Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GTT/oLx6QWzzTKsAF5t909uiO5KoW84.roa
File: oLx6QWzzTKsAF5t909uiO5KoW84.roa (raw, json)
Hash identifier: cCk7GJycLnLO91PqoarVsLqMiNZx34Ezz/l5ORDBnPs=
Subject key identifier: A0:BC:7A:41:6C:F3:4C:AB:00:17:9B:7D:D3:DB:A2:3B:92:A8:5B:CE
Certificate issuer: /CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Certificate serial: 0B23
Authority key identifier: B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/oLx6QWzzTKsAF5t909uiO5KoW84.roa
Signing time: Fri 01 Sep 2023 08:55:27 +0000
ROA not before: Fri 01 Sep 2023 08:55:27 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9416
IP address blocks: 203.118.224.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2851 (0xb23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B4EC61ED7E8C64F210317DCC7E808A9C192D884A
Validity
Not Before: Sep 1 08:55:27 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A0BC7A416CF34CAB00179B7DD3DBA23B92A85BCE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2a:37:0a:97:4e:e5:28:3a:2c:bf:6b:24:22:
39:8d:df:35:50:3a:09:c1:20:16:28:3d:cc:2f:2e:
43:d7:5f:7c:bc:ca:3e:23:17:7a:b9:0a:05:84:7f:
d0:12:40:7a:3b:a8:da:c2:a7:db:29:46:fc:1e:c9:
67:67:93:7f:3e:0b:5c:94:a6:8a:27:f8:1e:34:aa:
bd:72:26:f3:5a:d7:5a:23:d8:0e:11:9a:52:09:03:
45:38:48:9d:c4:63:39:d9:bc:eb:18:f8:e7:e0:32:
d5:0b:8c:70:dd:c4:94:3b:10:09:ee:8d:67:44:04:
7a:47:93:9f:b2:fe:0e:41:e0:10:05:e6:cd:b4:8c:
4d:13:e4:37:d4:4b:4c:c3:b6:4d:e4:2b:bf:d3:d5:
1c:ca:11:64:d4:68:d4:40:2d:fc:c5:84:4d:d0:20:
30:f5:8a:fd:17:cd:ca:c8:aa:a1:71:52:70:25:59:
aa:63:fa:90:b7:4b:77:27:0a:4d:63:4e:64:2c:2d:
79:10:09:93:09:7d:dd:8e:9f:26:15:89:60:c9:a3:
46:80:67:f5:13:80:96:7c:4d:f3:07:35:35:42:e8:
eb:95:d3:a7:a1:0b:09:49:e7:b7:30:32:d9:69:fe:
3b:91:14:da:25:68:58:04:e9:9f:a5:d9:8d:8e:6d:
24:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BC:7A:41:6C:F3:4C:AB:00:17:9B:7D:D3:DB:A2:3B:92:A8:5B:CE
X509v3 Authority Key Identifier:
keyid:B4:EC:61:ED:7E:8C:64:F2:10:31:7D:CC:7E:80:8A:9C:19:2D:88:4A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/tOxh7X6MZPIQMX3MfoCKnBktiEo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tOxh7X6MZPIQMX3MfoCKnBktiEo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GTT/oLx6QWzzTKsAF5t909uiO5KoW84.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.118.224.0/20
Signature Algorithm: sha256WithRSAEncryption
0d:73:a3:59:87:8d:33:2e:3c:5c:a4:33:ae:ca:80:a8:95:1e:
e6:0b:1f:63:9a:d0:7a:cd:a1:db:48:db:2c:f8:5a:e8:56:5e:
ff:62:0e:d9:65:69:1d:fa:66:33:2d:d7:e7:6b:67:53:c0:82:
95:49:9d:59:72:13:f2:3c:57:5f:fd:af:2d:c8:59:c3:7a:3e:
37:9e:b0:c4:0b:01:a9:85:97:54:e1:24:df:ef:ee:9b:0b:5b:
c3:85:c8:81:a3:11:1a:83:91:c5:86:be:79:de:8f:52:5b:82:
13:36:b5:fc:8e:9b:e9:1d:b2:23:ee:43:22:42:1c:a5:c0:bb:
ef:a8:fb:f1:86:98:83:ea:40:b1:64:9a:46:aa:d8:1d:e8:76:
e3:a5:b8:1a:a4:20:23:da:b3:a3:e3:37:55:14:8f:9f:04:8e:
2b:8b:3d:a1:bb:a2:3f:4b:0f:90:a6:1c:0b:e6:e9:04:c2:51:
be:8f:e4:15:3e:41:90:b8:9b:b0:f1:93:97:fb:d3:43:5b:3b:
82:49:a5:a4:fe:75:30:b1:08:be:96:55:b4:9d:c1:b6:d0:2a:
e6:ff:3a:f2:a7:0c:4d:28:8d:ec:5c:80:a3:1f:cb:ca:dc:84:
5c:f9:19:aa:15:7b:82:3f:3c:ed:a6:ba:6f:da:9d:f3:85:36:
7d:4a:9f:54
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCyMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjRF
QzYxRUQ3RThDNjRGMjEwMzE3RENDN0U4MDhBOUMxOTJEODg0QTAeFw0yMzA5MDEw
ODU1MjdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEwQkM3QTQxNkNGMzRD
QUIwMDE3OUI3REQzREJBMjNCOTJBODVCQ0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoKjcKl07lKDosv2skIjmN3zVQOgnBIBYoPcwvLkPXX3y8yj4j
F3q5CgWEf9ASQHo7qNrCp9spRvweyWdnk38+C1yUpoon+B40qr1yJvNa11oj2A4R
mlIJA0U4SJ3EYznZvOsY+OfgMtULjHDdxJQ7EAnujWdEBHpHk5+y/g5B4BAF5s20
jE0T5DfUS0zDtk3kK7/T1RzKEWTUaNRALfzFhE3QIDD1iv0XzcrIqqFxUnAlWapj
+pC3S3cnCk1jTmQsLXkQCZMJfd2OnyYViWDJo0aAZ/UTgJZ8TfMHNTVC6OuV06eh
CwlJ57cwMtlp/juRFNolaFgE6Z+l2Y2ObSR1AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUoLx6QWzzTKsAF5t909uiO5KoW84wHwYDVR0jBBgwFoAUtOxh7X6MZPIQMX3M
foCKnBktiEowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL3RP
eGg3WDZNWlBJUU1YM01mb0NLbkJrdGlFby5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
dE94aDdYNk1aUElRTVgzTWZvQ0tuQmt0aUVvLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1RUL29MeDZRV3p6VEtzQUY1dDkwOXVpTzVL
b1c4NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATLduAwDQYJ
KoZIhvcNAQELBQADggEBAA1zo1mHjTMuPFykM67KgKiVHuYLH2Oa0HrNodtI2yz4
WuhWXv9iDtllaR36ZjMt1+drZ1PAgpVJnVlyE/I8V1/9ry3IWcN6PjeesMQLAamF
l1ThJN/v7psLW8OFyIGjERqDkcWGvnnej1JbghM2tfyOm+kdsiPuQyJCHKXAu++o
+/GGmIPqQLFkmkaq2B3oduOluBqkICPas6PjN1UUj58EjiuLPaG7oj9LD5CmHAvm
6QTCUb6P5BU+QZC4m7Dxk5f700NbO4JJpaT+dTCxCL6WVbSdwbbQKub/OvKnDE0o
jexcgKMfy8rchFz5GaoVe4I/PO2mum/anfOFNn1Kn1Q=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org