Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCHC/iZn1QuS38hUn4WnjE99sv2AolUw.roa
File: iZn1QuS38hUn4WnjE99sv2AolUw.roa (raw, json)
Hash identifier: wb2lACn3Qm6YWdp3Ri3fd3uNtjGO79dxuBumgqup2WM=
Subject key identifier: 89:99:F5:42:E4:B7:F2:15:27:E1:69:E3:13:DF:6C:BF:60:28:95:4C
Certificate issuer: /CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Certificate serial: 0B3C
Authority key identifier: ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/iZn1QuS38hUn4WnjE99sv2AolUw.roa
Signing time: Fri 01 Sep 2023 09:23:57 +0000
ROA not before: Fri 01 Sep 2023 09:23:57 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 7539
IP address blocks: 2001:e10::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2876 (0xb3c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Validity
Not Before: Sep 1 09:23:57 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8999F542E4B7F21527E169E313DF6CBF6028954C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:d3:de:81:5e:af:21:3d:8c:5c:2f:82:a4:
bd:d2:60:56:fa:68:7a:2e:ed:b4:11:4c:e4:82:ed:
05:ca:3c:db:c2:59:5a:1b:f5:7d:af:aa:33:c9:d7:
6b:45:e7:58:ca:f2:20:e4:6c:54:e2:56:62:3a:58:
65:4c:84:7c:65:ff:56:2d:85:c9:91:d1:6b:7a:38:
38:9e:d4:5e:07:f4:7e:0c:61:23:56:41:ee:fc:8a:
60:85:92:3d:3e:0c:2b:cb:ee:3c:c3:0c:70:e5:02:
5d:73:e6:50:ba:11:9b:10:67:28:7f:39:cd:18:f2:
94:88:3b:16:ec:fd:b5:8e:28:14:0b:77:7f:31:d0:
96:8f:57:1d:bd:5b:dd:af:1a:82:95:3f:ba:a9:ef:
53:e5:06:ac:fe:41:5f:bb:b0:43:d4:38:02:66:9e:
50:68:21:5f:0e:f0:f4:ac:7b:b6:12:8b:ff:b0:31:
ce:7d:b0:d6:6e:ec:0d:8e:8e:e8:49:26:c2:f1:d0:
b3:47:37:2d:d5:1a:49:e6:bf:fc:1b:8f:e0:a7:67:
c2:2d:f8:24:1e:cc:0a:34:6c:b5:e7:b6:22:2f:43:
dd:05:63:b5:8d:ef:3f:00:f6:cd:b1:7b:7d:b2:75:
7d:28:09:a7:65:ae:73:fb:ec:b4:6c:f1:4f:a6:39:
3f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:99:F5:42:E4:B7:F2:15:27:E1:69:E3:13:DF:6C:BF:60:28:95:4C
X509v3 Authority Key Identifier:
keyid:ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/iZn1QuS38hUn4WnjE99sv2AolUw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:e10::/32
Signature Algorithm: sha256WithRSAEncryption
66:e1:e7:26:25:84:4d:0c:12:4e:f0:3f:15:85:e3:b0:c3:0d:
68:ee:c1:f2:df:58:ce:30:56:e8:aa:f3:6f:d2:4d:a7:69:e3:
d8:22:53:76:17:50:33:16:0d:e4:44:9e:5a:29:aa:8b:2b:4b:
96:6d:df:c0:53:20:4f:d5:e9:84:62:07:ce:c7:51:88:e4:c4:
aa:63:18:a4:4e:3c:ef:42:6b:e1:ca:ce:14:be:91:fa:3c:33:
df:38:08:48:3c:22:83:63:40:c6:be:71:16:db:c1:79:9f:28:
e8:a8:0b:0b:b2:01:3c:00:c5:c7:f1:4b:18:3c:34:17:d0:ce:
1a:da:4b:bb:b6:f1:a0:e9:88:36:88:1a:0e:6c:f3:ca:b2:03:
e8:a0:3a:76:40:fd:15:24:2a:fb:cb:4d:80:85:68:dc:51:a6:
6e:e3:f6:c1:28:57:63:88:98:55:ee:5b:c2:a9:1d:79:88:8a:
04:b0:2e:2c:5e:80:17:ce:47:e1:41:51:f5:d7:da:1c:b5:e3:
7a:d4:3a:8f:d3:ce:07:30:1d:4f:b0:94:c4:ff:87:ee:e2:d8:
2c:e6:46:46:3a:39:92:d8:ac:2d:00:7b:69:8b:e8:a0:ca:2f:
ea:d6:c3:c7:7c:fb:4c:23:55:35:f7:0a:ce:3f:1c:f9:70:2e:
83:f3:5b:93
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCzwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQz
ODY4NUZGM0VBMUY0NjY4NURFNUY1N0M2QTRCODEwNDQ4MTg5MTAeFw0yMzA5MDEw
OTIzNTdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg5OTlGNTQyRTRCN0Yy
MTUyN0UxNjlFMzEzREY2Q0JGNjAyODk1NEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvIdPegV6vIT2MXC+CpL3SYFb6aHou7bQRTOSC7QXKPNvCWVob
9X2vqjPJ12tF51jK8iDkbFTiVmI6WGVMhHxl/1YthcmR0Wt6ODie1F4H9H4MYSNW
Qe78imCFkj0+DCvL7jzDDHDlAl1z5lC6EZsQZyh/Oc0Y8pSIOxbs/bWOKBQLd38x
0JaPVx29W92vGoKVP7qp71PlBqz+QV+7sEPUOAJmnlBoIV8O8PSse7YSi/+wMc59
sNZu7A2OjuhJJsLx0LNHNy3VGknmv/wbj+CnZ8It+CQezAo0bLXntiIvQ90FY7WN
7z8A9s2xe32ydX0oCadlrnP77LRs8U+mOT8lAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUiZn1QuS38hUn4WnjE99sv2AolUwwHwYDVR0jBBgwFoAU7ThoX/PqH0ZoXeX1
fGpLgQRIGJEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNIQy83
VGhvWF9QcUgwWm9YZVgxZkdwTGdRUklHSkUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzdUaG9YX1BxSDBab1hlWDFmR3BMZ1FSSUdKRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSEMvaVpuMVF1UzM4aFVuNFduakU5OXN2
MkFvbFV3LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACABDhAw
DQYJKoZIhvcNAQELBQADggEBAGbh5yYlhE0MEk7wPxWF47DDDWjuwfLfWM4wVuiq
82/STadp49giU3YXUDMWDeREnlopqosrS5Zt38BTIE/V6YRiB87HUYjkxKpjGKRO
PO9Ca+HKzhS+kfo8M984CEg8IoNjQMa+cRbbwXmfKOioCwuyATwAxcfxSxg8NBfQ
zhraS7u28aDpiDaIGg5s88qyA+igOnZA/RUkKvvLTYCFaNxRpm7j9sEoV2OImFXu
W8KpHXmIigSwLixegBfOR+FBUfXX2hy143rUOo/TzgcwHU+wlMT/h+7i2CzmRkY6
OZLYrC0Ae2mL6KDKL+rWw8d8+0wjVTX3Cs4/HPlwLoPzW5M=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:21 2024 by rpki-client on console-fra.rpki-client.org