Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KBT/y3FmxBIVgoDdydMPm99KQEyXVaM.roa
File: y3FmxBIVgoDdydMPm99KQEyXVaM.roa (raw, json)
Hash identifier: DMAR1HLzbuStAYiYCg8+HLCqAtdtEUPVBj+wc+ZusjE=
Subject key identifier: CB:71:66:C4:12:15:82:80:DD:C9:D3:0F:9B:DF:4A:40:4C:97:55:A3
Certificate issuer: /CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Certificate serial: 0BA2
Authority key identifier: 2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/y3FmxBIVgoDdydMPm99KQEyXVaM.roa
Signing time: Fri 01 Sep 2023 09:11:31 +0000
ROA not before: Fri 01 Sep 2023 09:11:31 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18042
IP address blocks: 61.67.207.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2978 (0xba2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2DBED751DA8F01930418E2DE2432D0D03A97DA7C
Validity
Not Before: Sep 1 09:11:31 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CB7166C412158280DDC9D30F9BDF4A404C9755A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:91:a2:eb:18:94:c3:e4:b9:62:5d:b6:3f:87:
34:79:67:44:8a:0b:55:03:30:31:8a:f5:2a:5f:6e:
a5:2a:aa:af:15:4e:ed:66:a4:5b:08:64:61:25:c2:
1a:0c:b2:a1:a2:9d:71:ca:98:93:d5:3c:83:a8:f0:
34:dc:e9:2f:f9:69:1f:a5:ee:1d:5a:ba:08:16:52:
48:12:c5:62:81:66:79:ed:e4:31:4a:ce:7a:1f:8a:
d6:14:8f:7f:a5:51:3c:0e:19:71:bb:68:a7:e6:b5:
30:40:77:d1:77:75:54:40:8e:d8:37:98:45:20:b4:
0c:a3:84:16:1c:88:9b:3f:2f:3c:b5:6b:f6:e8:0e:
ed:ea:9e:fa:ad:a1:17:0e:4e:da:5e:6b:11:9b:88:
51:d9:dc:7c:35:98:c8:1f:0a:80:a3:ac:23:08:14:
e4:70:d3:05:e0:14:f3:cc:00:b6:b0:29:ec:40:b4:
31:36:13:41:32:17:36:8b:7d:e2:ba:f6:70:d7:dc:
1d:63:d0:0e:36:2d:a6:b3:63:cb:c2:00:f2:0f:4b:
f8:9c:0b:53:49:ac:f1:77:c0:fe:36:e8:a9:9a:bc:
b8:76:b0:b4:99:ac:1f:64:8c:7c:7b:c6:9d:64:81:
e7:c6:ad:67:e6:fa:10:77:a7:00:66:7b:da:3d:5e:
4b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:71:66:C4:12:15:82:80:DD:C9:D3:0F:9B:DF:4A:40:4C:97:55:A3
X509v3 Authority Key Identifier:
keyid:2D:BE:D7:51:DA:8F:01:93:04:18:E2:DE:24:32:D0:D0:3A:97:DA:7C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lb7XUdqPAZMEGOLeJDLQ0DqX2nw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KBT/y3FmxBIVgoDdydMPm99KQEyXVaM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.67.207.0/24
Signature Algorithm: sha256WithRSAEncryption
05:17:2c:73:26:6b:5c:c0:27:01:fa:f3:c8:0f:58:5f:24:70:
88:d4:c5:14:bf:78:c4:ba:12:9f:eb:5f:7b:e1:46:33:89:9f:
c4:b9:b6:81:e2:82:ea:8b:37:a9:6b:7f:b5:bf:03:b5:e4:16:
8f:8f:d6:85:d8:05:e9:e6:52:7a:f4:0b:64:27:f0:82:3a:df:
99:ab:84:30:39:df:b3:57:17:98:45:9f:50:a5:0c:5a:8a:28:
61:92:da:9c:33:2e:4d:4a:e8:ff:8c:54:44:72:6c:53:70:3b:
cf:c6:ac:65:ce:d2:7a:da:88:d3:91:f7:c9:fd:8d:70:4b:79:
85:27:42:b9:3e:41:70:ca:a1:54:e6:ad:75:c4:ec:e2:01:3a:
43:29:69:ea:93:96:e3:51:ad:4b:01:fb:80:bb:f3:a0:9b:2f:
d7:ca:7a:cb:5e:34:1a:25:fc:28:7f:1b:c3:dc:49:14:87:e8:
67:c0:c5:d3:b0:97:49:00:3e:dc:ba:38:79:11:15:7d:a8:e3:
0f:f7:01:5d:a9:e3:7b:b1:32:12:ce:16:11:56:c8:f3:fa:ff:
a2:ff:42:d9:46:8f:e4:72:12:d0:47:ff:65:b7:9b:0a:13:6a:
b4:1d:d3:17:d9:c9:34:41:bf:75:0c:7c:b3:c5:6a:32:38:17:
85:aa:f8:6e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkRC
RUQ3NTFEQThGMDE5MzA0MThFMkRFMjQzMkQwRDAzQTk3REE3QzAeFw0yMzA5MDEw
OTExMzFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENCNzE2NkM0MTIxNTgy
ODBEREM5RDMwRjlCREY0QTQwNEM5NzU1QTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTkaLrGJTD5LliXbY/hzR5Z0SKC1UDMDGK9SpfbqUqqq8VTu1m
pFsIZGElwhoMsqGinXHKmJPVPIOo8DTc6S/5aR+l7h1auggWUkgSxWKBZnnt5DFK
znofitYUj3+lUTwOGXG7aKfmtTBAd9F3dVRAjtg3mEUgtAyjhBYciJs/Lzy1a/bo
Du3qnvqtoRcOTtpeaxGbiFHZ3Hw1mMgfCoCjrCMIFORw0wXgFPPMALawKexAtDE2
E0EyFzaLfeK69nDX3B1j0A42LaazY8vCAPIPS/icC1NJrPF3wP426KmavLh2sLSZ
rB9kjHx7xp1kgefGrWfm+hB3pwBme9o9XktdAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUy3FmxBIVgoDdydMPm99KQEyXVaMwHwYDVR0jBBgwFoAULb7XUdqPAZMEGOLe
JDLQ0DqX2nwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL0xi
N1hVZHFQQVpNRUdPTGVKRExRMERxWDJudy5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TGI3WFVkcVBBWk1FR09MZUpETFEwRHFYMm53LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0JUL3kzRm14QklWZ29EZHlkTVBtOTlLUUV5
WFZhTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9Q88wDQYJ
KoZIhvcNAQELBQADggEBAAUXLHMma1zAJwH688gPWF8kcIjUxRS/eMS6Ep/rX3vh
RjOJn8S5toHiguqLN6lrf7W/A7XkFo+P1oXYBenmUnr0C2Qn8II635mrhDA537NX
F5hFn1ClDFqKKGGS2pwzLk1K6P+MVERybFNwO8/GrGXO0nraiNOR98n9jXBLeYUn
Qrk+QXDKoVTmrXXE7OIBOkMpaeqTluNRrUsB+4C786CbL9fKesteNBol/Ch/G8Pc
SRSH6GfAxdOwl0kAPty6OHkRFX2o4w/3AV2p43uxMhLOFhFWyPP6/6L/QtlGj+Ry
EtBH/2W3mwoTarQd0xfZyTRBv3UMfLPFajI4F4Wq+G4=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org