Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/kXt5IedrFoQvuH12ZFRcHUqBidM.roa
File: kXt5IedrFoQvuH12ZFRcHUqBidM.roa (raw, json)
Hash identifier: neyqP+dFy1iD0sitK/tGQXtdpGFSgie7TxsSkdED+qU=
Subject key identifier: 91:7B:79:21:E7:6B:16:84:2F:B8:7D:76:64:54:5C:1D:4A:81:89:D3
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0C1B
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/kXt5IedrFoQvuH12ZFRcHUqBidM.roa
Signing time: Fri 01 Sep 2023 09:13:59 +0000
ROA not before: Fri 01 Sep 2023 09:13:59 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18049
IP address blocks: 61.61.8.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3099 (0xc1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 1 09:13:59 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=917B7921E76B16842FB87D7664545C1D4A8189D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:02:98:b5:85:54:4d:8c:fb:a8:7c:20:31:43:
4a:ba:1d:cc:dd:57:0d:d3:a4:e9:fc:b4:a8:16:ec:
a3:99:0e:d1:0b:ff:c5:06:1c:bb:37:f1:f7:78:c8:
e9:c9:48:7e:32:34:3f:aa:17:00:c8:07:60:02:38:
40:8b:60:f5:9f:ee:f1:af:b2:f7:c8:e6:f4:f8:1d:
0d:81:51:74:4b:f9:e1:aa:41:4f:7d:88:bd:ef:8a:
e3:95:49:4a:c7:96:b8:98:09:c3:a1:e3:5b:d0:30:
4a:17:60:d4:f0:b6:de:52:60:08:31:e2:88:05:c5:
83:4f:78:5f:6d:85:ee:da:bf:c9:b6:4a:16:d7:97:
db:4e:75:82:62:65:8c:19:50:57:dd:2e:e9:5d:e9:
e1:1e:d8:55:85:6e:6f:19:00:eb:66:45:7e:d2:2a:
af:21:6c:21:41:40:22:84:6b:b2:2c:ac:be:68:70:
94:26:3e:61:30:17:28:32:87:eb:a0:e0:c6:a3:4a:
52:0b:39:8e:0d:6e:48:9c:5d:14:b8:16:87:f3:a2:
88:93:19:16:5f:3d:ec:8a:48:5d:aa:78:ab:cc:41:
43:31:cf:27:ea:19:aa:7e:38:53:de:fe:cb:83:92:
35:b8:6f:f4:cb:72:78:a3:33:71:b6:d2:bf:87:3d:
dd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7B:79:21:E7:6B:16:84:2F:B8:7D:76:64:54:5C:1D:4A:81:89:D3
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/kXt5IedrFoQvuH12ZFRcHUqBidM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.61.8.0/21
Signature Algorithm: sha256WithRSAEncryption
37:bc:7d:63:21:05:cf:f4:d7:9e:60:b1:cd:dc:39:65:ff:58:
c2:52:fa:4c:33:cc:d2:6a:b7:1b:0d:16:71:d7:b5:b4:88:a6:
86:ec:85:59:de:ab:20:fc:f2:f3:71:42:ce:f3:8a:84:b7:ae:
ad:ee:c3:7d:8b:ce:f1:26:c6:10:17:d7:7d:3b:f8:6d:5c:34:
29:37:b8:9d:0a:a1:cf:4e:dd:1e:93:97:bb:72:cd:93:7c:6d:
5b:8f:1b:ed:9e:e5:4a:49:86:ab:a0:63:5c:fd:1a:3f:ae:c5:
00:55:28:56:1a:f6:35:5c:87:ec:b9:67:9b:fd:66:c3:a8:9f:
12:1e:4d:48:56:dc:12:23:e5:0a:f7:68:e9:20:26:3b:6b:42:
88:a7:79:12:47:1d:a0:c5:21:00:6d:aa:ef:9c:59:9e:bd:6a:
a6:a7:ae:ae:10:1f:c9:fb:0d:33:41:e8:76:84:c1:df:a9:94:
b8:80:66:68:1d:37:d0:21:cf:89:c6:f5:cb:18:c7:c3:ab:7c:
13:d7:3c:b3:1f:1f:eb:83:ef:e2:b9:e3:8c:b4:6a:3c:09:bd:
1c:5e:84:5d:c1:64:43:47:26:2f:aa:f2:84:b0:37:e6:3a:5e:
b7:82:bf:e4:db:d0:50:55:ee:93:ae:05:0c:d1:1a:bf:08:62:
35:04:55:7d
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDBswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA5MDEw
OTEzNTlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkxN0I3OTIxRTc2QjE2
ODQyRkI4N0Q3NjY0NTQ1QzFENEE4MTg5RDMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0Api1hVRNjPuofCAxQ0q6HczdVw3TpOn8tKgW7KOZDtEL/8UG
HLs38fd4yOnJSH4yND+qFwDIB2ACOECLYPWf7vGvsvfI5vT4HQ2BUXRL+eGqQU99
iL3viuOVSUrHlriYCcOh41vQMEoXYNTwtt5SYAgx4ogFxYNPeF9the7av8m2ShbX
l9tOdYJiZYwZUFfdLuld6eEe2FWFbm8ZAOtmRX7SKq8hbCFBQCKEa7IsrL5ocJQm
PmEwFygyh+ug4MajSlILOY4NbkicXRS4FofzooiTGRZfPeyKSF2qeKvMQUMxzyfq
Gap+OFPe/suDkjW4b/TLcnijM3G20r+HPd3bAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUkXt5IedrFoQvuH12ZFRcHUqBidMwHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL2tYdDVJZWRyRm9RdnVIMTJaRlJjSFVx
QmlkTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAM9PQgwDQYJ
KoZIhvcNAQELBQADggEBADe8fWMhBc/0155gsc3cOWX/WMJS+kwzzNJqtxsNFnHX
tbSIpobshVneqyD88vNxQs7zioS3rq3uw32LzvEmxhAX1307+G1cNCk3uJ0Koc9O
3R6Tl7tyzZN8bVuPG+2e5UpJhqugY1z9Gj+uxQBVKFYa9jVch+y5Z5v9ZsOonxIe
TUhW3BIj5Qr3aOkgJjtrQoineRJHHaDFIQBtqu+cWZ69aqanrq4QH8n7DTNB6HaE
wd+plLiAZmgdN9Ahz4nG9csYx8OrfBPXPLMfH+uD7+K544y0ajwJvRxehF3BZENH
Ji+q8oSwN+Y6XreCv+Tb0FBV7pOuBQzRGr8IYjUEVX0=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org