Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/uEuJE2fHwHZ6ZO-yulkXQx12_OA.roa
File: uEuJE2fHwHZ6ZO-yulkXQx12_OA.roa (raw, json)
Hash identifier: hhkw0FJ8n4/6dsuGhI+DSE52/ot64c/Z7QIZInKjUus=
Subject key identifier: B8:4B:89:13:67:C7:C0:76:7A:64:EF:B2:BA:59:17:43:1D:76:FC:E0
Certificate issuer: /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Certificate serial: 0B8B
Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/uEuJE2fHwHZ6ZO-yulkXQx12_OA.roa
Signing time: Fri 01 Sep 2023 08:54:47 +0000
ROA not before: Fri 01 Sep 2023 08:54:47 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 4782
IP address blocks: 211.79.128.0/19 maxlen: 19
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2955 (0xb8b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Validity
Not Before: Sep 1 08:54:47 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=B84B891367C7C0767A64EFB2BA5917431D76FCE0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:d5:01:74:dc:77:69:4d:c3:5e:f8:65:ac:e1:
f2:7e:c9:75:02:77:8b:08:51:2a:3c:49:2f:0b:28:
e6:6f:df:e7:74:c3:0f:11:c1:82:6d:b2:8e:b3:c8:
b3:69:ad:69:c2:06:cd:d9:7d:2b:00:36:98:dd:fb:
01:7c:ee:4e:8b:44:a0:a6:57:92:e1:00:8d:97:79:
2f:52:93:30:f7:ae:6e:9e:c5:6c:45:6a:b3:2c:e4:
97:73:dc:5e:4a:74:c2:bd:39:e9:60:bf:2a:f2:ea:
ac:32:e8:ba:ce:31:45:7c:e6:c4:e8:63:2e:40:3c:
75:9b:0a:60:99:e6:33:b4:e1:f6:e6:a7:7e:7e:d2:
32:a0:d8:e7:aa:4d:b2:8b:d6:6d:a0:c1:10:62:ed:
72:8c:23:35:d6:6d:8c:c7:9e:99:28:9c:50:be:da:
6e:2f:66:6d:e5:2b:1b:73:f6:df:1f:eb:7d:bb:46:
ec:1b:0b:df:1b:2b:ce:6e:df:b1:18:52:10:51:83:
20:af:da:93:a3:47:43:45:fa:14:bf:b4:09:de:ea:
94:ef:a1:76:06:45:8b:b4:75:2c:ad:9c:2f:3b:02:
8e:0c:78:af:e7:31:4a:27:d9:a1:6a:07:a6:11:9f:
72:1a:bf:54:44:02:6f:28:b1:b7:02:f1:56:50:7f:
81:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:4B:89:13:67:C7:C0:76:7A:64:EF:B2:BA:59:17:43:1D:76:FC:E0
X509v3 Authority Key Identifier:
keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/uEuJE2fHwHZ6ZO-yulkXQx12_OA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.79.128.0/19
Signature Algorithm: sha256WithRSAEncryption
c8:4a:9c:3a:38:41:91:66:9b:a7:66:ad:17:67:c2:47:76:2a:
7a:23:4d:92:33:d2:4a:16:a7:44:2a:d4:ad:e3:4e:6d:34:66:
cb:d3:f5:74:99:a8:29:1c:d2:2b:c5:e9:bd:ff:c8:30:fe:6a:
76:d8:5b:64:76:ed:29:f0:84:ca:df:4f:c4:78:30:d8:5b:d0:
26:2c:b4:15:33:06:24:fd:ee:10:38:3c:a1:c8:a7:c3:c2:3d:
c8:80:c6:7c:7d:9b:2c:4d:eb:40:f9:62:1e:d0:bf:fd:6b:0a:
54:51:f5:c0:ba:20:51:96:9f:de:f2:37:fe:72:f9:be:ba:22:
2a:81:48:b6:61:72:ca:fd:8a:f6:b8:7a:59:a2:c8:31:1f:6e:
6a:a6:ae:02:ee:76:09:c2:30:ff:09:15:68:cb:01:25:c2:f2:
4a:fa:1f:59:e3:03:38:01:4d:d0:87:94:d9:50:74:dc:b1:9d:
80:ea:a2:8d:ad:b8:aa:a9:00:f5:92:85:65:4c:26:4c:be:e6:
37:4c:06:61:88:16:25:25:2e:15:27:ad:37:1d:4d:2a:95:36:
0c:4d:5c:12:53:2c:c9:c2:a7:c3:18:be:3e:eb:67:c1:cc:c7:
1e:24:77:8b:04:f4:d5:5b:69:c2:96:63:15:ab:3b:55:bd:28:
0e:c1:b1:82
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC4swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG
RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yMzA5MDEw
ODU0NDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI4NEI4OTEzNjdDN0Mw
NzY3QTY0RUZCMkJBNTkxNzQzMUQ3NkZDRTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDy1QF03HdpTcNe+GWs4fJ+yXUCd4sIUSo8SS8LKOZv3+d0ww8R
wYJtso6zyLNprWnCBs3ZfSsANpjd+wF87k6LRKCmV5LhAI2XeS9SkzD3rm6exWxF
arMs5Jdz3F5KdMK9Oelgvyry6qwy6LrOMUV85sToYy5APHWbCmCZ5jO04fbmp35+
0jKg2OeqTbKL1m2gwRBi7XKMIzXWbYzHnpkonFC+2m4vZm3lKxtz9t8f6327Ruwb
C98bK85u37EYUhBRgyCv2pOjR0NF+hS/tAne6pTvoXYGRYu0dSytnC87Ao4MeK/n
MUon2aFqB6YRn3Iav1REAm8osbcC8VZQf4EbAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUuEuJE2fHwHZ6ZO+yulkXQx12/OAwHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ
7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm
NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL3VFdUpFMmZId0haNlpPLXl1bGtYUXgx
Ml9PQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXTT4AwDQYJ
KoZIhvcNAQELBQADggEBAMhKnDo4QZFmm6dmrRdnwkd2KnojTZIz0koWp0Qq1K3j
Tm00ZsvT9XSZqCkc0ivF6b3/yDD+anbYW2R27SnwhMrfT8R4MNhb0CYstBUzBiT9
7hA4PKHIp8PCPciAxnx9myxN60D5Yh7Qv/1rClRR9cC6IFGWn97yN/5y+b66IiqB
SLZhcsr9iva4elmiyDEfbmqmrgLudgnCMP8JFWjLASXC8kr6H1njAzgBTdCHlNlQ
dNyxnYDqoo2tuKqpAPWShWVMJky+5jdMBmGIFiUlLhUnrTcdTSqVNgxNXBJTLMnC
p8MYvj7rZ8HMxx4kd4sE9NVbacKWYxWrO1W9KA7BsYI=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org