Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/lAvzHzgqb5NqX2qvs1rvO58qZG8.roa
File: lAvzHzgqb5NqX2qvs1rvO58qZG8.roa (raw, json)
Hash identifier: kka/Y41FkaxSRNy+g3g0aFDXBHa4xNCZ3vD6fT8dcSE=
Subject key identifier: 94:0B:F3:1F:38:2A:6F:93:6A:5F:6A:AF:B3:5A:EF:3B:9F:2A:64:6F
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0DC0
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/lAvzHzgqb5NqX2qvs1rvO58qZG8.roa
Signing time: Mon 15 Jan 2024 21:30:34 +0000
ROA not before: Mon 15 Jan 2024 21:30:34 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 43.240.104.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3520 (0xdc0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Jan 15 21:30:34 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=940BF31F382A6F936A5F6AAFB35AEF3B9F2A646F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:46:b7:f6:da:85:d1:e0:e6:0a:0b:56:de:61:
f1:c1:e7:5d:31:4f:d3:f1:33:8c:a9:17:98:33:6b:
9a:39:4d:87:19:40:11:27:49:c5:74:ce:7d:30:56:
e6:43:f6:97:89:cb:78:b2:cf:d3:f7:44:7f:79:56:
7f:94:26:ba:d8:3b:8c:58:c9:c3:99:8a:62:39:62:
62:47:f8:cc:e9:21:07:51:74:d1:9c:7a:16:ed:a3:
65:d3:23:35:70:b7:7f:b2:f9:16:78:6b:ec:2f:56:
39:79:43:65:57:d9:d5:d3:04:2e:39:e7:f9:51:48:
2b:43:1b:29:ec:28:fb:2e:87:3c:8e:ab:4d:98:95:
3d:52:30:88:54:c4:ff:07:ca:70:86:de:c2:6a:03:
47:44:56:73:d5:de:d8:76:f6:9e:22:d9:c7:b1:7b:
bc:38:5f:a7:27:12:aa:ef:f2:41:d4:a8:d7:e3:53:
b9:5e:cb:15:74:77:d9:e2:b5:eb:7d:23:43:57:5b:
e8:cc:cf:ee:ae:cf:ad:0d:aa:66:ad:f2:5f:72:37:
d0:3b:e7:7c:02:be:cf:23:d8:9a:58:e8:6f:9c:a6:
bb:29:bd:c3:00:34:4a:4c:e6:61:f3:b9:e5:94:fb:
29:9f:e8:5f:64:ca:12:49:cc:76:d2:5c:13:c3:9c:
6d:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0B:F3:1F:38:2A:6F:93:6A:5F:6A:AF:B3:5A:EF:3B:9F:2A:64:6F
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/lAvzHzgqb5NqX2qvs1rvO58qZG8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.104.0/22
Signature Algorithm: sha256WithRSAEncryption
42:2c:84:6f:1b:e0:72:d9:ad:0e:f4:3e:40:d5:81:34:ed:0a:
bf:17:ff:28:ba:d3:95:71:a2:4d:6d:6b:03:9e:4b:8e:20:d1:
ba:12:d0:24:28:ad:f0:49:48:31:3e:20:4e:1e:d9:83:4c:19:
07:41:f3:87:99:22:9a:f8:72:e9:3d:2a:fd:aa:22:bd:0b:4d:
45:4b:01:87:fd:ee:85:0b:de:10:f3:20:e8:f4:eb:b9:c7:44:
60:72:e7:29:c9:be:4e:fa:e8:87:27:76:f1:43:42:4a:a5:3b:
b5:18:48:5b:93:9e:51:45:03:f5:d7:89:e3:91:84:a2:0e:8c:
92:6b:8b:30:af:39:20:78:9c:67:c7:05:e1:1c:5e:da:d2:63:
10:ca:58:ca:b2:7a:78:89:2a:b4:b4:55:3f:7c:87:76:f9:cc:
86:94:42:6f:0d:db:2f:f2:e6:82:3f:e5:9d:c6:24:97:68:a5:
17:90:e4:86:29:53:6f:dc:f1:65:0e:0d:67:25:0f:40:bd:bc:
77:c2:bb:73:47:40:ef:8c:13:1a:47:66:69:27:5a:c2:73:1f:
a4:84:06:9f:72:bc:10:6e:43:86:1c:9e:ce:4d:e5:ce:db:36:
7c:a7:d1:10:db:4e:bc:3f:24:c0:1b:87:e8:10:23:24:5f:c4:
49:d4:31:fb
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDcAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTMwMzRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk0MEJGMzFGMzgyQTZG
OTM2QTVGNkFBRkIzNUFFRjNCOUYyQTY0NkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDwRrf22oXR4OYKC1beYfHB510xT9PxM4ypF5gza5o5TYcZQBEn
ScV0zn0wVuZD9peJy3iyz9P3RH95Vn+UJrrYO4xYycOZimI5YmJH+MzpIQdRdNGc
ehbto2XTIzVwt3+y+RZ4a+wvVjl5Q2VX2dXTBC455/lRSCtDGynsKPsuhzyOq02Y
lT1SMIhUxP8HynCG3sJqA0dEVnPV3th29p4i2cexe7w4X6cnEqrv8kHUqNfjU7le
yxV0d9nitet9I0NXW+jMz+6uz60Nqmat8l9yN9A753wCvs8j2JpY6G+cprspvcMA
NEpM5mHzueWU+ymf6F9kyhJJzHbSXBPDnG1tAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUlAvzHzgqb5NqX2qvs1rvO58qZG8wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2xBdnpIemdxYjVOcVgycXZzMXJ2TzU4
cVpHOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIr8GgwDQYJ
KoZIhvcNAQELBQADggEBAEIshG8b4HLZrQ70PkDVgTTtCr8X/yi605Vxok1tawOe
S44g0boS0CQorfBJSDE+IE4e2YNMGQdB84eZIpr4cuk9Kv2qIr0LTUVLAYf97oUL
3hDzIOj067nHRGBy5ynJvk766IcndvFDQkqlO7UYSFuTnlFFA/XXieORhKIOjJJr
izCvOSB4nGfHBeEcXtrSYxDKWMqyeniJKrS0VT98h3b5zIaUQm8N2y/y5oI/5Z3G
JJdopReQ5IYpU2/c8WUODWclD0C9vHfCu3NHQO+MExpHZmknWsJzH6SEBp9yvBBu
Q4Ycns5N5c7bNnyn0RDbTrw/JMAbh+gQIyRfxEnUMfs=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org