Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/KCdtbHtnG1gZ6FKV89qQuzfg6Pk.roa
File: KCdtbHtnG1gZ6FKV89qQuzfg6Pk.roa (raw, json)
Hash identifier: 4RwA9KI7KVUWbDaiXyefUs67IpG8p4OrO0b4KTbCjhs=
Subject key identifier: 28:27:6D:6C:7B:67:1B:58:19:E8:52:95:F3:DA:90:BB:37:E0:E8:F9
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 7C
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/KCdtbHtnG1gZ6FKV89qQuzfg6Pk.roa
Signing time: Fri 02 Aug 2024 14:04:07 +0000
ROA not before: Fri 02 Aug 2024 14:04:07 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 199414
IP address blocks: 157.20.249.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124 (0x7c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: Aug 2 14:04:07 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=28276D6C7B671B5819E85295F3DA90BB37E0E8F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:39:67:80:71:b1:89:39:4a:71:6e:a1:6f:8c:
10:25:9f:f9:25:b6:40:92:5c:9d:4a:22:2d:44:ea:
b2:cd:ea:cc:a3:31:28:4f:be:5c:8a:b0:27:1f:f8:
33:cc:8a:98:ab:69:96:25:99:d9:56:58:d0:41:b8:
62:de:38:7e:1f:f2:d4:38:85:ad:a9:20:e2:79:5e:
da:16:91:ee:d4:8b:3f:0d:0f:5f:74:9f:44:4a:50:
03:ae:52:75:55:00:bd:3f:2d:b9:13:8b:4b:02:f7:
eb:e5:7e:85:86:59:99:2b:c6:c4:99:67:38:5d:a0:
ac:fe:d0:31:45:91:1f:04:ba:fb:ca:5a:16:a8:84:
17:3f:91:51:4a:d1:08:31:6f:f0:20:3d:58:bb:d2:
0c:88:43:4f:63:50:84:b7:06:0e:02:00:14:94:3f:
d5:3e:b9:ce:c8:d1:47:99:90:3a:f9:45:27:32:b9:
37:e2:72:91:75:c6:08:ed:52:1d:50:88:e6:b2:d7:
45:30:f7:77:ff:ce:8a:6e:e6:40:a0:ee:4c:01:9b:
03:4c:fb:fa:db:8c:10:f4:11:a8:82:7f:a5:37:80:
23:28:98:d0:c9:97:cb:d7:65:f7:b6:da:37:9a:3b:
f6:4b:cf:e3:c1:70:0b:36:c2:d4:af:69:6e:d8:97:
e8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:27:6D:6C:7B:67:1B:58:19:E8:52:95:F3:DA:90:BB:37:E0:E8:F9
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/KCdtbHtnG1gZ6FKV89qQuzfg6Pk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.249.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:89:e3:ce:2b:00:49:6f:c8:d3:a4:dd:73:c7:f4:02:51:50:
22:27:ac:ad:f5:f9:6d:5b:a2:9b:d4:27:14:fe:9e:de:6d:73:
5b:f8:0c:78:28:93:b0:7f:a2:18:f5:2a:d5:3b:dc:e4:ab:1b:
1e:47:95:c8:b3:32:41:c5:e4:f8:4d:d4:8e:d9:52:c9:f8:6a:
c8:6f:3e:67:8a:de:1a:58:f5:76:26:6c:3d:b0:63:e9:46:c7:
49:07:2f:19:44:f3:df:e2:d5:58:c2:51:b2:ea:dd:84:2d:22:
35:19:ce:60:fd:40:44:10:7d:2d:14:34:b8:8d:00:0e:4f:32:
ed:35:c8:ce:8e:95:c5:56:6c:0f:6c:bd:48:de:1c:20:03:2f:
01:90:e8:8c:d9:c5:06:94:95:6b:ba:73:14:a4:02:b7:4d:02:
f4:40:ce:54:d8:98:e2:9c:42:0c:d3:f6:1c:6d:0d:83:1a:05:
68:52:19:c3:0a:bd:75:39:82:fc:6e:7f:50:bc:d7:25:68:35:
ed:e8:e6:1a:51:11:8c:a3:c9:d3:0c:25:0b:c2:37:35:0a:80:
b6:02:aa:ce:13:ae:84:e8:33:bc:96:37:c2:8e:50:34:88:3f:
06:71:85:26:50:04:d9:16:85:95:e0:b9:a8:32:36:22:ee:2a:
83:74:29:1e
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDgwMjE0
MDQwN1oXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoMjgyNzZENkM3QjY3MUI1
ODE5RTg1Mjk1RjNEQTkwQkIzN0UwRThGOTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL45Z4BxsYk5SnFuoW+MECWf+SW2QJJcnUoiLUTqss3qzKMxKE++
XIqwJx/4M8yKmKtpliWZ2VZY0EG4Yt44fh/y1DiFrakg4nle2haR7tSLPw0PX3Sf
REpQA65SdVUAvT8tuROLSwL36+V+hYZZmSvGxJlnOF2grP7QMUWRHwS6+8paFqiE
Fz+RUUrRCDFv8CA9WLvSDIhDT2NQhLcGDgIAFJQ/1T65zsjRR5mQOvlFJzK5N+Jy
kXXGCO1SHVCI5rLXRTD3d//Oim7mQKDuTAGbA0z7+tuMEPQRqIJ/pTeAIyiY0MmX
y9dl97baN5o79kvP48FwCzbC1K9pbtiX6I8CAwEAAaOCAeowggHmMB0GA1UdDgQW
BBQoJ21se2cbWBnoUpXz2pC7N+Do+TAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC9LQ2R0Ykh0bkcxZ1o2RktWODlxUXV6
Zmc2UGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT5MA0G
CSqGSIb3DQEBCwUAA4IBAQBLiePOKwBJb8jTpN1zx/QCUVAiJ6yt9fltW6Kb1CcU
/p7ebXNb+Ax4KJOwf6IY9SrVO9zkqxseR5XIszJBxeT4TdSO2VLJ+GrIbz5nit4a
WPV2Jmw9sGPpRsdJBy8ZRPPf4tVYwlGy6t2ELSI1Gc5g/UBEEH0tFDS4jQAOTzLt
NcjOjpXFVmwPbL1I3hwgAy8BkOiM2cUGlJVrunMUpAK3TQL0QM5U2JjinEIM0/Yc
bQ2DGgVoUhnDCr11OYL8bn9QvNclaDXt6OYaURGMo8nTDCULwjc1CoC2AqrOE66E
6DO8ljfCjlA0iD8GcYUmUATZFoWV4LmoMjYi7iqDdCke
-----END CERTIFICATE-----
Generated at Fri Aug 2 17:58:38 2024 by rpki-client on console-fra.rpki-client.org