Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/MCK/DImpBq7b7rA6UNHBZYcIsT2_nX8.roa
File: DImpBq7b7rA6UNHBZYcIsT2_nX8.roa (raw, json)
Hash identifier: 501+620X7cGvl1j/4fPYejmzRv9Xi1mKkP1r7M5rN+I=
Subject key identifier: 0C:89:A9:06:AE:DB:EE:B0:3A:50:D1:C1:65:87:08:B1:3D:BF:9D:7F
Certificate issuer: /CN=83CF8C19843BACDE6445D4BD4A1E66441B23F3E3
Certificate serial: 072D
Authority key identifier: 83:CF:8C:19:84:3B:AC:DE:64:45:D4:BD:4A:1E:66:44:1B:23:F3:E3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/DImpBq7b7rA6UNHBZYcIsT2_nX8.roa
Signing time: Fri 01 Sep 2023 09:19:06 +0000
ROA not before: Fri 01 Sep 2023 09:19:06 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131618
IP address blocks: 103.148.68.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1837 (0x72d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83CF8C19843BACDE6445D4BD4A1E66441B23F3E3
Validity
Not Before: Sep 1 09:19:06 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0C89A906AEDBEEB03A50D1C1658708B13DBF9D7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4f:34:13:f2:21:4a:5b:df:1a:59:f6:38:a7:
09:14:57:43:b8:51:aa:c5:42:3c:39:1c:35:5a:cf:
b5:40:d4:c9:c4:c6:bf:b8:f5:74:0f:6c:82:68:da:
d6:33:1b:c5:d4:93:e3:8b:00:f9:1e:cd:e1:f5:a3:
19:d6:9c:c4:a1:f9:eb:ad:80:a2:b2:9a:37:f7:db:
8b:f1:b6:d3:f6:1c:be:1d:cd:a4:f2:27:0e:14:d8:
4c:3c:ec:8c:9c:e5:f8:ab:a4:c9:28:82:ce:e6:19:
05:3a:1a:5a:0c:71:13:1b:bf:d0:32:ad:f8:a5:4d:
e0:c4:82:47:62:21:9a:ec:08:84:28:41:4b:4b:d1:
15:40:ea:2c:c2:53:36:7a:4a:5b:28:85:db:ab:47:
d3:a4:7c:e2:26:cd:c0:68:23:d5:6e:ba:70:2a:38:
f3:a8:bc:b8:c3:66:60:33:d2:77:d4:83:1b:59:1d:
fe:41:af:0d:79:3b:8d:d8:82:aa:75:c1:02:f5:24:
54:d7:0c:b3:58:42:72:75:a8:88:ad:a1:74:c3:0e:
d3:e1:80:d6:b7:b2:0d:a7:21:de:ce:50:dd:8f:dc:
48:dc:a6:ad:8b:6b:63:59:63:26:3a:cd:42:cd:2c:
82:23:59:6b:14:30:09:b5:55:00:06:03:37:d8:e2:
a7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:89:A9:06:AE:DB:EE:B0:3A:50:D1:C1:65:87:08:B1:3D:BF:9D:7F
X509v3 Authority Key Identifier:
keyid:83:CF:8C:19:84:3B:AC:DE:64:45:D4:BD:4A:1E:66:44:1B:23:F3:E3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/g8-MGYQ7rN5kRdS9Sh5mRBsj8-M.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MCK/DImpBq7b7rA6UNHBZYcIsT2_nX8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.148.68.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:1b:07:5b:ad:e1:53:ed:cf:31:e7:24:a6:ac:cd:5b:0f:9d:
59:24:b0:2b:1c:17:23:b5:1c:e8:04:04:6e:a2:4e:8f:8f:69:
49:56:37:e5:0c:3c:1a:27:e4:50:66:ca:45:a8:95:57:09:0d:
5f:6b:c5:16:8c:42:5e:81:31:26:87:33:8a:d1:86:75:93:dd:
d6:be:be:19:c1:9c:a5:1a:18:f2:bb:0b:9e:27:d1:b0:b5:b6:
a6:2b:cc:cc:99:7f:48:ca:a8:24:26:e9:7f:6b:e5:aa:90:ae:
9f:47:7d:a4:6e:a1:44:9f:36:a5:4b:01:78:29:3d:48:30:a2:
ff:df:72:4e:45:a4:42:bd:c3:2c:2f:de:ec:d1:57:ca:3d:c1:
aa:54:96:96:0b:86:8f:c8:81:93:01:27:fb:f4:e7:28:33:cc:
84:57:5b:dc:b5:de:3a:5d:98:8c:e6:9f:90:7f:d2:f1:db:95:
b5:89:5e:f6:6b:3c:e2:4f:21:c2:d4:a5:4b:69:49:aa:d6:f2:
85:f4:44:98:05:bd:03:3d:84:0e:6b:12:90:b3:b0:f2:d6:51:
60:8f:5b:57:c0:b3:b1:e6:b8:d2:22:06:9b:9f:4f:57:06:4e:
f6:11:21:a7:8e:c2:1d:f7:01:15:8b:a2:a3:dc:b6:ba:3f:c3:
a8:e6:8a:9b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICBy0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODND
RjhDMTk4NDNCQUNERTY0NDVENEJENEExRTY2NDQxQjIzRjNFMzAeFw0yMzA5MDEw
OTE5MDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBDODlBOTA2QUVEQkVF
QjAzQTUwRDFDMTY1ODcwOEIxM0RCRjlEN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvTzQT8iFKW98aWfY4pwkUV0O4UarFQjw5HDVaz7VA1MnExr+4
9XQPbIJo2tYzG8XUk+OLAPkezeH1oxnWnMSh+eutgKKymjf324vxttP2HL4dzaTy
Jw4U2Ew87Iyc5firpMkogs7mGQU6GloMcRMbv9AyrfilTeDEgkdiIZrsCIQoQUtL
0RVA6izCUzZ6SlsohdurR9OkfOImzcBoI9VuunAqOPOovLjDZmAz0nfUgxtZHf5B
rw15O43Ygqp1wQL1JFTXDLNYQnJ1qIitoXTDDtPhgNa3sg2nId7OUN2P3Ejcpq2L
a2NZYyY6zULNLIIjWWsUMAm1VQAGAzfY4qe/AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUDImpBq7b7rA6UNHBZYcIsT2/nX8wHwYDVR0jBBgwFoAUg8+MGYQ7rN5kRdS9
Sh5mRBsj8+MwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTUNLL2c4
LU1HWVE3ck41a1JkUzlTaDVtUkJzajgtTS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZzgtTUdZUTdyTjVrUmRTOVNoNW1SQnNqOC1NLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvTUNLL0RJbXBCcTdiN3JBNlVOSEJaWWNJc1Qy
X25YOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlEQwDQYJ
KoZIhvcNAQELBQADggEBAEobB1ut4VPtzzHnJKaszVsPnVkksCscFyO1HOgEBG6i
To+PaUlWN+UMPBon5FBmykWolVcJDV9rxRaMQl6BMSaHM4rRhnWT3da+vhnBnKUa
GPK7C54n0bC1tqYrzMyZf0jKqCQm6X9r5aqQrp9HfaRuoUSfNqVLAXgpPUgwov/f
ck5FpEK9wywv3uzRV8o9wapUlpYLho/IgZMBJ/v05ygzzIRXW9y13jpdmIzmn5B/
0vHblbWJXvZrPOJPIcLUpUtpSarW8oX0RJgFvQM9hA5rEpCzsPLWUWCPW1fAs7Hm
uNIiBpufT1cGTvYRIaeOwh33ARWLoqPctro/w6jmips=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:21 2024 by rpki-client on console-fra.rpki-client.org