Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/Mp1ciQH8XOLfPM84XIWa9zlUJYo.roa
File: Mp1ciQH8XOLfPM84XIWa9zlUJYo.roa (raw, json)
Hash identifier: fFbwXMC7lTr6Gt+YLi0xNaQ6Ol6pxb7xDzY7UmwUuTo=
Subject key identifier: 32:9D:5C:89:01:FC:5C:E2:DF:3C:CF:38:5C:85:9A:F7:39:54:25:8A
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0C2C
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Mp1ciQH8XOLfPM84XIWa9zlUJYo.roa
Signing time: Fri 01 Sep 2023 09:14:03 +0000
ROA not before: Fri 01 Sep 2023 09:14:03 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 54994
IP address blocks: 61.61.69.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3116 (0xc2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 1 09:14:03 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=329D5C8901FC5CE2DF3CCF385C859AF73954258A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6c:92:3f:2f:1a:2c:3f:b3:4a:4a:24:a2:1e:
64:79:d0:70:59:a9:91:ea:ed:63:9e:22:45:de:c2:
e4:43:91:f5:84:22:6d:f3:79:69:b2:81:e2:b9:cc:
a6:85:12:f7:f4:b5:09:4d:49:ae:de:76:e3:f3:e2:
11:33:18:1b:e0:de:88:f9:9a:ed:3a:d7:d9:6e:15:
ca:42:a7:e6:0d:e4:8a:bf:7c:a3:bc:f1:8e:e5:f4:
a8:d4:a6:ae:6d:25:90:56:ce:1b:65:d7:a0:5b:65:
16:cb:ad:bb:6a:1e:8c:a8:5d:b5:b3:a2:33:9d:ee:
b9:2d:cf:49:3f:e3:fb:b6:1e:d4:6a:62:c1:b6:98:
50:f8:53:40:1f:f7:e0:ad:79:70:0f:d9:d1:21:c6:
b6:56:ac:f0:e6:07:b1:65:50:2c:ff:a6:65:29:13:
38:f5:ec:73:82:f2:08:4c:d2:e9:84:f5:d8:3f:3b:
32:5a:d4:60:be:0c:bd:dc:42:a8:1f:d1:9b:f4:2e:
ca:f0:9c:22:fa:ca:dc:90:98:03:f0:4c:a9:e2:48:
6a:13:f1:25:a5:f3:d9:7a:61:ab:d5:72:aa:f1:58:
e6:96:db:67:15:70:a6:9c:57:84:42:3a:ca:3c:39:
3b:fc:c4:30:70:ee:aa:20:6c:e5:39:58:ec:6e:89:
5b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:9D:5C:89:01:FC:5C:E2:DF:3C:CF:38:5C:85:9A:F7:39:54:25:8A
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/Mp1ciQH8XOLfPM84XIWa9zlUJYo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.69.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:4e:6b:1e:a3:8a:98:27:af:50:b6:54:65:b0:d9:6c:03:71:
c6:31:b5:0c:41:cd:e8:9a:11:e6:c4:06:1d:17:c2:57:0e:83:
cf:85:f1:a7:90:90:ab:3f:c5:fe:d6:f8:e6:8a:ef:f5:d5:37:
63:99:2d:e7:b3:ba:01:95:31:8c:29:37:0e:b9:73:ec:06:e3:
72:2b:d5:7e:03:68:85:99:d0:97:32:3d:13:6c:86:1f:c7:df:
c0:5c:0c:dd:8e:10:cc:9d:5a:38:7b:f2:75:8f:ed:68:f3:6c:
11:dd:ab:96:5e:5c:35:c8:0b:12:1f:7f:ea:b2:e8:fc:9f:19:
4f:47:a9:9c:74:41:dc:b8:39:f8:5f:6e:c2:71:90:bf:39:cd:
ee:a8:a7:65:0e:9d:01:78:64:71:07:29:6d:07:4f:2d:ea:71:
2d:46:aa:93:39:f0:bb:f9:9c:48:8e:7b:a9:35:c1:7c:9f:29:
c9:2b:e3:11:01:ad:36:a5:ce:ff:2c:00:2f:80:16:63:da:3f:
5c:a9:f3:46:86:c0:ce:b0:81:cb:7e:9e:92:db:00:98:79:2e:
0c:0d:0a:71:01:aa:27:1a:13:13:91:c0:11:82:f7:08:c0:af:
0c:8b:e4:16:04:89:7c:56:2d:70:2c:c0:f3:48:8d:9b:ec:fe:
a9:08:05:9d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDCwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA5MDEw
OTE0MDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDMyOUQ1Qzg5MDFGQzVD
RTJERjNDQ0YzODVDODU5QUY3Mzk1NDI1OEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPbJI/LxosP7NKSiSiHmR50HBZqZHq7WOeIkXewuRDkfWEIm3z
eWmygeK5zKaFEvf0tQlNSa7eduPz4hEzGBvg3oj5mu0619luFcpCp+YN5Iq/fKO8
8Y7l9KjUpq5tJZBWzhtl16BbZRbLrbtqHoyoXbWzojOd7rktz0k/4/u2HtRqYsG2
mFD4U0Af9+CteXAP2dEhxrZWrPDmB7FlUCz/pmUpEzj17HOC8ghM0umE9dg/OzJa
1GC+DL3cQqgf0Zv0LsrwnCL6ytyQmAPwTKniSGoT8SWl89l6YavVcqrxWOaW22cV
cKacV4RCOso8OTv8xDBw7qogbOU5WOxuiVvvAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUMp1ciQH8XOLfPM84XIWa9zlUJYowHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL01wMWNpUUg4WE9MZlBNODRYSVdhOXps
VUpZby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9PUUwDQYJ
KoZIhvcNAQELBQADggEBAKZOax6jipgnr1C2VGWw2WwDccYxtQxBzeiaEebEBh0X
wlcOg8+F8aeQkKs/xf7W+OaK7/XVN2OZLeezugGVMYwpNw65c+wG43Ir1X4DaIWZ
0JcyPRNshh/H38BcDN2OEMydWjh78nWP7WjzbBHdq5ZeXDXICxIff+qy6PyfGU9H
qZx0Qdy4OfhfbsJxkL85ze6op2UOnQF4ZHEHKW0HTy3qcS1GqpM58Lv5nEiOe6k1
wXyfKckr4xEBrTalzv8sAC+AFmPaP1yp80aGwM6wgct+npLbAJh5LgwNCnEBqica
ExORwBGC9wjArwyL5BYEiXxWLXAswPNIjZvs/qkIBZ0=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org