Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/IDT/CVYyknbHaylRg0XoSH8dCvbXxlQ.roa
File: CVYyknbHaylRg0XoSH8dCvbXxlQ.roa (raw, json)
Hash identifier: QP93ZlTMYcjE0EBBm8wOO+yYzKuPKaMbA1MqMWpBJsU=
Subject key identifier: 09:56:32:92:76:C7:6B:29:51:83:45:E8:48:7F:1D:0A:F6:D7:C6:54
Certificate issuer: /CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493
Certificate serial: 0398
Authority key identifier: 4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/CVYyknbHaylRg0XoSH8dCvbXxlQ.roa
Signing time: Fri 01 Sep 2023 09:01:39 +0000
ROA not before: Fri 01 Sep 2023 09:01:39 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 134823
IP address blocks: 2406:2fc0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 920 (0x398)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FA6A6A655A0C42B99C7E2087EBEF444ACB56493
Validity
Not Before: Sep 1 09:01:39 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0956329276C76B29518345E8487F1D0AF6D7C654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:0c:20:52:8a:ee:36:51:21:76:be:a6:d1:f9:
7c:1d:95:5b:60:80:e2:34:8e:a6:83:a4:b3:7b:b2:
b8:b8:1c:47:36:3d:ee:40:45:a6:3e:ce:f4:da:07:
2e:29:59:96:8e:f5:90:4e:f6:ef:1c:fc:a4:17:0c:
1b:76:11:13:fb:84:d0:ba:94:7d:4a:89:e0:e0:b1:
69:52:57:2a:a8:0f:88:5b:5e:66:3a:5c:6f:3f:12:
59:d3:ce:e7:6f:e1:a1:92:c9:a5:05:69:9c:59:fe:
6b:e1:64:f9:0e:1b:5c:6d:83:4c:27:98:34:20:44:
81:d7:c8:1b:83:c9:a5:8c:b0:98:a8:f3:6e:a4:12:
ae:45:8c:d2:ca:3c:f9:66:a1:ac:68:22:10:30:79:
54:94:e1:26:16:cc:03:61:a4:dc:1b:40:dd:ca:f9:
7a:6f:a2:15:03:a7:02:88:45:5b:33:8e:d5:ba:b1:
e9:2d:1b:40:12:39:36:79:e4:ed:21:1d:cb:3d:65:
21:53:82:fa:2f:90:c4:7f:bf:9a:2a:7f:63:74:59:
d2:f8:41:2e:08:5a:5e:57:d8:2b:d6:9e:8c:ab:9d:
c2:99:06:e8:d8:f8:b1:31:60:8a:39:f4:4d:ac:60:
0d:05:f1:a7:20:05:e0:b1:b0:d6:11:ca:62:d1:c0:
c1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:56:32:92:76:C7:6B:29:51:83:45:E8:48:7F:1D:0A:F6:D7:C6:54
X509v3 Authority Key Identifier:
keyid:4F:A6:A6:A6:55:A0:C4:2B:99:C7:E2:08:7E:BE:F4:44:AC:B5:64:93
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/T6amplWgxCuZx-IIfr70RKy1ZJM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T6amplWgxCuZx-IIfr70RKy1ZJM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/IDT/CVYyknbHaylRg0XoSH8dCvbXxlQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2406:2fc0::/32
Signature Algorithm: sha256WithRSAEncryption
44:bc:91:cb:b2:b0:99:7c:12:37:e1:93:b4:06:22:c4:09:0b:
ef:6c:c3:7f:b5:eb:46:08:c7:8f:64:d9:36:70:1a:7d:8d:8a:
cf:52:e2:84:5d:8b:2e:ed:8a:9e:84:f2:a9:de:eb:8c:d1:d4:
05:bc:7d:18:28:a0:c3:df:85:72:80:50:4a:6c:61:9f:84:80:
89:03:06:37:e0:d6:7b:fd:55:0e:78:49:3e:8d:f8:fb:35:16:
b3:37:f6:a5:be:ab:79:f2:a2:74:a2:8e:73:06:0b:d1:77:6d:
bd:db:80:6f:92:13:74:98:7e:f2:30:7c:42:51:0d:8a:26:eb:
ea:a7:67:92:b2:32:62:f8:34:df:de:d0:23:6b:de:a6:4f:9e:
f1:26:f1:c0:f6:ac:16:fe:b7:13:97:ad:35:62:92:15:63:db:
30:14:47:0f:b9:93:31:65:9b:0e:7d:4f:96:60:e2:ff:43:1d:
6b:e6:b2:a7:8d:aa:b0:68:65:7b:38:a7:ac:6a:3b:49:05:8b:
75:a4:3e:99:65:46:c6:f0:5d:c7:b8:96:5e:33:a8:1c:68:3c:
4a:a9:af:c9:1e:39:23:33:90:df:85:37:12:45:97:e0:cf:e3:
1c:90:d7:62:99:c6:0e:8c:53:d3:11:88:6e:5d:47:9a:1d:06:
fd:61:30:29
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICA5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZB
NkE2QTY1NUEwQzQyQjk5QzdFMjA4N0VCRUY0NDRBQ0I1NjQ5MzAeFw0yMzA5MDEw
OTAxMzlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDA5NTYzMjkyNzZDNzZC
Mjk1MTgzNDVFODQ4N0YxRDBBRjZEN0M2NTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD6DCBSiu42USF2vqbR+XwdlVtggOI0jqaDpLN7sri4HEc2Pe5A
RaY+zvTaBy4pWZaO9ZBO9u8c/KQXDBt2ERP7hNC6lH1KieDgsWlSVyqoD4hbXmY6
XG8/ElnTzudv4aGSyaUFaZxZ/mvhZPkOG1xtg0wnmDQgRIHXyBuDyaWMsJio826k
Eq5FjNLKPPlmoaxoIhAweVSU4SYWzANhpNwbQN3K+XpvohUDpwKIRVszjtW6sekt
G0ASOTZ55O0hHcs9ZSFTgvovkMR/v5oqf2N0WdL4QS4IWl5X2CvWnoyrncKZBujY
+LExYIo59E2sYA0F8acgBeCxsNYRymLRwMHdAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUCVYyknbHaylRg0XoSH8dCvbXxlQwHwYDVR0jBBgwFoAUT6amplWgxCuZx+II
fr70RKy1ZJMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL1Q2
YW1wbFdneEN1WngtSUlmcjcwUkt5MVpKTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
VDZhbXBsV2d4Q3VaeC1JSWZyNzBSS3kxWkpNLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSURUL0NWWXlrbmJIYXlsUmcwWG9TSDhkQ3Zi
WHhsUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkBi/AMA0G
CSqGSIb3DQEBCwUAA4IBAQBEvJHLsrCZfBI34ZO0BiLECQvvbMN/tetGCMePZNk2
cBp9jYrPUuKEXYsu7YqehPKp3uuM0dQFvH0YKKDD34VygFBKbGGfhICJAwY34NZ7
/VUOeEk+jfj7NRazN/alvqt58qJ0oo5zBgvRd22924BvkhN0mH7yMHxCUQ2KJuvq
p2eSsjJi+DTf3tAja96mT57xJvHA9qwW/rcTl601YpIVY9swFEcPuZMxZZsOfU+W
YOL/Qx1r5rKnjaqwaGV7OKesajtJBYt1pD6ZZUbG8F3HuJZeM6gcaDxKqa/JHjkj
M5DfhTcSRZfgz+MckNdimcYOjFPTEYhuXUeaHQb9YTAp
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org