Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/k5PP1ONIhlBYW9S-7ZV51Qdrv6g.roa
File: k5PP1ONIhlBYW9S-7ZV51Qdrv6g.roa (raw, json)
Hash identifier: eCmAq/Rxfmhqk8ahbtQMUHUz4F9fcMJwJj6yT0u3q1U=
Subject key identifier: 93:93:CF:D4:E3:48:86:50:58:5B:D4:BE:ED:95:79:D5:07:6B:BF:A8
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0B9E
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/k5PP1ONIhlBYW9S-7ZV51Qdrv6g.roa
Signing time: Fri 01 Sep 2023 09:11:30 +0000
ROA not before: Fri 01 Sep 2023 09:11:30 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18042
IP address blocks: 61.63.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2974 (0xb9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 1 09:11:30 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9393CFD4E3488650585BD4BEED9579D5076BBFA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:eb:b0:62:32:41:3f:30:6f:95:07:32:8e:c8:
60:68:e4:06:81:f6:02:e6:d2:d8:66:91:70:6a:3f:
84:dd:6c:f8:8a:54:e7:04:f2:0a:e5:33:87:61:4c:
17:dd:24:2b:f5:fa:b0:a5:09:e6:83:a1:d4:24:d0:
57:15:65:da:42:91:d7:01:66:40:df:54:af:31:26:
7b:86:41:c7:21:68:5c:ba:91:39:12:23:7a:14:f7:
a2:84:5d:67:17:f5:f6:a5:99:8b:5a:70:48:eb:42:
03:06:c4:dc:84:f1:d1:4f:22:ec:d9:9c:60:10:e3:
ab:84:7f:fa:2b:d0:dc:12:a6:29:e4:eb:b7:5d:41:
94:80:8e:a0:4a:6b:38:46:33:fc:33:0d:f5:cc:11:
58:27:99:38:2a:9a:fe:3a:e4:63:15:41:c8:0a:a3:
f8:25:2e:4b:75:d1:bb:76:df:c3:da:28:24:8c:ee:
27:93:20:35:61:fc:6c:f1:4c:f3:cd:cc:bf:bf:0f:
85:3c:6b:91:cd:cd:5a:2c:93:8f:29:27:f4:23:24:
0a:b4:9a:97:49:31:aa:24:80:0a:2e:49:6e:e7:e9:
88:19:f6:ed:20:47:15:e7:a3:9f:4f:6e:c9:01:75:
4d:d2:05:25:9b:c8:f5:14:4e:7d:7d:71:2d:28:21:
15:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:93:CF:D4:E3:48:86:50:58:5B:D4:BE:ED:95:79:D5:07:6B:BF:A8
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/k5PP1ONIhlBYW9S-7ZV51Qdrv6g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.63.64.0/19
Signature Algorithm: sha256WithRSAEncryption
54:96:c0:fd:cc:5d:de:49:3a:9d:b4:ac:47:77:50:94:7b:a2:
bf:e3:7e:19:ef:2c:e0:ab:93:f8:91:16:3c:00:a5:1b:a0:8a:
2a:c8:d5:b0:df:65:c3:6e:91:1e:30:82:dc:75:f9:a6:c4:1b:
d3:72:70:45:96:2b:78:bd:71:84:42:90:53:9c:6d:89:b2:96:
bb:57:ea:4d:bf:9b:ba:7f:45:9a:b0:01:02:ae:ce:b7:f2:b9:
24:3d:d8:0f:79:07:65:82:61:de:90:60:b5:7c:0d:9b:38:db:
48:e2:14:e5:fa:c9:dd:5c:1b:ab:b4:3a:b9:aa:6b:e7:a6:0e:
5c:6a:d9:4d:b0:18:ae:8b:3c:7a:f7:4f:4d:9d:a1:69:f5:d2:
21:0b:38:6b:fa:b4:50:e3:69:35:5b:cb:05:fd:50:23:5b:92:
e9:ae:10:35:16:4d:2b:58:83:2d:80:d2:7b:95:21:1b:a9:c6:
67:37:dc:9d:fe:b9:b1:b1:bb:66:25:aa:75:b3:2b:c9:5d:d7:
6b:e0:6a:85:59:f5:ea:5b:eb:e9:32:2e:44:3b:4b:20:ea:b5:
86:f0:78:47:4a:87:77:2f:b5:5a:5f:b1:c4:5a:80:0b:40:cc:
9b:da:50:13:94:21:63:ab:00:fb:91:ff:5e:88:27:b1:d4:33:
ed:af:d3:0c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC54wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMzA5MDEw
OTExMzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkzOTNDRkQ0RTM0ODg2
NTA1ODVCRDRCRUVEOTU3OUQ1MDc2QkJGQTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL67BiMkE/MG+VBzKOyGBo5AaB9gLm0thmkXBqP4TdbPiKVOcE
8grlM4dhTBfdJCv1+rClCeaDodQk0FcVZdpCkdcBZkDfVK8xJnuGQcchaFy6kTkS
I3oU96KEXWcX9falmYtacEjrQgMGxNyE8dFPIuzZnGAQ46uEf/or0NwSpink67dd
QZSAjqBKazhGM/wzDfXMEVgnmTgqmv465GMVQcgKo/glLkt10bt238PaKCSM7ieT
IDVh/GzxTPPNzL+/D4U8a5HNzVosk48pJ/QjJAq0mpdJMaokgAouSW7n6YgZ9u0g
RxXno59PbskBdU3SBSWbyPUUTn19cS0oIRUfAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUk5PP1ONIhlBYW9S+7ZV51Qdrv6gwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL2s1UFAxT05JaGxCWVc5Uy03WlY1MVFk
cnY2Zy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAU9P0AwDQYJ
KoZIhvcNAQELBQADggEBAFSWwP3MXd5JOp20rEd3UJR7or/jfhnvLOCrk/iRFjwA
pRugiirI1bDfZcNukR4wgtx1+abEG9NycEWWK3i9cYRCkFOcbYmylrtX6k2/m7p/
RZqwAQKuzrfyuSQ92A95B2WCYd6QYLV8DZs420jiFOX6yd1cG6u0Ormqa+emDlxq
2U2wGK6LPHr3T02doWn10iELOGv6tFDjaTVbywX9UCNbkumuEDUWTStYgy2A0nuV
IRupxmc33J3+ubGxu2YlqnWzK8ld12vgaoVZ9epb6+kyLkQ7SyDqtYbweEdKh3cv
tVpfscRagAtAzJvaUBOUIWOrAPuR/16IJ7HUM+2v0ww=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org