Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/IgL8zeEbeJfn8fJBAvUjZRg_dcE.roa
File: IgL8zeEbeJfn8fJBAvUjZRg_dcE.roa (raw, json)
Hash identifier: ZkedyTGi+7OsDNWoBiAB8yY9dQdyNfFhlzHW8DbMPa8=
Subject key identifier: 22:02:FC:CD:E1:1B:78:97:E7:F1:F2:41:02:F5:23:65:18:3F:75:C1
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0FA9
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IgL8zeEbeJfn8fJBAvUjZRg_dcE.roa
Signing time: Fri 01 Sep 2023 08:57:21 +0000
ROA not before: Fri 01 Sep 2023 08:57:21 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 3462
IP address blocks: 210.71.128.0/17 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4009 (0xfa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 1 08:57:21 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2202FCCDE11B7897E7F1F24102F52365183F75C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ef:bc:21:cd:a4:2f:10:db:c8:6b:4c:df:a3:
22:a0:9a:52:35:3c:f2:50:97:46:c4:b1:9d:c6:4b:
85:6c:00:36:da:0c:0a:01:cb:bb:de:78:ed:ab:04:
b5:40:94:98:4d:b8:1d:71:3b:0a:c4:90:c3:d2:44:
a5:29:1b:e8:91:88:f3:45:4b:74:8c:d5:7e:b6:74:
e6:6e:8b:93:a1:7b:0d:a4:db:53:9a:ec:e0:db:1a:
8d:ef:2f:41:1e:5d:a4:62:35:bd:24:7d:a7:fa:60:
f5:b1:5e:93:c5:18:17:45:52:31:c9:76:c1:76:9e:
9f:38:96:af:5d:fe:e5:69:ef:65:82:88:65:b6:19:
44:3e:0c:5d:5e:a7:5f:53:13:8c:43:df:f0:b5:3a:
74:a3:ea:0d:f5:a1:b7:00:df:e3:c8:5d:61:79:8b:
21:8b:60:8b:bd:72:c0:6a:15:26:7e:66:b2:9f:10:
7a:13:98:87:2a:4d:9d:da:67:44:e9:a4:70:bd:3c:
22:3d:6b:c3:82:11:c7:42:78:9b:b9:cd:5c:ef:f9:
5d:b9:d1:6b:31:8a:a7:8d:85:5f:1d:7a:b2:89:53:
86:70:94:8d:5e:a7:b3:5f:27:bf:32:5c:90:3a:e2:
fd:56:fb:c7:59:4f:50:06:4a:22:d5:0b:0d:c9:37:
03:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:02:FC:CD:E1:1B:78:97:E7:F1:F2:41:02:F5:23:65:18:3F:75:C1
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IgL8zeEbeJfn8fJBAvUjZRg_dcE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.71.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9c:95:77:50:3b:8b:8e:b0:0f:dd:68:12:31:78:48:c1:7e:31:
69:99:d3:df:51:62:3b:5f:22:fe:c5:58:68:9f:66:61:2f:69:
d7:71:bf:78:51:66:5c:c1:9e:a9:ac:a3:91:4a:88:cf:f8:c5:
18:25:10:df:b4:29:64:9d:6c:44:77:b8:bd:fa:05:3a:aa:53:
8f:f2:70:ca:ab:89:ad:53:f9:14:b1:82:e5:af:2a:33:f0:cc:
ba:ed:2a:1d:29:e1:90:64:2f:54:ae:af:96:b8:e0:d9:40:85:
40:b6:fa:62:12:45:2f:11:d3:07:c9:f8:32:a8:70:9d:2a:5b:
09:27:f9:eb:0e:3f:ba:1a:e6:86:7a:9f:58:4d:07:25:72:0b:
8d:06:72:85:1a:4a:2f:a4:ff:9d:d2:a2:16:8a:90:f2:39:6b:
dc:7c:a2:b6:02:85:0a:4e:60:b2:62:9b:fd:e3:e5:ce:a2:bf:
4f:63:24:3c:2f:74:bd:f3:55:d1:5a:33:01:69:e7:70:a2:80:
f6:38:47:c0:e6:c3:ac:e9:3b:0d:1a:cb:00:3d:90:17:2f:0c:
e2:e5:9b:22:ad:c9:4a:62:27:9c:24:25:f9:cd:e9:51:e5:ca:
39:ed:69:73:3f:f8:be:10:92:e9:6c:4d:ed:cb:ba:c5:44:d5:
ff:92:50:7a
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICD6kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw
ODU3MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIyMDJGQ0NERTExQjc4
OTdFN0YxRjI0MTAyRjUyMzY1MTgzRjc1QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv77whzaQvENvIa0zfoyKgmlI1PPJQl0bEsZ3GS4VsADbaDAoB
y7veeO2rBLVAlJhNuB1xOwrEkMPSRKUpG+iRiPNFS3SM1X62dOZui5Ohew2k21Oa
7ODbGo3vL0EeXaRiNb0kfaf6YPWxXpPFGBdFUjHJdsF2np84lq9d/uVp72WCiGW2
GUQ+DF1ep19TE4xD3/C1OnSj6g31obcA3+PIXWF5iyGLYIu9csBqFSZ+ZrKfEHoT
mIcqTZ3aZ0TppHC9PCI9a8OCEcdCeJu5zVzv+V250WsxiqeNhV8derKJU4ZwlI1e
p7NfJ78yXJA64v1W+8dZT1AGSiLVCw3JNwOFAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUIgL8zeEbeJfn8fJBAvUjZRg/dcEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9JZ0w4emVFYmVKZm44ZkpCQXZV
alpSZ19kY0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH0keA
MA0GCSqGSIb3DQEBCwUAA4IBAQCclXdQO4uOsA/daBIxeEjBfjFpmdPfUWI7XyL+
xVhon2ZhL2nXcb94UWZcwZ6prKORSojP+MUYJRDftClknWxEd7i9+gU6qlOP8nDK
q4mtU/kUsYLlryoz8My67SodKeGQZC9Urq+WuODZQIVAtvpiEkUvEdMHyfgyqHCd
KlsJJ/nrDj+6GuaGep9YTQclcguNBnKFGkovpP+d0qIWipDyOWvcfKK2AoUKTmCy
Ypv94+XOor9PYyQ8L3S981XRWjMBaedwooD2OEfA5sOs6TsNGssAPZAXLwzi5Zsi
rclKYiecJCX5zelR5co57WlzP/i+EJLpbE3ty7rFRNX/klB6
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org