Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/xd01D1TjOB-hJztRZMVmQG0g38w.roa
File: xd01D1TjOB-hJztRZMVmQG0g38w.roa (raw, json)
Hash identifier: +vtUou4c7JoXJj3oUn5P9roHdYIFEmzh70IWXDapJas=
Subject key identifier: C5:DD:35:0F:54:E3:38:1F:A1:27:3B:51:64:C5:66:40:6D:20:DF:CC
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0C7C
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/xd01D1TjOB-hJztRZMVmQG0g38w.roa
Signing time: Mon 15 Jan 2024 21:09:45 +0000
ROA not before: Mon 15 Jan 2024 21:09:45 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9311
IP address blocks: 210.200.17.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3196 (0xc7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Jan 15 21:09:45 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=C5DD350F54E3381FA1273B5164C566406D20DFCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:25:af:81:b1:1d:ba:ad:85:6e:67:4d:ff:82:
af:3d:ec:b8:d5:7e:bf:3f:31:4c:8a:18:be:bf:db:
b7:3a:99:48:e5:49:17:35:65:ed:8b:1b:9f:bd:e7:
97:07:3c:d7:f3:5b:c0:91:da:55:3a:51:59:e6:97:
17:eb:b4:72:15:7b:ea:18:c4:00:51:5a:2f:6c:2c:
8a:d2:ca:3f:22:f0:5d:33:ba:0e:75:93:d8:a8:68:
06:40:f6:55:51:f4:46:b1:19:59:82:4c:50:b8:ff:
97:dd:9d:cc:db:70:84:68:75:8c:d8:7b:52:c3:fb:
22:42:8e:a1:7c:1e:d9:de:f3:3f:83:fe:34:29:85:
36:ea:05:eb:00:98:2c:d1:4e:cd:18:a5:c5:26:2d:
6e:cd:9a:b0:96:20:1a:79:e3:cb:07:e1:17:41:3c:
eb:cf:08:e9:30:7e:0d:c6:7a:68:fd:af:11:d7:64:
04:52:02:6a:64:62:1f:3f:00:67:fc:60:f4:b3:06:
0c:82:65:56:ff:ce:4a:8b:87:d0:cb:3c:1b:3b:11:
b2:b1:4b:04:5c:ac:5a:c4:7e:ec:7a:0e:9b:43:6a:
8d:c0:64:c4:56:e8:1c:0a:c6:74:67:92:0c:56:82:
53:d4:e5:88:cb:fd:5f:ad:64:39:be:71:45:a7:96:
c3:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DD:35:0F:54:E3:38:1F:A1:27:3B:51:64:C5:66:40:6D:20:DF:CC
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/xd01D1TjOB-hJztRZMVmQG0g38w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.200.17.0/24
Signature Algorithm: sha256WithRSAEncryption
49:e8:00:f3:17:9f:0e:28:a9:75:c1:d3:1b:56:b5:1f:cd:51:
f9:b4:7d:a4:cd:8f:81:fe:a0:27:77:ae:81:af:da:8d:05:5e:
0a:c7:c9:9b:a2:d8:70:2a:93:1c:47:70:77:11:48:85:d1:52:
2e:24:e5:4e:90:43:4c:92:78:25:7d:77:a1:a7:ea:2b:5a:05:
7a:b8:18:13:80:96:a2:5d:44:59:72:6c:79:75:90:46:6d:20:
52:8d:2d:a6:5b:27:7e:28:1d:38:e4:65:b1:a9:48:11:61:14:
b4:5f:37:01:83:9d:87:c5:33:57:aa:1c:cc:09:f2:7e:f6:d5:
aa:21:52:0d:a6:d1:f1:36:91:ef:75:e7:88:35:0b:fe:7f:57:
e8:82:3d:6d:5c:ee:e1:0d:95:ea:45:fe:c3:52:bc:09:e1:65:
cb:72:52:7f:74:41:d0:13:d7:e7:24:8b:32:6c:78:3d:80:df:
91:f1:61:61:02:3b:9c:52:6c:8d:8d:d2:34:74:21:64:de:91:
88:56:5a:5e:85:cb:b0:c9:3c:e6:c6:09:00:69:2f:56:d0:9f:
27:87:cc:86:fd:2b:54:ff:58:51:02:1b:0d:72:c8:16:06:86:
0c:98:9f:c8:d6:f0:3d:2b:af:a2:71:6a:db:fe:62:56:e0:0f:
46:c7:71:a4
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDHwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTA5NDVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM1REQzNTBGNTRFMzM4
MUZBMTI3M0I1MTY0QzU2NjQwNkQyMERGQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDrJa+BsR26rYVuZ03/gq897LjVfr8/MUyKGL6/27c6mUjlSRc1
Ze2LG5+955cHPNfzW8CR2lU6UVnmlxfrtHIVe+oYxABRWi9sLIrSyj8i8F0zug51
k9ioaAZA9lVR9EaxGVmCTFC4/5fdnczbcIRodYzYe1LD+yJCjqF8Htne8z+D/jQp
hTbqBesAmCzRTs0YpcUmLW7NmrCWIBp548sH4RdBPOvPCOkwfg3Gemj9rxHXZARS
AmpkYh8/AGf8YPSzBgyCZVb/zkqLh9DLPBs7EbKxSwRcrFrEfux6DptDao3AZMRW
6BwKxnRnkgxWglPU5YjL/V+tZDm+cUWnlsP3AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUxd01D1TjOB+hJztRZMVmQG0g38wwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3hkMDFEMVRqT0ItaEp6dFJaTVZtUUcw
ZzM4dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSyBEwDQYJ
KoZIhvcNAQELBQADggEBAEnoAPMXnw4oqXXB0xtWtR/NUfm0faTNj4H+oCd3roGv
2o0FXgrHyZui2HAqkxxHcHcRSIXRUi4k5U6QQ0ySeCV9d6Gn6itaBXq4GBOAlqJd
RFlybHl1kEZtIFKNLaZbJ34oHTjkZbGpSBFhFLRfNwGDnYfFM1eqHMwJ8n721aoh
Ug2m0fE2ke9154g1C/5/V+iCPW1c7uENlepF/sNSvAnhZctyUn90QdAT1+ckizJs
eD2A35HxYWECO5xSbI2N0jR0IWTekYhWWl6Fy7DJPObGCQBpL1bQnyeHzIb9K1T/
WFECGw1yyBYGhgyYn8jW8D0rr6Jxatv+YlbgD0bHcaQ=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org