Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IAMT/fROOYKkZfST-8jX2yhCUDga4s5c.roa
File: fROOYKkZfST-8jX2yhCUDga4s5c.roa (raw, json)
Hash identifier: izJbDeclE5gfO03DGKfHymVbWg86TY59kcUgfrHxr7E=
Subject key identifier: 7D:13:8E:60:A9:19:7D:24:FE:F2:35:F6:CA:10:94:0E:06:B8:B3:97
Certificate issuer: /CN=F33A72AAF798105BB277F094458E464B4659F803
Certificate serial: 7A
Authority key identifier: F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/fROOYKkZfST-8jX2yhCUDga4s5c.roa
Signing time: Fri 02 Aug 2024 14:03:53 +0000
ROA not before: Fri 02 Aug 2024 14:03:53 +0000
ROA not after: Fri 21 Mar 2025 15:30:27 +0000
asID: 199414
IP address blocks: 157.20.248.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122 (0x7a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F33A72AAF798105BB277F094458E464B4659F803
Validity
Not Before: Aug 2 14:03:53 2024 GMT
Not After : Mar 21 15:30:27 2025 GMT
Subject: CN=7D138E60A9197D24FEF235F6CA10940E06B8B397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:b5:c6:22:95:4c:ad:4e:01:3b:23:da:fb:03:
d5:f4:75:6b:79:07:ac:b1:78:63:53:a4:07:2c:0c:
b0:28:0d:5d:a6:94:dc:e6:75:f9:51:51:ee:f0:04:
bb:b9:a3:98:35:65:be:54:a1:a6:bf:7a:93:68:bc:
61:05:eb:2d:93:09:3d:b8:f5:a6:20:02:46:44:fd:
6a:09:c9:ad:e6:53:0a:ed:7a:9b:75:67:26:24:e5:
a8:cf:06:45:a7:18:f2:58:b2:e0:3d:2d:b4:95:c3:
0d:9f:d8:5a:b5:76:16:ce:7e:7b:01:bf:fd:6b:56:
ad:d1:26:3f:c3:70:86:cb:c2:a5:e5:a8:d9:26:b4:
52:13:84:e0:e2:97:17:52:91:e4:6e:6e:7b:88:8a:
03:5d:dd:65:8a:81:51:e8:e7:58:dc:6b:e9:05:32:
fd:38:c7:43:e2:e3:e9:46:1c:f3:22:e4:68:6d:9c:
f8:55:b2:bf:76:b1:73:19:c4:b2:08:97:a5:5d:fe:
e4:a5:43:6e:8c:95:6b:18:b8:42:a3:17:c8:7b:b5:
ef:04:9e:c9:f9:f6:8c:e8:8b:19:06:d7:e6:fe:bc:
82:5f:cc:c1:08:54:1d:84:08:21:c3:6a:d9:3f:a3:
e3:b8:52:84:73:af:68:cd:78:8c:56:23:0b:c3:dd:
e0:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:13:8E:60:A9:19:7D:24:FE:F2:35:F6:CA:10:94:0E:06:B8:B3:97
X509v3 Authority Key Identifier:
keyid:F3:3A:72:AA:F7:98:10:5B:B2:77:F0:94:45:8E:46:4B:46:59:F8:03
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/8zpyqveYEFuyd_CURY5GS0ZZ-AM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/8zpyqveYEFuyd_CURY5GS0ZZ-AM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IAMT/fROOYKkZfST-8jX2yhCUDga4s5c.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.20.248.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:00:8f:f8:54:2e:95:b8:88:d0:39:63:f3:23:30:a9:04:55:
5a:3d:07:ee:d6:3d:fe:69:d3:57:44:92:36:39:ee:af:af:93:
e0:73:c9:7e:88:2c:ea:c9:05:e6:d0:2a:f5:50:cb:00:db:95:
85:85:6f:8f:b1:97:72:90:0b:1f:aa:c1:bb:8e:a1:03:70:f5:
02:9c:ee:7a:8f:00:c3:10:91:b1:04:28:89:19:57:4b:8b:a1:
fc:fe:75:f4:ad:b2:78:ff:e4:5e:a8:3d:5e:45:55:07:ff:4b:
7a:7a:08:e5:19:f0:f3:97:9f:9d:d1:cd:d6:c1:ec:9e:90:ad:
29:26:f2:bc:de:ca:e4:3d:a6:b2:b8:06:a8:c2:86:45:ee:bf:
40:27:b2:8a:99:83:d7:93:ad:a8:7c:8b:db:59:ab:5b:9d:db:
6e:62:78:2c:27:cc:40:f1:c7:31:b9:af:ed:70:fc:2a:10:40:
7c:7f:b5:f9:e5:aa:af:25:5b:38:33:af:94:eb:ce:b7:1c:fd:
70:cb:87:7a:e7:40:37:96:ad:16:57:ce:01:c3:08:d1:ef:21:
91:49:66:e1:68:d6:a5:4a:d9:f0:b4:aa:4a:9b:f4:35:03:cf:
58:cf:ee:12:13:33:70:c9:a7:f2:32:5d:ac:8d:be:ed:ed:4f:
ba:a2:4a:78
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGMzNB
NzJBQUY3OTgxMDVCQjI3N0YwOTQ0NThFNDY0QjQ2NTlGODAzMB4XDTI0MDgwMjE0
MDM1M1oXDTI1MDMyMTE1MzAyN1owMzExMC8GA1UEAxMoN0QxMzhFNjBBOTE5N0Qy
NEZFRjIzNUY2Q0ExMDk0MEUwNkI4QjM5NzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMi1xiKVTK1OATsj2vsD1fR1a3kHrLF4Y1OkBywMsCgNXaaU3OZ1
+VFR7vAEu7mjmDVlvlShpr96k2i8YQXrLZMJPbj1piACRkT9agnJreZTCu16m3Vn
JiTlqM8GRacY8liy4D0ttJXDDZ/YWrV2Fs5+ewG//WtWrdEmP8NwhsvCpeWo2Sa0
UhOE4OKXF1KR5G5ue4iKA13dZYqBUejnWNxr6QUy/TjHQ+Lj6UYc8yLkaG2c+FWy
v3axcxnEsgiXpV3+5KVDboyVaxi4QqMXyHu17wSeyfn2jOiLGQbX5v68gl/MwQhU
HYQIIcNq2T+j47hShHOvaM14jFYjC8Pd4NcCAwEAAaOCAeowggHmMB0GA1UdDgQW
BBR9E45gqRl9JP7yNfbKEJQOBrizlzAfBgNVHSMEGDAWgBTzOnKq95gQW7J38JRF
jkZLRln4AzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9JQU1ULzh6
cHlxdmVZRUZ1eWRfQ1VSWTVHUzBaWi1BTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
OHpweXF2ZVlFRnV5ZF9DVVJZNUdTMFpaLUFNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSUFNVC9mUk9PWUtrWmZTVC04algyeWhDVURn
YTRzNWMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnRT4MA0G
CSqGSIb3DQEBCwUAA4IBAQCeAI/4VC6VuIjQOWPzIzCpBFVaPQfu1j3+adNXRJI2
Oe6vr5Pgc8l+iCzqyQXm0Cr1UMsA25WFhW+PsZdykAsfqsG7jqEDcPUCnO56jwDD
EJGxBCiJGVdLi6H8/nX0rbJ4/+ReqD1eRVUH/0t6egjlGfDzl5+d0c3WweyekK0p
JvK83srkPaayuAaowoZF7r9AJ7KKmYPXk62ofIvbWatbndtuYngsJ8xA8ccxua/t
cPwqEEB8f7X55aqvJVs4M6+U6863HP1wy4d650A3lq0WV84BwwjR7yGRSWbhaNal
StnwtKpKm/Q1A89Yz+4SEzNwyafyMl2sjb7t7U+6okp4
-----END CERTIFICATE-----
Generated at Fri Aug 2 17:58:38 2024 by rpki-client on console-fra.rpki-client.org