Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GTT/NQxEeENkvHtUqSD0e7OH0Wgl2a0.roa
File: NQxEeENkvHtUqSD0e7OH0Wgl2a0.roa (raw, json)
Hash identifier: mijxw0v7NEMsOLCNIcmOLYbhBoW9DqAi/TUj+ISLtzI=
Subject key identifier: 35:0C:44:78:43:64:BC:7B:54:A9:20:F4:7B:B3:87:D1:68:25:D9:AD
Certificate issuer: /CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Certificate serial: 0B24
Authority key identifier: B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/NQxEeENkvHtUqSD0e7OH0Wgl2a0.roa
Signing time: Fri 01 Sep 2023 08:55:28 +0000
ROA not before: Fri 01 Sep 2023 08:55:28 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18042
IP address blocks: 203.118.224.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2852 (0xb24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Validity
Not Before: Sep 1 08:55:28 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=350C44784364BC7B54A920F47BB387D16825D9AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8d:17:f5:6b:1e:d5:84:ed:59:f9:44:44:c8:
80:fc:2f:02:9d:9b:a4:40:f6:28:d7:17:ce:5e:4e:
60:16:d2:07:6b:ac:6a:d6:e3:2f:6c:a8:35:45:58:
ee:b5:2b:7f:8d:ab:d4:21:d9:68:b8:ee:4b:8b:88:
ab:68:fe:2d:32:5f:3a:2b:e2:b2:09:e9:52:2b:73:
28:6b:e0:6f:87:ca:43:d6:be:7a:f3:56:ac:83:07:
b2:46:1a:30:02:3a:ef:f1:c7:22:e2:d9:62:26:17:
35:ff:8a:cf:99:ee:8e:f9:d9:18:90:3f:70:3a:ba:
c5:71:84:33:09:f8:6e:af:ea:8b:35:6f:0d:fc:e9:
59:48:ec:49:17:f2:7d:1c:41:d3:47:ed:ba:6d:5e:
24:f8:03:82:40:72:5e:3d:30:7d:39:76:c6:b1:0a:
9e:7c:49:8d:7d:84:9b:98:5c:db:f5:99:20:59:e6:
de:c0:37:94:0f:6f:17:a4:08:27:0f:b3:d9:1c:01:
1b:f2:2d:bc:53:ab:74:f6:b0:46:0a:bc:97:88:80:
91:94:f5:7e:cf:78:3b:ff:d8:a2:9e:e4:fd:c5:a2:
c2:c4:35:ae:fd:7f:04:f3:10:ec:28:e4:2d:ad:5a:
5b:a1:fe:3c:1c:8a:dc:ea:39:fb:48:a5:ee:55:fb:
b7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:0C:44:78:43:64:BC:7B:54:A9:20:F4:7B:B3:87:D1:68:25:D9:AD
X509v3 Authority Key Identifier:
keyid:B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/NQxEeENkvHtUqSD0e7OH0Wgl2a0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.118.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7a:69:79:a4:ba:1b:06:85:a1:7c:03:85:af:f4:6c:5e:6f:25:
63:b9:1d:ce:ff:a8:17:86:3d:b0:b3:25:d4:66:38:0f:8a:dc:
7e:b3:39:94:dd:d7:67:88:2b:76:23:c9:aa:92:2c:4a:b9:c8:
df:2a:e6:32:56:fb:a6:59:f8:0a:48:12:e2:54:39:a0:36:e1:
5e:57:57:1f:5a:ab:5d:f7:c8:4c:5d:b3:f6:9e:28:ea:19:49:
36:22:0f:53:9a:86:5a:5c:f8:e6:21:01:43:31:10:a6:d5:64:
5c:1e:35:7a:19:da:bd:7b:38:a2:90:06:ea:1f:8a:a2:57:54:
e5:66:83:d8:cc:ef:c7:16:14:ce:85:de:12:0e:ea:4d:11:55:
cc:05:89:3b:13:2b:9a:75:d1:ec:97:da:fb:53:29:49:5d:2b:
06:93:b5:a9:e9:c9:f0:31:e7:b4:2a:4d:1b:5a:9e:0c:01:f9:
6d:02:43:d2:10:b9:6d:57:45:bf:3f:7c:f6:da:a6:58:a1:02:
0c:7b:b1:75:3c:2c:23:c1:70:49:92:80:e9:e9:ee:eb:a1:af:
6b:a4:79:e3:ba:36:df:cb:ce:8c:d7:27:34:02:b5:ee:9b:75:
91:00:7d:19:7b:22:fa:2b:43:47:d2:7a:f2:f6:ee:fb:2d:b2:
19:1e:4f:b6
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCyQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRF
QzYxRUQ3RThDNjRGMjEwMzE3RENDN0U4MDhBOUMxOTJEODg0QTAeFw0yMzA5MDEw
ODU1MjhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM1MEM0NDc4NDM2NEJD
N0I1NEE5MjBGNDdCQjM4N0QxNjgyNUQ5QUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmjRf1ax7VhO1Z+UREyID8LwKdm6RA9ijXF85eTmAW0gdrrGrW
4y9sqDVFWO61K3+Nq9Qh2Wi47kuLiKto/i0yXzor4rIJ6VIrcyhr4G+HykPWvnrz
VqyDB7JGGjACOu/xxyLi2WImFzX/is+Z7o752RiQP3A6usVxhDMJ+G6v6os1bw38
6VlI7EkX8n0cQdNH7bptXiT4A4JAcl49MH05dsaxCp58SY19hJuYXNv1mSBZ5t7A
N5QPbxekCCcPs9kcARvyLbxTq3T2sEYKvJeIgJGU9X7PeDv/2KKe5P3FosLENa79
fwTzEOwo5C2tWluh/jwcitzqOftIpe5V+7ezAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUNQxEeENkvHtUqSD0e7OH0Wgl2a0wHwYDVR0jBBgwFoAUtOxh7X6MZPIQMX3M
foCKnBktiEowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL3RP
eGg3WDZNWlBJUU1YM01mb0NLbkJrdGlFby5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
dE94aDdYNk1aUElRTVgzTWZvQ0tuQmt0aUVvLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL05ReEVlRU5rdkh0VXFTRDBlN09IMFdn
bDJhMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATLduAwDQYJ
KoZIhvcNAQELBQADggEBAHppeaS6GwaFoXwDha/0bF5vJWO5Hc7/qBeGPbCzJdRm
OA+K3H6zOZTd12eIK3YjyaqSLEq5yN8q5jJW+6ZZ+ApIEuJUOaA24V5XVx9aq133
yExds/aeKOoZSTYiD1Oahlpc+OYhAUMxEKbVZFweNXoZ2r17OKKQBuofiqJXVOVm
g9jM78cWFM6F3hIO6k0RVcwFiTsTK5p10eyX2vtTKUldKwaTtanpyfAx57QqTRta
ngwB+W0CQ9IQuW1XRb8/fPbaplihAgx7sXU8LCPBcEmSgOnp7uuhr2ukeeO6Nt/L
zozXJzQCte6bdZEAfRl7IvorQ0fSevL27vstshkeT7Y=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org