Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/dMCkhT2knQt5aJUyc8I3KXXvN48.roa
File: dMCkhT2knQt5aJUyc8I3KXXvN48.roa (raw, json)
Hash identifier: LzzwxyIfH4wtjeN60aFLs0l8HVF4IXmxU4JIPhOTPJY=
Subject key identifier: 74:C0:A4:85:3D:A4:9D:0B:79:68:95:32:73:C2:37:29:75:EF:37:8F
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0BA3
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/dMCkhT2knQt5aJUyc8I3KXXvN48.roa
Signing time: Fri 01 Sep 2023 09:11:31 +0000
ROA not before: Fri 01 Sep 2023 09:11:31 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18042
IP address blocks: 61.63.87.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2979 (0xba3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 1 09:11:31 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=74C0A4853DA49D0B7968953273C2372975EF378F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:31:9e:1b:82:c8:4f:15:ee:b8:77:94:7d:f1:
ab:86:bb:e4:89:09:66:2d:03:bf:b6:ed:69:ce:80:
b8:f2:2a:f5:31:91:dc:a5:ba:4b:73:5f:b9:53:8d:
de:a9:44:ca:d5:43:0a:9f:15:6c:66:7c:5c:05:bd:
2e:06:85:78:c4:3b:b9:eb:1e:75:41:52:be:d4:cb:
a6:65:c3:ec:35:24:4b:a7:83:7e:5d:7c:36:20:93:
41:6f:1e:1a:e5:66:55:73:e8:15:8b:c0:23:f3:b7:
2c:8f:44:48:05:f7:88:c5:81:80:25:5b:eb:43:61:
a3:0e:e2:a5:17:da:a0:e5:63:bd:95:66:14:2b:44:
5e:7c:ab:67:6c:ba:c3:6f:d8:2c:7a:61:37:44:dc:
89:8d:a3:87:8b:fd:c9:c8:36:06:88:b0:5d:cd:4b:
e8:1d:c3:9f:bc:a7:1d:67:67:a6:5a:86:7e:0f:59:
79:4f:8c:68:b7:d0:90:4c:9a:66:ef:b4:0b:90:10:
3d:13:ec:36:08:ea:a1:71:bf:c2:78:5b:60:b7:33:
23:e9:5a:70:f6:f4:70:f6:ae:92:ff:66:6e:2c:b7:
2b:da:02:24:58:26:8d:6d:88:13:9a:1a:dc:0b:17:
22:09:41:ca:6b:0a:2c:f2:e0:9b:2b:06:0e:ea:32:
40:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:C0:A4:85:3D:A4:9D:0B:79:68:95:32:73:C2:37:29:75:EF:37:8F
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/dMCkhT2knQt5aJUyc8I3KXXvN48.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.87.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:ea:27:ca:ae:38:8f:67:42:15:75:3a:ac:07:01:c7:47:ce:
00:0c:b2:76:3c:19:6e:08:1d:30:df:a4:9e:50:70:68:cc:b1:
67:4d:97:cc:42:25:61:21:4c:f1:b1:5f:3a:50:1a:97:9c:15:
e6:e0:08:a4:1e:68:23:b8:80:41:19:86:44:57:aa:8d:05:1a:
70:98:d1:17:7f:c9:eb:72:8c:ee:45:40:56:a3:a7:d5:2c:26:
c4:b7:2c:7c:52:bd:65:f5:5f:74:8a:d9:a1:85:75:38:23:84:
77:cf:04:0b:07:5d:68:33:58:5a:7d:ba:33:ce:3d:97:05:a2:
62:a8:74:50:cb:f5:82:a1:be:23:62:67:17:2d:12:b4:7f:69:
2d:3b:92:9a:a2:dc:6e:40:59:6b:d5:79:02:48:51:78:e6:ff:
c9:bf:38:df:f9:93:53:b3:e0:5b:53:cb:e5:8f:70:32:db:d2:
8a:02:67:25:e2:e0:6d:44:28:4c:e0:12:bf:c1:18:9e:24:2d:
6c:35:71:86:a9:0d:19:fe:35:ea:6e:0c:0e:40:a4:da:f9:ed:
64:ea:95:76:04:b2:a5:4c:c2:aa:8c:10:db:b1:1a:30:f3:bd:
84:c6:6e:92:58:b2:a4:ac:7d:fa:91:10:eb:81:bc:bc:4a:d6:
96:f5:e5:10
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC6MwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMzA5MDEw
OTExMzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDc0QzBBNDg1M0RBNDlE
MEI3OTY4OTUzMjczQzIzNzI5NzVFRjM3OEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWMZ4bgshPFe64d5R98auGu+SJCWYtA7+27WnOgLjyKvUxkdyl
uktzX7lTjd6pRMrVQwqfFWxmfFwFvS4GhXjEO7nrHnVBUr7Uy6Zlw+w1JEung35d
fDYgk0FvHhrlZlVz6BWLwCPztyyPREgF94jFgYAlW+tDYaMO4qUX2qDlY72VZhQr
RF58q2dsusNv2Cx6YTdE3ImNo4eL/cnINgaIsF3NS+gdw5+8px1nZ6Zahn4PWXlP
jGi30JBMmmbvtAuQED0T7DYI6qFxv8J4W2C3MyPpWnD29HD2rpL/Zm4styvaAiRY
Jo1tiBOaGtwLFyIJQcprCizy4JsrBg7qMkBpAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUdMCkhT2knQt5aJUyc8I3KXXvN48wHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL2RNQ2toVDJrblF0NWFKVXljOEkzS1hY
dk40OC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9P1cwDQYJ
KoZIhvcNAQELBQADggEBAJrqJ8quOI9nQhV1OqwHAcdHzgAMsnY8GW4IHTDfpJ5Q
cGjMsWdNl8xCJWEhTPGxXzpQGpecFebgCKQeaCO4gEEZhkRXqo0FGnCY0Rd/yety
jO5FQFajp9UsJsS3LHxSvWX1X3SK2aGFdTgjhHfPBAsHXWgzWFp9ujPOPZcFomKo
dFDL9YKhviNiZxctErR/aS07kpqi3G5AWWvVeQJIUXjm/8m/ON/5k1Oz4FtTy+WP
cDLb0ooCZyXi4G1EKEzgEr/BGJ4kLWw1cYapDRn+NepuDA5ApNr57WTqlXYEsqVM
wqqMENuxGjDzvYTGbpJYsqSsffqREOuBvLxK1pb15RA=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org