2z/YzfNLsiwQ/7ofTEyoTXjlBW5m1xtA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:12 2024 by rpki-client on console-ams.rpki-client.org