Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/KGT/yLLwpp3hAlnIcM6Yg2sxdxmS6js.roa
File: yLLwpp3hAlnIcM6Yg2sxdxmS6js.roa (raw, json)
Hash identifier: G3Ea8bmV6NhDowaYfgcN2wFaMyBDffciF8jQ23Nv9kc=
Subject key identifier: C8:B2:F0:A6:9D:E1:02:59:C8:70:CE:98:83:6B:31:77:19:92:EA:3B
Certificate issuer: /CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Certificate serial: 0C22
Authority key identifier: 47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/yLLwpp3hAlnIcM6Yg2sxdxmS6js.roa
Signing time: Fri 01 Sep 2023 09:14:01 +0000
ROA not before: Fri 01 Sep 2023 09:14:01 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 4780
IP address blocks: 211.78.4.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3106 (0xc22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4772F715345B542E1D708BCB2571FCD72DD26BF3
Validity
Not Before: Sep 1 09:14:01 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=C8B2F0A69DE10259C870CE98836B31771992EA3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e6:dd:a3:df:0c:3d:80:a1:2d:4f:84:38:73:
b9:a9:66:27:24:fb:ae:18:f6:38:dc:ef:4c:75:02:
db:ab:e6:8c:b2:f4:dc:1e:e8:79:c9:8c:43:88:89:
1c:05:28:18:f8:7c:e9:fa:ba:c4:26:fe:9b:80:2b:
41:86:f6:27:3a:aa:4e:a0:09:23:38:37:22:b1:93:
55:43:19:63:dc:07:85:43:05:5f:24:64:2d:ed:8e:
df:e8:f3:12:26:ef:38:0d:59:28:44:cf:40:36:33:
c1:46:c3:93:28:95:2c:04:11:66:16:e2:1e:b5:ac:
67:12:39:91:bd:ae:7a:7e:1b:5a:f9:4b:c8:8c:43:
39:06:24:fc:44:c1:9f:ce:f1:9f:d6:74:b2:a2:e2:
d5:a7:fe:96:89:8a:a5:a4:2a:0b:d4:7a:12:00:b6:
74:f3:f3:5e:f8:68:d2:80:e6:40:c0:85:0f:ee:26:
79:b1:95:4b:02:d6:d3:19:67:bf:89:4c:48:a6:07:
94:01:02:93:04:15:c7:9d:b5:b2:df:6e:28:f8:6b:
12:7b:ed:ae:4d:4b:77:0d:53:d7:5b:eb:88:e3:37:
eb:3b:36:fc:17:33:36:b1:d2:66:f7:98:bb:e1:63:
52:b7:e5:42:44:4b:d1:f8:b7:10:18:50:7e:8a:ef:
96:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:B2:F0:A6:9D:E1:02:59:C8:70:CE:98:83:6B:31:77:19:92:EA:3B
X509v3 Authority Key Identifier:
keyid:47:72:F7:15:34:5B:54:2E:1D:70:8B:CB:25:71:FC:D7:2D:D2:6B:F3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/R3L3FTRbVC4dcIvLJXH81y3Sa_M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/R3L3FTRbVC4dcIvLJXH81y3Sa_M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KGT/yLLwpp3hAlnIcM6Yg2sxdxmS6js.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.78.4.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:0c:a9:89:ac:d5:f9:69:79:58:de:20:fc:e4:6b:0c:0f:4f:
22:4c:cb:ae:2c:46:39:e5:11:a6:35:ee:b8:1c:a9:36:48:0e:
ce:2f:eb:11:07:5a:01:5e:76:88:b8:2c:30:af:99:18:bb:92:
de:32:ff:30:75:6e:04:70:33:5c:9e:8c:a8:0b:99:6b:08:46:
c5:40:34:43:3e:80:a2:92:0c:77:42:3b:8f:ba:3e:25:04:ad:
1f:44:d5:33:e3:f6:19:f0:d4:b5:ae:1a:7c:39:85:5f:13:13:
ea:77:a2:cd:4e:f5:71:3e:c9:b9:48:81:23:df:01:6e:47:27:
39:8e:4c:37:2a:a6:8c:27:24:e0:92:9a:1f:e8:cf:46:e0:b5:
8e:18:56:9b:31:cc:33:2a:f2:1c:bf:23:66:e4:95:eb:04:e3:
28:68:87:44:e7:09:8d:cd:b9:39:07:42:04:3e:48:b9:2a:aa:
f9:b4:73:2d:8e:05:1d:17:92:d4:86:1a:cf:f5:77:76:92:af:
9c:74:f1:bc:50:2e:5b:eb:77:06:83:40:d1:5e:90:32:a1:05:
ac:26:cc:53:31:bb:fc:cb:93:d8:dc:ba:c6:a4:20:71:40:a7:
dc:ee:7f:72:10:86:25:e6:de:39:7a:71:2a:11:56:90:c4:30:
b1:91:2e:d0
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDc3
MkY3MTUzNDVCNTQyRTFENzA4QkNCMjU3MUZDRDcyREQyNkJGMzAeFw0yMzA5MDEw
OTE0MDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEM4QjJGMEE2OURFMTAy
NTlDODcwQ0U5ODgzNkIzMTc3MTk5MkVBM0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDS5t2j3ww9gKEtT4Q4c7mpZick+64Y9jjc70x1Atur5oyy9Nwe
6HnJjEOIiRwFKBj4fOn6usQm/puAK0GG9ic6qk6gCSM4NyKxk1VDGWPcB4VDBV8k
ZC3tjt/o8xIm7zgNWShEz0A2M8FGw5MolSwEEWYW4h61rGcSOZG9rnp+G1r5S8iM
QzkGJPxEwZ/O8Z/WdLKi4tWn/paJiqWkKgvUehIAtnTz8174aNKA5kDAhQ/uJnmx
lUsC1tMZZ7+JTEimB5QBApMEFcedtbLfbij4axJ77a5NS3cNU9db64jjN+s7NvwX
Mzax0mb3mLvhY1K35UJES9H4txAYUH6K75bJAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUyLLwpp3hAlnIcM6Yg2sxdxmS6jswHwYDVR0jBBgwFoAUR3L3FTRbVC4dcIvL
JXH81y3Sa/MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL1Iz
TDNGVFJiVkM0ZGNJdkxKWEg4MXkzU2FfTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UjNMM0ZUUmJWQzRkY0l2TEpYSDgxeTNTYV9NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvS0dUL3lMTHdwcDNoQWxuSWNNNllnMnN4ZHht
UzZqcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALTTgQwDQYJ
KoZIhvcNAQELBQADggEBAIoMqYms1flpeVjeIPzkawwPTyJMy64sRjnlEaY17rgc
qTZIDs4v6xEHWgFedoi4LDCvmRi7kt4y/zB1bgRwM1yejKgLmWsIRsVANEM+gKKS
DHdCO4+6PiUErR9E1TPj9hnw1LWuGnw5hV8TE+p3os1O9XE+yblIgSPfAW5HJzmO
TDcqpownJOCSmh/oz0bgtY4YVpsxzDMq8hy/I2bklesE4yhoh0TnCY3NuTkHQgQ+
SLkqqvm0cy2OBR0XktSGGs/1d3aSr5x08bxQLlvrdwaDQNFekDKhBawmzFMxu/zL
k9jcusakIHFAp9zuf3IQhiXm3jl6cSoRVpDEMLGRLtA=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:14 2024 by rpki-client on console-ams.rpki-client.org