Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/ngDM8dmq5UoaCQ0kYvZ_jSc1pHE.roa
File: ngDM8dmq5UoaCQ0kYvZ_jSc1pHE.roa (raw, json)
Hash identifier: D7IZjEd8Pn/MWM4Qx2NRO9VZxqRE4t8sl3+szIu8LDo=
Subject key identifier: 9E:00:CC:F1:D9:AA:E5:4A:1A:09:0D:24:62:F6:7F:8D:27:35:A4:71
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0CB4
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ngDM8dmq5UoaCQ0kYvZ_jSc1pHE.roa
Signing time: Mon 15 Jan 2024 21:10:46 +0000
ROA not before: Mon 15 Jan 2024 21:10:46 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24154
IP address blocks: 210.202.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3252 (0xcb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Jan 15 21:10:46 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9E00CCF1D9AAE54A1A090D2462F67F8D2735A471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:27:fb:76:46:96:92:3e:8f:97:fa:ac:6a:f9:
91:19:0c:ce:c3:96:0a:51:4c:ce:5b:b3:c4:8d:64:
1f:ab:77:f7:dc:cd:f3:8f:26:73:d7:4f:c8:0f:ff:
bf:53:3d:53:d5:a4:3e:12:47:00:3e:16:e7:42:13:
ca:58:ee:5a:69:11:98:40:a5:e6:4f:43:52:d7:cc:
bc:90:f7:21:2e:2d:77:f7:5e:d8:27:2f:9c:4f:85:
b1:bc:0e:d6:ba:db:d2:8c:98:4e:41:f1:35:98:5b:
05:b3:6e:3a:d1:62:71:f4:c5:52:6e:87:ca:2b:ee:
5d:82:f6:2f:13:8f:da:91:3a:5a:b5:de:e6:b8:06:
db:84:aa:ad:19:54:df:ec:46:27:a9:6f:ce:df:af:
59:85:ae:81:52:cb:71:45:2b:19:89:78:a5:a8:f5:
ec:6b:31:37:c0:43:ff:6c:5a:8a:ef:51:c4:d1:7a:
53:a3:2a:e7:6d:5a:7b:0b:86:5c:39:e3:ea:c8:e0:
e0:31:8e:59:d2:0c:d2:2d:c6:1d:6b:b9:0e:c3:74:
c3:ed:1f:03:05:4e:03:1c:d9:9d:2b:b2:2a:96:54:
b6:5b:ca:80:66:78:83:f5:e9:e7:c1:69:31:3d:c5:
01:ca:d1:5d:d7:4b:c3:c2:33:ed:dc:d8:20:ba:fe:
50:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:00:CC:F1:D9:AA:E5:4A:1A:09:0D:24:62:F6:7F:8D:27:35:A4:71
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/ngDM8dmq5UoaCQ0kYvZ_jSc1pHE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.32.0/20
Signature Algorithm: sha256WithRSAEncryption
93:ee:bb:2c:21:f4:22:c3:31:06:dd:48:05:52:39:e3:4b:d9:
5f:62:b4:89:f4:75:d1:bf:4f:67:34:62:55:5b:19:8d:30:1d:
c2:21:c0:ff:8d:09:f8:1d:8f:84:84:97:f3:c4:0d:12:9f:a5:
87:30:1a:31:21:a0:0d:6c:26:77:7e:53:55:f6:fa:d9:8e:45:
51:e0:eb:97:1a:66:af:d2:a8:a7:12:54:f4:a7:92:19:e7:96:
0a:7a:7e:a7:9a:3c:a9:13:63:b9:af:80:8e:8f:d0:fe:ec:df:
81:bb:93:d9:c9:94:16:12:88:be:ca:f8:2e:62:48:ac:3b:26:
cc:36:46:e2:fe:33:5d:97:66:0a:f7:66:4a:11:73:6d:4a:e4:
07:48:b9:51:21:7e:09:34:a6:2f:9d:43:90:d6:9c:e5:57:52:
30:68:90:a9:f7:aa:c2:7f:f9:7a:f0:38:05:78:18:5b:36:f6:
da:74:12:3c:f9:27:8b:2a:5f:35:64:1c:6d:34:72:a9:bd:af:
7e:28:b0:fa:94:bc:a0:ed:29:d4:5e:ef:c7:41:b9:6f:70:5f:
1a:23:67:60:a5:8b:ca:e4:ac:85:60:45:66:a6:c8:00:c3:48:
3e:1c:cd:c0:c7:be:27:58:ff:68:35:5e:1e:9d:ef:c7:8e:f0:
e3:ab:00:36
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDLQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTEwNDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlFMDBDQ0YxRDlBQUU1
NEExQTA5MEQyNDYyRjY3RjhEMjczNUE0NzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOJ/t2RpaSPo+X+qxq+ZEZDM7DlgpRTM5bs8SNZB+rd/fczfOP
JnPXT8gP/79TPVPVpD4SRwA+FudCE8pY7lppEZhApeZPQ1LXzLyQ9yEuLXf3Xtgn
L5xPhbG8Dta629KMmE5B8TWYWwWzbjrRYnH0xVJuh8or7l2C9i8Tj9qROlq13ua4
BtuEqq0ZVN/sRiepb87fr1mFroFSy3FFKxmJeKWo9exrMTfAQ/9sWorvUcTRelOj
KudtWnsLhlw54+rI4OAxjlnSDNItxh1ruQ7DdMPtHwMFTgMc2Z0rsiqWVLZbyoBm
eIP16efBaTE9xQHK0V3XS8PCM+3c2CC6/lD/AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUngDM8dmq5UoaCQ0kYvZ/jSc1pHEwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL25nRE04ZG1xNVVvYUNRMGtZdlpfalNj
MXBIRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATSyiAwDQYJ
KoZIhvcNAQELBQADggEBAJPuuywh9CLDMQbdSAVSOeNL2V9itIn0ddG/T2c0YlVb
GY0wHcIhwP+NCfgdj4SEl/PEDRKfpYcwGjEhoA1sJnd+U1X2+tmORVHg65caZq/S
qKcSVPSnkhnnlgp6fqeaPKkTY7mvgI6P0P7s34G7k9nJlBYSiL7K+C5iSKw7Jsw2
RuL+M12XZgr3ZkoRc21K5AdIuVEhfgk0pi+dQ5DWnOVXUjBokKn3qsJ/+XrwOAV4
GFs29tp0Ejz5J4sqXzVkHG00cqm9r34osPqUvKDtKdRe78dBuW9wXxojZ2Cli8rk
rIVgRWamyADDSD4czcDHvidY/2g1Xh6d78eO8OOrADY=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:19 2024 by rpki-client on console-fra.rpki-client.org