Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/OXdHkIJase-Xd0ftbsVgVKbb7FI.roa
File: OXdHkIJase-Xd0ftbsVgVKbb7FI.roa (raw, json)
Hash identifier: bMb23TkCjsvBvMKPVM/LmkxcOUQyoP31LOeL1Em7pX8=
Subject key identifier: 39:77:47:90:82:5A:B1:EF:97:77:47:ED:6E:C5:60:54:A6:DB:EC:52
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0F79
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/OXdHkIJase-Xd0ftbsVgVKbb7FI.roa
Signing time: Fri 01 Sep 2023 08:57:07 +0000
ROA not before: Fri 01 Sep 2023 08:57:07 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 3462
IP address blocks: 2001:b000::/23 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3961 (0xf79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 1 08:57:07 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=39774790825AB1EF977747ED6EC56054A6DBEC52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:42:66:3c:bf:e4:38:42:2a:db:0a:4e:18:82:
5d:12:7f:a8:97:19:8a:65:3a:9b:b7:90:b4:b7:68:
e8:f7:ff:be:7e:8d:5a:56:d3:53:94:52:66:42:4e:
f9:0a:7a:a1:d7:8f:2c:98:3e:87:ae:45:01:09:c9:
a8:18:7a:47:29:6b:41:8d:83:97:a1:28:13:37:6e:
4b:6c:19:33:9e:a2:be:d0:88:a2:0e:47:bf:72:92:
80:f8:1e:33:7a:e6:1c:a6:cd:44:8b:3c:e9:32:44:
29:56:98:47:bd:28:9b:5b:72:1f:c1:0d:e6:4a:22:
27:8d:0c:f3:c4:71:d2:ac:2f:93:77:9d:1a:55:3b:
fd:73:7e:bb:6c:24:e1:a7:1f:bf:63:33:26:4f:8d:
e4:57:57:39:14:8c:59:6d:14:70:03:db:21:63:6c:
c6:1b:ca:87:14:0c:d2:b1:80:2d:81:e5:02:2f:e9:
52:e6:bb:34:1b:bb:e8:04:43:d8:1a:e3:c9:f6:ac:
49:21:aa:03:21:72:df:60:01:19:2b:4a:05:17:b2:
9a:d4:a9:56:0d:d4:46:22:87:f4:9d:f0:2e:37:29:
2d:54:82:ad:70:48:84:21:f2:c0:98:6e:18:08:20:
af:53:16:66:99:55:1a:3b:a7:4b:00:11:a3:ac:f1:
63:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:77:47:90:82:5A:B1:EF:97:77:47:ED:6E:C5:60:54:A6:DB:EC:52
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/OXdHkIJase-Xd0ftbsVgVKbb7FI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:b000::/23
Signature Algorithm: sha256WithRSAEncryption
0e:da:54:e4:6e:96:96:75:f0:be:5f:b5:b7:9e:23:de:45:91:
bc:79:5c:ff:50:8d:f2:b8:e6:e0:e9:bf:18:17:c9:b2:12:7d:
5d:68:ae:d3:66:7b:a9:b0:af:f6:bc:be:9e:ef:93:19:e7:0d:
b8:97:72:55:a4:28:f7:87:43:4e:cf:b2:7a:c3:d4:24:a5:ca:
a3:5c:15:24:47:cb:b2:30:d2:09:9a:83:47:95:4d:31:f7:66:
71:62:d8:03:44:88:cd:1b:f2:aa:61:f5:9a:ff:f8:59:44:6c:
1b:b4:07:29:fb:ac:82:2e:ff:e9:75:4c:d6:b8:83:af:64:13:
e6:aa:75:7a:a6:1b:77:6c:05:5b:a1:a6:4a:db:a8:44:15:2f:
12:8e:2e:df:2a:be:23:43:6f:06:e9:14:79:c7:7c:14:03:2c:
38:36:87:b8:6c:7d:8d:ad:69:80:4a:4c:ee:f8:95:d7:86:28:
1d:97:fa:b9:89:97:56:e9:14:30:32:c7:92:b7:7f:95:6e:6e:
9a:fa:bb:ed:4a:5e:12:13:da:96:90:0e:02:ae:94:c5:af:62:
eb:56:b6:06:68:0a:1d:52:74:d1:47:68:23:6a:80:11:38:82:
fa:bf:16:a7:9f:88:23:e4:09:1b:f8:39:d5:7f:86:a7:63:af:
b6:cd:57:54
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICD3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw
ODU3MDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM5Nzc0NzkwODI1QUIx
RUY5Nzc3NDdFRDZFQzU2MDU0QTZEQkVDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWQmY8v+Q4QirbCk4Ygl0Sf6iXGYplOpu3kLS3aOj3/75+jVpW
01OUUmZCTvkKeqHXjyyYPoeuRQEJyagYekcpa0GNg5ehKBM3bktsGTOeor7QiKIO
R79ykoD4HjN65hymzUSLPOkyRClWmEe9KJtbch/BDeZKIieNDPPEcdKsL5N3nRpV
O/1zfrtsJOGnH79jMyZPjeRXVzkUjFltFHAD2yFjbMYbyocUDNKxgC2B5QIv6VLm
uzQbu+gEQ9ga48n2rEkhqgMhct9gARkrSgUXsprUqVYN1EYih/Sd8C43KS1Ugq1w
SIQh8sCYbhgIIK9TFmaZVRo7p0sAEaOs8WNlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUOXdHkIJase+Xd0ftbsVgVKbb7FIwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9PWGRIa0lKYXNlLVhkMGZ0YnNW
Z1ZLYmI3Rkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQBIAGw
MA0GCSqGSIb3DQEBCwUAA4IBAQAO2lTkbpaWdfC+X7W3niPeRZG8eVz/UI3yuObg
6b8YF8myEn1daK7TZnupsK/2vL6e75MZ5w24l3JVpCj3h0NOz7J6w9QkpcqjXBUk
R8uyMNIJmoNHlU0x92ZxYtgDRIjNG/KqYfWa//hZRGwbtAcp+6yCLv/pdUzWuIOv
ZBPmqnV6pht3bAVboaZK26hEFS8Sji7fKr4jQ28G6RR5x3wUAyw4Noe4bH2NrWmA
Skzu+JXXhigdl/q5iZdW6RQwMseSt3+Vbm6a+rvtSl4SE9qWkA4CrpTFr2LrVrYG
aAodUnTRR2gjaoAROIL6vxann4gj5Akb+DnVf4anY6+2zVdU
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org