Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/4qGsVxU8QeO7F45fsSBlUQWGX-g.roa
File: 4qGsVxU8QeO7F45fsSBlUQWGX-g.roa (raw, json)
Hash identifier: WwivN4nLQ82D9Sle2spbWG1Bhba/sq5F3NuiH64uCjk=
Subject key identifier: E2:A1:AC:57:15:3C:41:E3:BB:17:8E:5F:B1:20:65:51:05:86:5F:E8
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0BA0
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/4qGsVxU8QeO7F45fsSBlUQWGX-g.roa
Signing time: Fri 01 Sep 2023 09:11:30 +0000
ROA not before: Fri 01 Sep 2023 09:11:30 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18042
IP address blocks: 61.67.209.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2976 (0xba0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 1 09:11:30 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=E2A1AC57153C41E3BB178E5FB120655105865FE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e6:28:b6:f5:0f:92:d2:ba:0a:c0:ae:eb:8a:
bb:46:af:3e:34:78:96:91:82:67:6d:66:4d:de:a8:
57:bd:5f:34:44:ff:9f:9a:07:74:55:ad:8f:29:b3:
a1:64:3c:4f:99:57:b8:80:c8:43:d8:52:31:2f:e0:
5d:81:db:ae:f5:ef:65:58:51:78:06:6b:a6:b2:e6:
bb:51:a1:25:36:4b:60:36:98:6c:70:c6:f2:79:f7:
8a:e9:08:60:d9:94:0e:69:b1:5b:a3:79:36:78:47:
06:c9:90:58:eb:21:46:7d:88:fe:5c:cd:6e:5d:f6:
63:e6:2b:6c:01:84:b2:5a:44:a9:0e:84:2f:da:e7:
8d:ed:90:5e:70:eb:4a:8b:e5:b3:25:6c:f7:e8:89:
16:ed:59:dc:e9:3d:2c:47:e0:15:bb:af:7a:e5:a6:
48:a6:ef:0a:2e:5c:26:d8:0b:85:cf:a5:32:75:ee:
14:6e:19:04:17:1d:33:f9:90:ce:1a:ce:dd:a0:56:
e5:2d:bb:c1:2f:6d:7d:35:47:9f:4e:20:b1:34:ba:
0c:c2:a3:37:99:7a:e8:97:c9:65:ae:1a:a7:0b:51:
a4:bf:30:05:d7:d1:00:10:c8:ae:93:8d:60:5a:35:
bd:a1:1e:d7:c3:c5:07:8e:2b:97:34:59:af:e5:9d:
d8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:A1:AC:57:15:3C:41:E3:BB:17:8E:5F:B1:20:65:51:05:86:5F:E8
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/4qGsVxU8QeO7F45fsSBlUQWGX-g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.67.209.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:10:54:ab:b1:bb:64:a1:52:14:d9:2b:f6:2d:0a:e0:d0:78:
eb:50:30:ff:ee:30:2d:a5:cc:1c:1b:e8:a7:bd:6d:50:e8:48:
15:b0:58:e0:8a:6c:be:21:a9:8c:98:f6:c8:d0:3f:69:74:96:
ee:f3:60:d9:3e:63:bc:89:29:c0:53:6a:c8:af:c8:0e:8b:99:
44:d6:df:65:16:86:82:04:03:12:6f:23:21:61:09:c5:e0:ca:
8e:37:fd:c9:c7:3c:f9:8a:18:4a:c2:ce:53:01:a3:c5:41:4c:
72:51:05:44:d6:de:70:f1:90:7f:d6:d3:0a:07:c6:04:d9:d2:
46:c6:6c:9e:b2:4c:1f:ac:95:1d:9a:54:c0:e2:86:21:5b:ca:
5e:e1:6f:43:09:c8:cb:9c:13:9f:c3:d9:25:45:14:93:5c:a0:
3a:69:39:1a:6f:1d:ed:b8:35:fb:0e:05:c4:4c:c1:56:7e:d2:
2e:df:30:fc:91:b4:e3:77:37:75:b2:61:36:95:fb:82:bc:55:
88:81:3e:19:d9:70:8b:0a:bd:40:89:1a:5a:fd:1a:c9:5e:3f:
96:2f:82:7e:65:24:eb:df:5f:44:02:09:11:0f:62:83:5f:0c:
e4:ca:19:a7:ec:9c:9f:0e:43:0b:da:ec:82:67:8d:dd:86:af:
4e:51:17:4d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMzA5MDEw
OTExMzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEUyQTFBQzU3MTUzQzQx
RTNCQjE3OEU1RkIxMjA2NTUxMDU4NjVGRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCh5ii29Q+S0roKwK7rirtGrz40eJaRgmdtZk3eqFe9XzRE/5+a
B3RVrY8ps6FkPE+ZV7iAyEPYUjEv4F2B267172VYUXgGa6ay5rtRoSU2S2A2mGxw
xvJ594rpCGDZlA5psVujeTZ4RwbJkFjrIUZ9iP5czW5d9mPmK2wBhLJaRKkOhC/a
543tkF5w60qL5bMlbPfoiRbtWdzpPSxH4BW7r3rlpkim7wouXCbYC4XPpTJ17hRu
GQQXHTP5kM4azt2gVuUtu8EvbX01R59OILE0ugzCozeZeuiXyWWuGqcLUaS/MAXX
0QAQyK6TjWBaNb2hHtfDxQeOK5c0Wa/lndh3AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU4qGsVxU8QeO7F45fsSBlUQWGX+gwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JULzRxR3NWeFU4UWVPN0Y0NWZzU0JsVVFX
R1gtZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9Q9EwDQYJ
KoZIhvcNAQELBQADggEBAKQQVKuxu2ShUhTZK/YtCuDQeOtQMP/uMC2lzBwb6Ke9
bVDoSBWwWOCKbL4hqYyY9sjQP2l0lu7zYNk+Y7yJKcBTasivyA6LmUTW32UWhoIE
AxJvIyFhCcXgyo43/cnHPPmKGErCzlMBo8VBTHJRBUTW3nDxkH/W0woHxgTZ0kbG
bJ6yTB+slR2aVMDihiFbyl7hb0MJyMucE5/D2SVFFJNcoDppORpvHe24NfsOBcRM
wVZ+0i7fMPyRtON3N3WyYTaV+4K8VYiBPhnZcIsKvUCJGlr9GsleP5Yvgn5lJOvf
X0QCCREPYoNfDOTKGafsnJ8OQwva7IJnjd2Gr05RF00=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org