Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LEOLCY/UsdmJ6l8ALZB-3ZVNQ3_7ce5AqQ.roa
File: UsdmJ6l8ALZB-3ZVNQ3_7ce5AqQ.roa (raw, json)
Hash identifier: o1l/mk/FpICvWmnKtG1BQHE5kjQrX2KYCmWTfoWmr/g=
Subject key identifier: 52:C7:66:27:A9:7C:00:B6:41:FB:76:55:35:0D:FF:ED:C7:B9:02:A4
Certificate issuer: /CN=3D685193B8FAF2537E5A1385E03D19FE89742A8B
Certificate serial: 0AC5
Authority key identifier: 3D:68:51:93:B8:FA:F2:53:7E:5A:13:85:E0:3D:19:FE:89:74:2A:8B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PWhRk7j68lN-WhOF4D0Z_ol0Kos.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LEOLCY/UsdmJ6l8ALZB-3ZVNQ3_7ce5AqQ.roa
Signing time: Fri 01 Sep 2023 09:15:48 +0000
ROA not before: Fri 01 Sep 2023 09:15:48 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9304
IP address blocks: 103.17.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2757 (0xac5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3D685193B8FAF2537E5A1385E03D19FE89742A8B
Validity
Not Before: Sep 1 09:15:48 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=52C76627A97C00B641FB7655350DFFEDC7B902A4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e2:c4:67:41:17:bc:2d:b1:ca:6f:25:31:21:
bf:70:00:3e:6e:6b:10:17:f7:ba:fe:c0:f5:a4:57:
2f:e3:75:53:78:86:82:ed:c1:ea:36:8d:1d:1a:94:
c5:2e:f0:bd:8a:ca:f6:c1:b0:76:da:cb:b7:98:dd:
00:82:de:43:7d:c1:35:54:0e:91:60:1a:c8:c1:a4:
0d:19:95:38:f9:6e:89:15:06:85:ff:6d:4d:8c:0d:
a5:5e:bb:c9:4b:c7:bb:bc:9c:d7:7c:ea:8e:94:e5:
13:d5:36:48:73:f4:59:34:6f:33:e2:2a:44:36:f1:
55:0c:6a:e6:52:da:be:93:bb:37:b7:82:84:e9:35:
da:39:41:a7:39:68:a8:a9:0f:23:76:1f:c4:90:f2:
fb:17:8b:3d:fd:5d:50:f6:fd:52:28:a7:fe:93:70:
61:3b:1f:c3:b2:64:39:fe:b2:31:66:31:5a:92:b5:
d3:c1:25:45:cf:70:27:fa:31:4e:9b:39:50:7d:c7:
2b:ed:7e:81:df:b3:cb:39:95:ff:d2:2f:3b:88:37:
6f:80:fc:8e:32:81:a1:ea:7f:3c:36:db:f2:08:10:
dc:0f:07:f2:0c:2a:2d:b3:b5:74:44:ac:e4:cd:ea:
a3:49:3a:3b:3a:9b:2d:d0:d6:0c:78:c5:9b:7a:d3:
30:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:C7:66:27:A9:7C:00:B6:41:FB:76:55:35:0D:FF:ED:C7:B9:02:A4
X509v3 Authority Key Identifier:
keyid:3D:68:51:93:B8:FA:F2:53:7E:5A:13:85:E0:3D:19:FE:89:74:2A:8B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LEOLCY/PWhRk7j68lN-WhOF4D0Z_ol0Kos.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PWhRk7j68lN-WhOF4D0Z_ol0Kos.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LEOLCY/UsdmJ6l8ALZB-3ZVNQ3_7ce5AqQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.17.240.0/22
Signature Algorithm: sha256WithRSAEncryption
b9:8b:45:0d:f9:ac:41:11:e5:c4:0f:24:67:ee:ce:7f:76:68:
12:37:48:50:c2:f2:a2:e9:a2:b1:b6:55:15:77:7f:2b:a5:dc:
78:28:1f:6f:3d:97:a6:50:35:e2:d6:85:f4:f2:5d:da:f3:42:
a1:ff:3d:66:9c:2d:d6:3e:88:c3:21:f1:e7:22:85:02:0b:0c:
df:b8:b4:8d:d1:c1:21:e0:d2:8c:66:e8:ca:7c:72:1c:db:f2:
b1:c6:d3:f0:86:49:15:6c:85:6f:8a:36:cc:c0:45:40:db:d5:
e2:82:77:9d:ad:3a:2a:22:f3:16:6a:05:f6:70:dd:c7:58:85:
35:b7:27:80:9d:4d:43:93:c4:f8:26:5a:f8:03:d9:4a:2b:b0:
18:0d:ae:9b:80:6b:b2:75:ed:6c:e4:fb:d0:a8:d1:f8:09:b9:
c5:7f:1e:91:cb:34:41:b8:15:b6:08:f1:c4:de:a9:62:47:cb:
ff:6a:78:f7:ff:f3:90:61:2a:10:3b:86:f5:e4:9a:13:b8:e4:
b8:87:17:e2:f8:61:cb:38:e7:60:9d:b0:59:5a:c3:f8:bf:26:
77:b7:71:06:18:8b:ac:40:5c:6f:df:12:f3:ef:b1:a9:68:55:
0f:55:a7:4a:19:88:66:fe:07:30:d9:43:c3:e4:0f:45:21:8d:
c7:73:b6:0e
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCsUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0Q2
ODUxOTNCOEZBRjI1MzdFNUExMzg1RTAzRDE5RkU4OTc0MkE4QjAeFw0yMzA5MDEw
OTE1NDhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDUyQzc2NjI3QTk3QzAw
QjY0MUZCNzY1NTM1MERGRkVEQzdCOTAyQTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC44sRnQRe8LbHKbyUxIb9wAD5uaxAX97r+wPWkVy/jdVN4hoLt
weo2jR0alMUu8L2KyvbBsHbay7eY3QCC3kN9wTVUDpFgGsjBpA0ZlTj5bokVBoX/
bU2MDaVeu8lLx7u8nNd86o6U5RPVNkhz9Fk0bzPiKkQ28VUMauZS2r6Tuze3goTp
Ndo5Qac5aKipDyN2H8SQ8vsXiz39XVD2/VIop/6TcGE7H8OyZDn+sjFmMVqStdPB
JUXPcCf6MU6bOVB9xyvtfoHfs8s5lf/SLzuIN2+A/I4ygaHqfzw22/IIENwPB/IM
Ki2ztXRErOTN6qNJOjs6my3Q1gx4xZt60zARAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUUsdmJ6l8ALZB+3ZVNQ3/7ce5AqQwHwYDVR0jBBgwFoAUPWhRk7j68lN+WhOF
4D0Z/ol0KoswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVPTENZ
L1BXaFJrN2o2OGxOLVdoT0Y0RDBaX29sMEtvcy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvUFdoUms3ajY4bE4tV2hPRjREMFpfb2wwS29zLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvTEVPTENZL1VzZG1KNmw4QUxaQi0zWlZO
UTNfN2NlNUFxUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn
EfAwDQYJKoZIhvcNAQELBQADggEBALmLRQ35rEER5cQPJGfuzn92aBI3SFDC8qLp
orG2VRV3fyul3HgoH289l6ZQNeLWhfTyXdrzQqH/PWacLdY+iMMh8ecihQILDN+4
tI3RwSHg0oxm6Mp8chzb8rHG0/CGSRVshW+KNszARUDb1eKCd52tOioi8xZqBfZw
3cdYhTW3J4CdTUOTxPgmWvgD2UorsBgNrpuAa7J17Wzk+9Co0fgJucV/HpHLNEG4
FbYI8cTeqWJHy/9qePf/85BhKhA7hvXkmhO45LiHF+L4Ycs452CdsFlaw/i/Jne3
cQYYi6xAXG/fEvPvsaloVQ9Vp0oZiGb+BzDZQ8PkD0Uhjcdztg4=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:21 2024 by rpki-client on console-fra.rpki-client.org