Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KE-ING/onOreep0lcx9DRJn1FSrFTMHXXk.roa
File: onOreep0lcx9DRJn1FSrFTMHXXk.roa (raw, json)
Hash identifier: 1Y5lNfKyxrmswuuyjx0ZUB/bdo3fJsJahrTxwLrN+RQ=
Subject key identifier: A2:73:AB:79:EA:74:95:CC:7D:0D:12:67:D4:54:AB:15:33:07:5D:79
Certificate issuer: /CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Certificate serial: 0C03
Authority key identifier: 99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/onOreep0lcx9DRJn1FSrFTMHXXk.roa
Signing time: Fri 01 Sep 2023 09:11:52 +0000
ROA not before: Fri 01 Sep 2023 09:11:52 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9416
IP address blocks: 123.252.64.0/18 maxlen: 18
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3075 (0xc03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999BBE131DF5D346F27627CC4F8FA9FB57581929
Validity
Not Before: Sep 1 09:11:52 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=A273AB79EA7495CC7D0D1267D454AB1533075D79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:88:e5:6a:25:48:41:12:1c:cd:90:61:aa:89:
25:4c:d4:c9:13:2d:fc:44:fa:67:29:c1:7e:0c:1a:
1b:07:1e:09:76:ad:b0:5a:af:cf:84:e5:d7:6c:d9:
05:0a:d9:e7:94:74:d6:27:f1:56:32:bf:ab:87:d0:
51:e8:e6:dc:cc:9c:0f:b6:2f:fd:be:9d:06:4b:61:
77:34:a0:41:85:8a:8b:8b:b8:ff:b9:68:2d:6a:9e:
94:20:6c:98:ef:7e:3f:47:48:cd:b6:88:34:c3:69:
1b:3a:d3:ba:9e:f3:8d:2c:79:34:29:34:25:b3:ba:
a6:e7:35:6d:3b:15:3b:fc:66:9e:ee:95:f1:34:d8:
16:8c:ed:a6:9a:27:a5:c9:de:7e:f1:9b:b5:78:98:
c8:a7:e9:5f:aa:a0:07:93:3d:cd:13:63:44:ef:f8:
61:58:0c:6a:9a:ea:a5:95:e0:bc:9c:2b:f2:ca:e6:
fe:52:a0:00:6b:eb:80:18:32:f7:18:8c:e5:12:9d:
32:0e:ad:d3:ea:c5:d5:4e:56:a5:c5:fc:de:cb:55:
a6:16:cc:19:c3:ee:8d:ca:ac:13:7c:8a:7c:a6:c0:
af:6c:e6:a4:6d:16:6f:52:c5:3e:6c:d9:e2:0f:20:
a9:1d:00:09:41:51:a9:35:98:6c:78:54:91:a5:c8:
ed:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:73:AB:79:EA:74:95:CC:7D:0D:12:67:D4:54:AB:15:33:07:5D:79
X509v3 Authority Key Identifier:
keyid:99:9B:BE:13:1D:F5:D3:46:F2:76:27:CC:4F:8F:A9:FB:57:58:19:29
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/mZu-Ex3100bydifMT4-p-1dYGSk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mZu-Ex3100bydifMT4-p-1dYGSk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KE-ING/onOreep0lcx9DRJn1FSrFTMHXXk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.252.64.0/18
Signature Algorithm: sha256WithRSAEncryption
ae:b0:14:c4:f8:50:94:e9:ab:47:08:bc:b8:48:fb:67:cb:96:
18:45:95:5e:ed:51:5a:5b:94:e2:6a:4b:df:f6:48:a3:f6:24:
90:0d:89:ba:34:b6:66:67:b4:21:88:fa:f1:0e:ed:34:8b:30:
f1:d1:b1:49:8d:02:95:c9:3c:91:af:dd:f3:bd:61:d1:77:ad:
1f:f3:4c:52:39:83:0c:f2:88:5f:c0:e4:18:66:41:32:85:8f:
79:f3:ef:59:a4:90:33:8c:ec:0b:36:43:66:40:62:56:18:c4:
3e:62:a2:d0:2a:32:5a:bb:bc:7e:b7:f3:af:2e:e4:e2:cf:6e:
04:d0:8c:dc:b1:9e:1a:1f:49:47:a0:7e:3d:75:8b:2b:46:e5:
ba:86:94:c4:49:77:a3:03:8e:20:18:80:54:48:f1:c8:c5:74:
db:85:92:69:b8:81:cc:63:bc:7b:a0:62:f8:c1:f9:f7:c7:ab:
61:ac:ec:4a:e5:20:bd:d2:ad:79:08:ef:3f:f4:1b:fd:cc:28:
1e:6f:45:4e:e5:25:cf:cc:34:4e:9f:b4:ab:7a:bb:fb:52:27:
ac:84:7e:17:94:b8:30:0f:4e:9a:8f:89:77:27:d1:ea:05:9b:
3d:ca:a3:78:23:33:c6:64:cc:81:03:64:4d:2b:44:6c:87:bb:
c0:c3:d8:2c
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDAMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOTk5
QkJFMTMxREY1RDM0NkYyNzYyN0NDNEY4RkE5RkI1NzU4MTkyOTAeFw0yMzA5MDEw
OTExNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEEyNzNBQjc5RUE3NDk1
Q0M3RDBEMTI2N0Q0NTRBQjE1MzMwNzVENzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUiOVqJUhBEhzNkGGqiSVM1MkTLfxE+mcpwX4MGhsHHgl2rbBa
r8+E5dds2QUK2eeUdNYn8VYyv6uH0FHo5tzMnA+2L/2+nQZLYXc0oEGFiouLuP+5
aC1qnpQgbJjvfj9HSM22iDTDaRs607qe840seTQpNCWzuqbnNW07FTv8Zp7ulfE0
2BaM7aaaJ6XJ3n7xm7V4mMin6V+qoAeTPc0TY0Tv+GFYDGqa6qWV4LycK/LK5v5S
oABr64AYMvcYjOUSnTIOrdPqxdVOVqXF/N7LVaYWzBnD7o3KrBN8inymwK9s5qRt
Fm9SxT5s2eIPIKkdAAlBUak1mGx4VJGlyO3VAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUonOreep0lcx9DRJn1FSrFTMHXXkwHwYDVR0jBBgwFoAUmZu+Ex3100bydifM
T4+p+1dYGSkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5H
L21adS1FeDMxMDBieWRpZk1UNC1wLTFkWUdTay5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvbVp1LUV4MzEwMGJ5ZGlmTVQ0LXAtMWRZR1NrLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0UtSU5HL29uT3JlZXAwbGN4OURSSm4x
RlNyRlRNSFhYay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAZ7
/EAwDQYJKoZIhvcNAQELBQADggEBAK6wFMT4UJTpq0cIvLhI+2fLlhhFlV7tUVpb
lOJqS9/2SKP2JJANibo0tmZntCGI+vEO7TSLMPHRsUmNApXJPJGv3fO9YdF3rR/z
TFI5gwzyiF/A5BhmQTKFj3nz71mkkDOM7As2Q2ZAYlYYxD5iotAqMlq7vH63868u
5OLPbgTQjNyxnhofSUegfj11iytG5bqGlMRJd6MDjiAYgFRI8cjFdNuFkmm4gcxj
vHugYvjB+ffHq2Gs7ErlIL3SrXkI7z/0G/3MKB5vRU7lJc/MNE6ftKt6u/tSJ6yE
fheUuDAPTpqPiXcn0eoFmz3Ko3gjM8ZkzIEDZE0rRGyHu8DD2Cw=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org