Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/IhDXS0wZRH5Ga6VMhmddedRcUt4.roa
File: IhDXS0wZRH5Ga6VMhmddedRcUt4.roa (raw, json)
Hash identifier: xlDTq6rg7vaWErGFX+fCjp1o92817WOY8nPjBd0e24g=
Subject key identifier: 22:10:D7:4B:4C:19:44:7E:46:6B:A5:4C:86:67:5D:79:D4:5C:52:DE
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0BA1
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/IhDXS0wZRH5Ga6VMhmddedRcUt4.roa
Signing time: Fri 01 Sep 2023 09:11:30 +0000
ROA not before: Fri 01 Sep 2023 09:11:30 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18042
IP address blocks: 2400:df40::/32 maxlen: 56
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2977 (0xba1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 1 09:11:30 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2210D74B4C19447E466BA54C86675D79D45C52DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:f1:b0:76:64:db:10:67:76:ae:d7:3b:b0:91:
24:b0:40:10:4c:5c:a5:fb:5a:27:24:0d:68:1f:be:
24:a4:10:ee:18:c3:42:2a:31:93:19:18:54:c4:9c:
e7:e7:96:5e:a3:65:1c:91:db:32:e5:21:88:5a:e6:
ff:6b:fa:6b:84:44:c6:e5:da:a3:a8:92:52:31:3f:
4d:01:37:51:02:53:4e:c4:92:aa:69:67:34:4b:fa:
b9:11:99:38:ec:f6:ff:99:8c:4d:be:41:3a:a8:65:
9a:27:6b:c5:48:a7:d2:b5:b8:58:f2:08:fc:4b:4a:
b8:5c:62:ac:93:e4:54:2b:9a:ff:c6:9d:11:00:a6:
91:2c:20:cf:6c:bf:52:ab:69:29:95:41:78:ff:3c:
1b:35:1c:48:a0:6f:20:60:b2:86:28:9e:5f:49:11:
1f:c6:78:f3:94:8a:3c:d8:e9:c9:c7:25:00:fa:f3:
61:42:8f:eb:e9:22:49:f6:3d:c6:22:1f:41:0e:97:
4f:60:a5:cf:66:ee:9d:61:61:05:8f:7f:78:3b:32:
1d:f7:1f:4a:9a:d0:1f:d7:c3:99:ac:00:61:4c:de:
e6:0b:7b:50:ef:e6:1f:e2:8f:56:6a:0d:cd:2a:ee:
a2:1d:4e:43:bf:e2:70:a5:9f:bd:5c:48:be:a4:b4:
31:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:10:D7:4B:4C:19:44:7E:46:6B:A5:4C:86:67:5D:79:D4:5C:52:DE
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/IhDXS0wZRH5Ga6VMhmddedRcUt4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:df40::/32
Signature Algorithm: sha256WithRSAEncryption
65:4a:1e:2b:17:87:f8:25:87:eb:f6:23:f3:ec:23:92:e6:69:
fa:d1:db:30:52:ac:ae:e4:75:12:4f:4a:d7:7a:70:b5:ea:c1:
ce:48:e5:d3:bf:81:25:cb:24:d9:24:9c:a5:88:a5:a2:13:2a:
82:28:84:fd:1b:1b:dc:6b:46:9b:4e:10:90:50:33:9d:e3:5b:
c4:60:e9:a0:b1:41:08:c4:aa:46:84:53:4f:65:d4:28:1b:47:
64:e7:a6:8f:d1:fd:26:58:d7:4d:13:e0:67:15:ab:04:c0:2b:
8d:b3:81:a7:0e:91:c4:59:78:c4:9f:02:ff:d8:9d:ae:a9:8d:
07:70:37:c1:82:af:c4:8d:cc:4f:40:17:7a:c5:a3:4a:0c:7a:
73:cf:2d:07:56:4b:05:a5:51:ab:3f:4a:75:20:00:00:b9:2a:
2e:4e:46:f0:47:f3:63:bf:1b:11:5c:f2:e9:c4:a8:1f:7a:28:
be:ad:9d:0b:45:32:58:b5:ee:3c:5c:cf:5a:a0:9b:7e:9d:86:
a0:11:57:34:a3:42:3a:51:99:e9:9b:59:32:2e:6b:be:9f:57:
42:d1:a5:53:98:18:05:c1:78:22:21:7d:55:ce:8c:a1:41:a6:
66:a8:44:78:bc:40:c9:f6:2b:00:f6:70:5c:32:d6:38:b8:1b:
fa:b7:f1:12
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICC6EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMzA5MDEw
OTExMzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDIyMTBENzRCNEMxOTQ0
N0U0NjZCQTU0Qzg2Njc1RDc5RDQ1QzUyREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+8bB2ZNsQZ3au1zuwkSSwQBBMXKX7WickDWgfviSkEO4Yw0Iq
MZMZGFTEnOfnll6jZRyR2zLlIYha5v9r+muERMbl2qOoklIxP00BN1ECU07Ekqpp
ZzRL+rkRmTjs9v+ZjE2+QTqoZZona8VIp9K1uFjyCPxLSrhcYqyT5FQrmv/GnREA
ppEsIM9sv1KraSmVQXj/PBs1HEigbyBgsoYonl9JER/GePOUijzY6cnHJQD682FC
j+vpIkn2PcYiH0EOl09gpc9m7p1hYQWPf3g7Mh33H0qa0B/Xw5msAGFM3uYLe1Dv
5h/ij1ZqDc0q7qIdTkO/4nCln71cSL6ktDEDAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUIhDXS0wZRH5Ga6VMhmddedRcUt4wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0loRFhTMHdaUkg1R2E2Vk1obWRkZWRS
Y1V0NC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAN9AMA0G
CSqGSIb3DQEBCwUAA4IBAQBlSh4rF4f4JYfr9iPz7COS5mn60dswUqyu5HUST0rX
enC16sHOSOXTv4ElyyTZJJyliKWiEyqCKIT9Gxvca0abThCQUDOd41vEYOmgsUEI
xKpGhFNPZdQoG0dk56aP0f0mWNdNE+BnFasEwCuNs4GnDpHEWXjEnwL/2J2uqY0H
cDfBgq/EjcxPQBd6xaNKDHpzzy0HVksFpVGrP0p1IAAAuSouTkbwR/NjvxsRXPLp
xKgfeii+rZ0LRTJYte48XM9aoJt+nYagEVc0o0I6UZnpm1kyLmu+n1dC0aVTmBgF
wXgiIX1VzoyhQaZmqER4vEDJ9isA9nBcMtY4uBv6t/ES
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org