Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/S8S7DgBN2bHrsEFk28iwNXBoxQI.roa
File: S8S7DgBN2bHrsEFk28iwNXBoxQI.roa (raw, json)
Hash identifier: SNI+/wFA12yLGpyN2NDvj5ygkGSH5XatQbNw/IHBfMo=
Subject key identifier: 4B:C4:BB:0E:00:4D:D9:B1:EB:B0:41:64:DB:C8:B0:35:70:68:C5:02
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0D00
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/S8S7DgBN2bHrsEFk28iwNXBoxQI.roa
Signing time: Mon 15 Jan 2024 21:24:13 +0000
ROA not before: Mon 15 Jan 2024 21:24:13 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131142
IP address blocks: 222.251.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3328 (0xd00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Jan 15 21:24:13 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=4BC4BB0E004DD9B1EBB04164DBC8B0357068C502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e7:72:cc:49:85:b7:9e:79:94:75:43:64:69:
33:87:5b:cf:3e:9e:d2:aa:b4:2b:bf:c4:b7:31:d5:
5a:3a:0b:68:23:eb:9e:08:c1:18:61:47:da:56:c8:
b6:e3:23:ae:3d:36:8a:4b:71:fd:82:00:c6:22:be:
ba:f2:3b:70:8e:e5:cc:3a:e3:51:7b:61:80:70:53:
3d:8e:dd:11:46:a7:c2:7e:5c:a5:60:fc:a8:fd:45:
ad:76:f5:40:6a:d1:f3:b1:fa:e7:71:bf:b6:f6:b3:
8d:4a:c6:9b:a6:90:96:7d:b8:74:32:f8:2e:bb:cc:
83:35:e8:56:a1:2d:65:e0:37:48:59:e9:26:a8:b7:
9f:ec:5b:fa:6e:74:61:b0:b9:44:bf:99:28:9a:a6:
42:10:13:73:75:4f:29:31:13:d6:3d:54:31:d6:ed:
83:1a:8d:0d:12:29:b3:51:29:93:34:29:b0:c0:16:
cb:64:b7:39:be:5b:ae:f8:12:e7:09:c9:51:36:1c:
0b:6e:5c:66:8d:80:6e:c6:0f:99:07:7c:a0:30:bd:
e7:36:f8:be:6e:15:df:e5:9d:75:8d:84:23:16:47:
43:6a:21:77:52:47:3e:a6:57:51:38:6b:84:bf:f8:
eb:58:2f:ef:28:c7:bc:09:0e:42:be:f6:73:77:04:
71:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:C4:BB:0E:00:4D:D9:B1:EB:B0:41:64:DB:C8:B0:35:70:68:C5:02
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/S8S7DgBN2bHrsEFk28iwNXBoxQI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
222.251.0.0/18
Signature Algorithm: sha256WithRSAEncryption
2b:24:38:9a:15:5b:e8:63:c8:9c:6c:49:6f:f3:55:68:30:12:
7d:07:99:88:2c:60:17:b2:21:4b:9e:fd:5d:38:db:d4:f1:88:
bb:e3:9c:df:78:e0:b3:c8:5a:1c:3e:f9:fa:36:65:3e:55:53:
3c:56:80:b6:df:ec:73:bb:21:39:bb:90:d2:31:e2:9c:a1:54:
13:b6:cd:71:c6:c2:c5:cf:4b:29:ed:f4:8b:68:0b:a2:3b:f0:
ae:65:05:b6:0a:cb:eb:ec:db:9b:66:f1:c3:59:63:09:7d:2e:
d9:dc:f0:ef:6d:55:dc:47:da:0c:42:e1:19:aa:43:ff:78:1d:
f6:01:44:f8:bd:82:ed:b3:7f:69:16:04:35:4c:1a:61:19:49:
54:d9:18:b7:58:ae:15:78:d3:ca:90:9c:00:0e:6e:ae:d7:d2:
9a:12:c0:53:85:20:87:83:2a:f1:9c:da:2c:5b:00:dc:ac:9c:
1b:3c:5a:9e:ac:15:39:a4:c2:5d:62:30:37:9c:5c:f3:07:5f:
70:f4:82:53:54:25:35:07:f6:78:c0:38:74:c4:34:31:98:cc:
f3:59:ee:c4:a6:6b:b5:aa:05:fd:8c:91:b0:5b:cb:60:50:32:
56:1e:06:63:c1:37:a4:d6:21:9c:cb:ff:97:a5:63:f3:73:70:
e2:de:91:a0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTI0MTNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDRCQzRCQjBFMDA0REQ5
QjFFQkIwNDE2NERCQzhCMDM1NzA2OEM1MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs53LMSYW3nnmUdUNkaTOHW88+ntKqtCu/xLcx1Vo6C2gj654I
wRhhR9pWyLbjI649NopLcf2CAMYivrryO3CO5cw641F7YYBwUz2O3RFGp8J+XKVg
/Kj9Ra129UBq0fOx+udxv7b2s41KxpumkJZ9uHQy+C67zIM16FahLWXgN0hZ6Sao
t5/sW/pudGGwuUS/mSiapkIQE3N1TykxE9Y9VDHW7YMajQ0SKbNRKZM0KbDAFstk
tzm+W674EucJyVE2HAtuXGaNgG7GD5kHfKAwvec2+L5uFd/lnXWNhCMWR0NqIXdS
Rz6mV1E4a4S/+OtYL+8ox7wJDkK+9nN3BHEvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUS8S7DgBN2bHrsEFk28iwNXBoxQIwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1M4UzdEZ0JOMmJIcnNFRmsyOGl3TlhC
b3hRSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAbe+wAwDQYJ
KoZIhvcNAQELBQADggEBACskOJoVW+hjyJxsSW/zVWgwEn0HmYgsYBeyIUue/V04
29TxiLvjnN944LPIWhw++fo2ZT5VUzxWgLbf7HO7ITm7kNIx4pyhVBO2zXHGwsXP
Synt9ItoC6I78K5lBbYKy+vs25tm8cNZYwl9Ltnc8O9tVdxH2gxC4RmqQ/94HfYB
RPi9gu2zf2kWBDVMGmEZSVTZGLdYrhV408qQnAAObq7X0poSwFOFIIeDKvGc2ixb
ANysnBs8Wp6sFTmkwl1iMDecXPMHX3D0glNUJTUH9njAOHTENDGYzPNZ7sSma7Wq
Bf2MkbBby2BQMlYeBmPBN6TWIZzL/5elY/NzcOLekaA=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org