Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HST/OKZ7O8qeCUHMqnUdwi-Nz8IZ7ik.roa
File: OKZ7O8qeCUHMqnUdwi-Nz8IZ7ik.roa (raw, json)
Hash identifier: lCztVNGnXbZro2mBvqMz6RFwkaT8NrcQPvWSWnXjI5c=
Subject key identifier: 38:A6:7B:3B:CA:9E:09:41:CC:AA:75:1D:C2:2F:8D:CF:C2:19:EE:29
Certificate issuer: /CN=833D5BF79B45C730ED141CB539A508D01AA30908
Certificate serial: 088B
Authority key identifier: 83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/OKZ7O8qeCUHMqnUdwi-Nz8IZ7ik.roa
Signing time: Fri 01 Sep 2023 09:00:47 +0000
ROA not before: Fri 01 Sep 2023 09:00:47 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131666
IP address blocks: 103.144.34.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2187 (0x88b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833D5BF79B45C730ED141CB539A508D01AA30908
Validity
Not Before: Sep 1 09:00:47 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=38A67B3BCA9E0941CCAA751DC22F8DCFC219EE29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:00:af:2a:8d:2d:98:dd:29:47:b8:c5:99:9e:
00:4f:cb:a7:74:7c:1c:c8:35:4e:3c:3b:d6:10:29:
36:67:db:33:31:4a:6d:c9:d0:b3:d9:c3:1d:30:c1:
23:c0:77:89:45:21:33:0f:4c:ea:29:7a:90:e3:1e:
f7:8a:fd:1d:59:e7:bc:c9:8e:9a:b8:82:0b:69:35:
ae:80:66:cd:c2:cf:42:55:bc:fe:23:0b:f7:f7:b3:
1b:59:e3:19:8a:cd:52:73:81:15:f4:9d:44:50:4d:
01:2f:14:76:8b:62:32:6f:b3:f4:dc:78:90:c3:c0:
c6:b5:d3:b0:2a:fd:7f:87:9a:99:74:a9:e4:59:fc:
95:a6:27:91:c8:74:d1:1f:c2:65:97:84:53:9e:5a:
68:dd:0a:b1:e8:c2:f2:c5:30:ff:c9:7f:56:a2:d7:
25:ab:b3:bd:15:a4:b4:ea:eb:62:62:85:22:bd:e0:
d3:3a:55:c6:5e:51:52:20:36:9f:b5:ae:34:14:d6:
82:63:fa:fe:48:6f:4f:c2:b4:b2:60:74:3b:3b:3f:
df:f9:0a:f0:ef:66:e3:36:60:7a:93:58:9d:e5:0f:
13:a8:ab:22:5a:36:0c:9c:20:7a:68:17:da:28:3c:
47:12:b2:54:23:b2:50:da:aa:2c:c4:37:e5:2a:75:
60:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:A6:7B:3B:CA:9E:09:41:CC:AA:75:1D:C2:2F:8D:CF:C2:19:EE:29
X509v3 Authority Key Identifier:
keyid:83:3D:5B:F7:9B:45:C7:30:ED:14:1C:B5:39:A5:08:D0:1A:A3:09:08
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/gz1b95tFxzDtFBy1OaUI0BqjCQg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gz1b95tFxzDtFBy1OaUI0BqjCQg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HST/OKZ7O8qeCUHMqnUdwi-Nz8IZ7ik.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.144.34.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:4a:26:04:04:90:88:9e:88:89:86:99:98:e9:b7:02:ab:a8:
0f:66:8f:02:0e:b6:69:cc:8f:43:d0:c8:ae:b5:7b:91:e6:e4:
9d:db:0a:3b:02:5e:f0:fd:60:fd:d0:e5:8c:4e:1c:38:fc:ac:
4f:68:72:86:bd:ae:8c:f9:68:8f:73:e8:3b:3c:11:cc:2a:45:
1b:c6:91:82:77:5e:eb:cc:38:10:ce:30:12:0c:63:fa:24:f2:
e0:5f:f1:17:c7:54:50:47:bc:82:57:4b:e8:61:56:fc:15:7a:
f7:46:1f:0c:e2:49:60:26:e6:5f:4b:00:8c:72:da:5c:c5:ec:
32:fa:02:a6:16:f2:76:4e:bb:7c:87:90:e3:46:5a:63:93:92:
f8:94:89:5b:2b:6a:db:d7:5d:2b:94:1a:d1:27:c8:27:70:73:
49:51:fb:b8:28:8a:2a:32:19:2c:a9:20:cb:b1:07:a0:20:3e:
2b:4a:38:07:cd:94:da:79:27:4d:c8:0d:ce:c0:35:d5:f9:f4:
fd:d5:de:ac:a0:26:a6:c9:d5:21:55:12:45:f7:24:53:91:fd:
8f:bd:b1:0d:05:23:0a:16:95:c0:05:f4:4c:44:fe:7d:9e:4e:
6c:29:d0:96:a2:a2:a1:28:d2:13:7b:41:d4:9e:01:dc:d9:3c:
d2:5f:63:cf
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCIswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMz
RDVCRjc5QjQ1QzczMEVEMTQxQ0I1MzlBNTA4RDAxQUEzMDkwODAeFw0yMzA5MDEw
OTAwNDdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM4QTY3QjNCQ0E5RTA5
NDFDQ0FBNzUxREMyMkY4RENGQzIxOUVFMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxAK8qjS2Y3SlHuMWZngBPy6d0fBzINU48O9YQKTZn2zMxSm3J
0LPZwx0wwSPAd4lFITMPTOopepDjHveK/R1Z57zJjpq4ggtpNa6AZs3Cz0JVvP4j
C/f3sxtZ4xmKzVJzgRX0nURQTQEvFHaLYjJvs/TceJDDwMa107Aq/X+Hmpl0qeRZ
/JWmJ5HIdNEfwmWXhFOeWmjdCrHowvLFMP/Jf1ai1yWrs70VpLTq62JihSK94NM6
VcZeUVIgNp+1rjQU1oJj+v5Ib0/CtLJgdDs7P9/5CvDvZuM2YHqTWJ3lDxOoqyJa
NgycIHpoF9ooPEcSslQjslDaqizEN+UqdWCPAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUOKZ7O8qeCUHMqnUdwi+Nz8IZ7ikwHwYDVR0jBBgwFoAUgz1b95tFxzDtFBy1
OaUI0BqjCQgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL2d6
MWI5NXRGeHpEdEZCeTFPYVVJMEJxakNRZy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
Z3oxYjk1dEZ4ekR0RkJ5MU9hVUkwQnFqQ1FnLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFNUL09LWjdPOHFlQ1VITXFuVWR3aS1OejhJ
Wjdpay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnkCIwDQYJ
KoZIhvcNAQELBQADggEBAKZKJgQEkIieiImGmZjptwKrqA9mjwIOtmnMj0PQyK61
e5Hm5J3bCjsCXvD9YP3Q5YxOHDj8rE9ocoa9roz5aI9z6Ds8EcwqRRvGkYJ3XuvM
OBDOMBIMY/ok8uBf8RfHVFBHvIJXS+hhVvwVevdGHwziSWAm5l9LAIxy2lzF7DL6
AqYW8nZOu3yHkONGWmOTkviUiVsratvXXSuUGtEnyCdwc0lR+7goiioyGSypIMux
B6AgPitKOAfNlNp5J03IDc7ANdX59P3V3qygJqbJ1SFVEkX3JFOR/Y+9sQ0FIwoW
lcAF9ExE/n2eTmwp0JaioqEo0hN7QdSeAdzZPNJfY88=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:20 2024 by rpki-client on console-fra.rpki-client.org