Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/McU_76ylof2tEwaxtGcHgNb6xYs.roa
File: McU_76ylof2tEwaxtGcHgNb6xYs.roa (raw, json)
Hash identifier: OD7FdiiY23VyTuh93mearP+hKG4dZRPzYfqeKY92vvE=
Subject key identifier: 31:C5:3F:EF:AC:A5:A1:FD:AD:13:06:B1:B4:67:07:80:D6:FA:C5:8B
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0C0F
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/McU_76ylof2tEwaxtGcHgNb6xYs.roa
Signing time: Fri 01 Sep 2023 09:13:56 +0000
ROA not before: Fri 01 Sep 2023 09:13:56 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 4780
IP address blocks: 211.78.8.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3087 (0xc0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 1 09:13:56 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=31C53FEFACA5A1FDAD1306B1B4670780D6FAC58B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2e:94:70:67:ea:2c:d3:be:33:1e:9d:62:bc:
3a:13:9b:ab:5c:b6:58:2f:bc:69:50:5c:66:a6:26:
47:37:5a:f2:b4:4c:75:b1:37:21:67:d6:c7:83:25:
45:49:78:35:64:a6:ca:f5:91:99:b7:e6:e6:67:1f:
d9:c3:1c:de:41:b5:b1:1d:b2:67:de:85:d2:6e:a7:
be:3c:ed:68:0d:05:e9:a7:e7:96:9e:1a:08:ea:81:
70:12:b4:11:9e:62:dc:b5:70:c5:d0:1f:db:ad:32:
4c:82:a5:ed:a6:1d:88:c7:8c:32:78:15:64:d5:97:
60:80:91:be:19:cc:fd:ed:69:50:e0:09:66:06:be:
0c:12:bd:5e:32:fe:b0:bd:f0:2e:e9:fa:c7:e2:d7:
3e:38:e3:be:1f:bc:e6:a8:72:62:7d:27:67:8f:bd:
e3:18:fa:a2:4b:bb:0e:8d:6c:f6:ff:82:52:37:52:
5d:ac:14:2c:42:b2:90:44:4c:15:65:99:01:03:df:
ed:4b:5a:51:83:46:71:32:5a:98:15:34:ba:84:48:
e4:97:0b:32:8d:bb:48:1f:90:57:55:f2:a9:9c:d1:
9e:d4:bb:47:e0:d4:40:6d:21:61:f4:f2:18:24:b8:
8c:ae:63:8f:87:38:5c:27:2e:65:ad:b5:fc:58:6f:
28:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C5:3F:EF:AC:A5:A1:FD:AD:13:06:B1:B4:67:07:80:D6:FA:C5:8B
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/McU_76ylof2tEwaxtGcHgNb6xYs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.8.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:6b:70:ac:aa:14:84:89:75:a9:84:45:6f:6b:46:07:32:b9:
7f:b2:b0:90:f3:62:ae:d7:25:0f:05:75:5e:ba:26:98:be:55:
a5:72:b5:cb:79:3e:2a:16:87:02:3e:6d:05:95:6c:b9:5b:c2:
b3:ae:4c:d5:6a:9e:28:28:c1:93:69:a3:19:f7:74:0c:63:0b:
cf:6b:eb:e2:3d:14:91:3e:c7:85:e1:e0:13:4e:2b:fe:82:f7:
53:12:34:90:be:6d:44:4e:52:89:6c:7b:73:46:14:09:4e:f7:
17:d6:91:4b:94:74:80:84:95:33:e3:43:d3:63:77:28:a1:fd:
80:d9:77:d5:0b:75:2b:69:0d:0b:80:f4:7a:41:58:6e:6b:1e:
d5:0f:f3:ba:4d:df:10:e7:79:82:5c:32:6f:19:31:13:8d:be:
77:62:59:ca:ec:c6:63:74:86:4f:b7:d8:c9:77:6b:8b:60:ae:
11:36:08:3c:21:ae:f2:76:0c:9b:da:b9:17:77:95:c0:3a:a8:
ed:e8:e7:f7:45:9e:06:d3:a9:a5:93:19:d5:b6:c2:f2:37:a9:
e8:0d:4f:b2:7d:c5:95:02:d4:86:14:01:97:9b:18:68:9f:88:
30:7d:6b:35:f1:17:91:79:2d:8e:a8:40:ba:91:80:b0:96:73:
30:d0:65:f2
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDA8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA5MDEw
OTEzNTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDMxQzUzRkVGQUNBNUEx
RkRBRDEzMDZCMUI0NjcwNzgwRDZGQUM1OEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJLpRwZ+os074zHp1ivDoTm6tctlgvvGlQXGamJkc3WvK0THWx
NyFn1seDJUVJeDVkpsr1kZm35uZnH9nDHN5BtbEdsmfehdJup7487WgNBemn55ae
GgjqgXAStBGeYty1cMXQH9utMkyCpe2mHYjHjDJ4FWTVl2CAkb4ZzP3taVDgCWYG
vgwSvV4y/rC98C7p+sfi1z44474fvOaocmJ9J2ePveMY+qJLuw6NbPb/glI3Ul2s
FCxCspBETBVlmQED3+1LWlGDRnEyWpgVNLqESOSXCzKNu0gfkFdV8qmc0Z7Uu0fg
1EBtIWH08hgkuIyuY4+HOFwnLmWttfxYbyhdAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUMcU/76ylof2tEwaxtGcHgNb6xYswHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL01jVV83Nnlsb2YydEV3YXh0R2NIZ05i
NnhZcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTggwDQYJ
KoZIhvcNAQELBQADggEBAE1rcKyqFISJdamERW9rRgcyuX+ysJDzYq7XJQ8FdV66
Jpi+VaVytct5PioWhwI+bQWVbLlbwrOuTNVqnigowZNpoxn3dAxjC89r6+I9FJE+
x4Xh4BNOK/6C91MSNJC+bUROUolse3NGFAlO9xfWkUuUdICElTPjQ9Njdyih/YDZ
d9ULdStpDQuA9HpBWG5rHtUP87pN3xDneYJcMm8ZMRONvndiWcrsxmN0hk+32Ml3
a4tgrhE2CDwhrvJ2DJvauRd3lcA6qO3o5/dFngbTqaWTGdW2wvI3qegNT7J9xZUC
1IYUAZebGGifiDB9azXxF5F5LY6oQLqRgLCWczDQZfI=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org