Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/nKXPd8ALUatHCHfX6J_tMIozbqU.roa
File: nKXPd8ALUatHCHfX6J_tMIozbqU.roa (raw, json)
Hash identifier: Bit2ASRFfVISL5ZB/ZELwyUzbshSiYrQJpcHIhAspYI=
Subject key identifier: 9C:A5:CF:77:C0:0B:51:AB:47:08:77:D7:E8:9F:ED:30:8A:33:6E:A5
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0E68
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nKXPd8ALUatHCHfX6J_tMIozbqU.roa
Signing time: Wed 15 May 2024 08:20:49 +0000
ROA not before: Wed 15 May 2024 08:20:49 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18049
IP address blocks: 218.34.108.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3688 (0xe68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: May 15 08:20:49 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9CA5CF77C00B51AB470877D7E89FED308A336EA5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e3:c8:fc:77:97:15:88:5c:8a:43:3b:aa:04:
bb:6a:a5:d3:cf:59:a6:05:96:3d:32:66:3c:e4:89:
bd:ef:07:4e:40:97:45:26:ab:73:c5:e1:15:a3:53:
3d:c6:df:56:04:f6:d6:88:ed:b4:9e:e1:81:b6:85:
17:6a:5c:1b:9f:7a:e6:6b:df:bf:bb:20:46:81:2a:
5b:20:e1:c9:b7:82:e8:2d:d8:71:2d:b2:f3:2f:06:
92:85:63:a3:e2:2d:cb:ac:30:13:57:2e:5e:b6:4a:
7e:99:61:12:9d:ce:04:f5:42:62:ff:32:9b:25:59:
8b:db:9e:ee:24:b2:23:1c:f4:87:fa:21:74:30:48:
bd:14:b2:19:b1:29:f8:f5:d5:0d:9a:34:10:96:ed:
05:4a:dd:1d:af:4e:06:a0:91:ed:d0:41:16:2d:6d:
53:3f:44:8f:e5:27:5b:19:16:7c:9d:55:ae:e7:d1:
5f:57:ad:be:ab:a6:0e:a4:61:01:ee:42:e0:2c:8e:
cc:19:e5:1a:d6:8c:0d:7e:95:f3:90:5e:73:8b:99:
12:c8:db:08:96:d1:aa:d9:87:fb:53:64:5f:af:d4:
1a:ae:72:25:9d:4d:71:d9:2e:c7:5e:51:cb:1c:b6:
ca:d2:3b:a0:d9:03:5d:a7:39:d3:18:1d:9f:f7:e5:
cc:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:A5:CF:77:C0:0B:51:AB:47:08:77:D7:E8:9F:ED:30:8A:33:6E:A5
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nKXPd8ALUatHCHfX6J_tMIozbqU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.34.108.0/22
Signature Algorithm: sha256WithRSAEncryption
39:f4:48:08:03:aa:7b:3a:54:08:0d:da:30:55:19:4d:38:0e:
2b:3d:4d:9d:c6:ed:f7:af:39:f6:78:ed:da:0e:f8:82:de:72:
d1:f8:14:a5:2a:9b:7d:e3:f1:6b:b8:34:51:a4:91:f4:6d:ac:
04:bd:3f:02:7f:0e:a0:78:ce:bc:52:f0:fa:5f:96:85:4b:2f:
f6:a2:5a:21:a0:8c:8d:4b:8f:38:d1:f3:fd:23:4a:06:72:96:
35:10:15:84:fd:85:da:65:85:a4:b0:83:b0:24:c4:19:30:f6:
85:b5:00:b4:e7:7c:dc:5b:ac:d6:82:3a:e8:c4:4d:0a:04:8d:
74:2f:65:4b:15:bb:13:92:08:99:cf:a2:5a:57:c7:86:f9:98:
b7:4f:fe:09:6e:d8:36:81:99:ac:1c:1f:54:96:6d:ec:13:3e:
ab:70:81:2d:2f:66:f6:2d:c0:2b:8a:77:28:71:2d:45:49:47:
aa:c6:f8:50:f8:dd:fb:d1:28:d7:e8:be:b0:3f:aa:63:7f:d8:
c2:13:a6:38:c2:92:d4:a3:f5:8b:4d:95:14:2e:60:d2:6a:73:
b3:b6:a8:8e:dc:10:64:6f:1a:6e:51:86:6c:0b:72:84:09:d5:
88:dc:7b:c8:de:09:a6:e5:aa:c0:94:19:6d:5e:a6:db:bc:51:
7a:ee:8e:6c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDmgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDA1MTUw
ODIwNDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlDQTVDRjc3QzAwQjUx
QUI0NzA4NzdEN0U4OUZFRDMwOEEzMzZFQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs48j8d5cViFyKQzuqBLtqpdPPWaYFlj0yZjzkib3vB05Al0Um
q3PF4RWjUz3G31YE9taI7bSe4YG2hRdqXBufeuZr37+7IEaBKlsg4cm3gugt2HEt
svMvBpKFY6PiLcusMBNXLl62Sn6ZYRKdzgT1QmL/MpslWYvbnu4ksiMc9If6IXQw
SL0UshmxKfj11Q2aNBCW7QVK3R2vTgagke3QQRYtbVM/RI/lJ1sZFnydVa7n0V9X
rb6rpg6kYQHuQuAsjswZ5RrWjA1+lfOQXnOLmRLI2wiW0arZh/tTZF+v1BquciWd
TXHZLsdeUcsctsrSO6DZA12nOdMYHZ/35czVAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUnKXPd8ALUatHCHfX6J/tMIozbqUwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL25LWFBkOEFMVWF0SENIZlg2Sl90TUlv
emJxVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALaImwwDQYJ
KoZIhvcNAQELBQADggEBADn0SAgDqns6VAgN2jBVGU04Dis9TZ3G7fevOfZ47doO
+ILectH4FKUqm33j8Wu4NFGkkfRtrAS9PwJ/DqB4zrxS8PpfloVLL/aiWiGgjI1L
jzjR8/0jSgZyljUQFYT9hdplhaSwg7AkxBkw9oW1ALTnfNxbrNaCOujETQoEjXQv
ZUsVuxOSCJnPolpXx4b5mLdP/glu2DaBmawcH1SWbewTPqtwgS0vZvYtwCuKdyhx
LUVJR6rG+FD43fvRKNfovrA/qmN/2MITpjjCktSj9YtNlRQuYNJqc7O2qI7cEGRv
Gm5RhmwLcoQJ1Yjce8jeCablqsCUGW1eptu8UXrujmw=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org