Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCREE/HnzYAUtr7HUuWh574rthM9NMv1I.roa
File: HnzYAUtr7HUuWh574rthM9NMv1I.roa (raw, json)
Hash identifier: f+u+RfEtdDrnf9sFwCrhCGnbZMBn1zktBGdetvvu4+w=
Subject key identifier: 1E:7C:D8:01:4B:6B:EC:75:2E:5A:1E:7B:E2:BB:61:33:D3:4C:BF:52
Certificate issuer: /CN=3B49B87A3FF389634C7D090D76DAEAA96FEEFD90
Certificate serial: 0B29
Authority key identifier: 3B:49:B8:7A:3F:F3:89:63:4C:7D:09:0D:76:DA:EA:A9:6F:EE:FD:90
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/HnzYAUtr7HUuWh574rthM9NMv1I.roa
Signing time: Fri 01 Sep 2023 09:25:52 +0000
ROA not before: Fri 01 Sep 2023 09:25:52 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18183
IP address blocks: 202.5.12.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2857 (0xb29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3B49B87A3FF389634C7D090D76DAEAA96FEEFD90
Validity
Not Before: Sep 1 09:25:52 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1E7CD8014B6BEC752E5A1E7BE2BB6133D34CBF52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:b3:f2:c5:f3:5a:b5:06:c9:72:5e:7c:99:73:
f6:26:91:32:3a:83:cf:99:ed:81:3e:ce:fd:31:27:
94:9a:35:ce:e7:e3:58:e7:65:3d:2a:d4:1e:07:9a:
94:0e:4a:91:7a:ba:06:d9:d6:80:80:2f:b2:f9:ce:
66:97:e1:c9:4f:de:c3:a6:5f:21:26:11:13:60:4e:
3c:c6:37:fb:3d:ae:f4:2f:72:48:8b:f2:1c:24:5c:
43:1f:94:e0:b6:7e:34:b6:f9:9c:87:ef:56:c0:6d:
fd:c0:d5:70:e0:82:60:5c:7d:ad:a6:d2:08:16:5f:
a0:29:9c:95:1c:47:55:12:3f:96:81:84:c9:ab:13:
ac:78:24:62:ae:eb:0f:dc:fa:4b:78:18:7b:ab:b7:
bb:ba:20:90:c4:82:37:76:5e:05:24:68:c4:7b:cb:
eb:cc:3f:2c:a9:13:90:13:43:b8:af:51:79:b5:ca:
64:a6:5e:60:01:ca:3a:5f:54:2e:d1:0f:e3:2f:a3:
b7:85:e8:0c:4c:2a:46:15:09:0d:a3:ef:c7:9e:5a:
97:d2:61:51:41:76:dc:33:e6:05:85:eb:54:20:e1:
0f:e6:5c:ac:bf:d4:93:9f:8f:d7:46:a2:19:f9:ee:
e0:a0:ce:f0:43:77:77:d8:d5:ad:38:84:5d:f8:f3:
17:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7C:D8:01:4B:6B:EC:75:2E:5A:1E:7B:E2:BB:61:33:D3:4C:BF:52
X509v3 Authority Key Identifier:
keyid:3B:49:B8:7A:3F:F3:89:63:4C:7D:09:0D:76:DA:EA:A9:6F:EE:FD:90
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O0m4ej_ziWNMfQkNdtrqqW_u_ZA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCREE/HnzYAUtr7HUuWh574rthM9NMv1I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.5.12.0/22
Signature Algorithm: sha256WithRSAEncryption
08:86:b4:f6:c5:8d:83:0d:af:f2:ae:db:58:7a:39:00:66:4a:
a6:af:ad:ea:a8:22:5a:96:f6:0d:9c:8d:65:c2:2f:ba:21:0e:
1f:24:0d:75:62:98:f6:9d:fb:b6:3b:05:1d:a8:60:70:f4:62:
df:9e:5d:50:99:b4:e1:20:34:91:f8:11:75:47:98:ba:24:fa:
13:a7:bb:c1:2a:1a:3c:2d:24:92:d3:62:33:70:35:8c:d4:c0:
fa:4f:60:3b:7b:58:88:80:df:8d:73:33:69:06:d1:b7:2d:0f:
93:3d:cc:f9:69:51:cf:32:c7:b1:a3:c0:0f:95:cb:a3:19:d0:
4d:68:87:ae:02:1f:f4:0b:f1:1f:37:62:e3:39:7c:33:41:d5:
ff:b3:c4:17:79:a0:4d:9a:87:74:f5:76:c2:ec:ae:89:d1:54:
5c:7b:db:92:93:ce:4a:f1:4c:53:12:85:af:7d:8e:7a:48:01:
7b:ed:77:78:e4:3d:00:f6:f3:18:e1:3b:8b:7b:b8:09:7c:ed:
89:e1:ab:4d:4e:36:81:9b:6a:24:06:2b:0c:bc:49:1f:bf:bd:
0b:57:de:1d:c7:2a:3a:88:0d:09:27:51:6a:90:24:d9:32:e4:
54:f5:39:e4:26:57:98:09:d7:7e:26:61:73:55:65:fa:e1:1f:
09:0f:07:8c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCykwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0I0
OUI4N0EzRkYzODk2MzRDN0QwOTBENzZEQUVBQTk2RkVFRkQ5MDAeFw0yMzA5MDEw
OTI1NTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFFN0NEODAxNEI2QkVD
NzUyRTVBMUU3QkUyQkI2MTMzRDM0Q0JGNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDcs/LF81q1BslyXnyZc/YmkTI6g8+Z7YE+zv0xJ5SaNc7n41jn
ZT0q1B4HmpQOSpF6ugbZ1oCAL7L5zmaX4clP3sOmXyEmERNgTjzGN/s9rvQvckiL
8hwkXEMflOC2fjS2+ZyH71bAbf3A1XDggmBcfa2m0ggWX6ApnJUcR1USP5aBhMmr
E6x4JGKu6w/c+kt4GHurt7u6IJDEgjd2XgUkaMR7y+vMPyypE5ATQ7ivUXm1ymSm
XmAByjpfVC7RD+Mvo7eF6AxMKkYVCQ2j78eeWpfSYVFBdtwz5gWF61Qg4Q/mXKy/
1JOfj9dGohn57uCgzvBDd3fY1a04hF348xfdAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHnzYAUtr7HUuWh574rthM9NMv1IwHwYDVR0jBBgwFoAUO0m4ej/ziWNMfQkN
dtrqqW/u/ZAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNSRUUv
TzBtNGVqX3ppV05NZlFrTmR0cnFxV191X1pBLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PMG00ZWpfemlXTk1mUWtOZHRycXFXX3VfWkEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9OQ1JFRS9IbnpZQVV0cjdIVXVXaDU3NHJ0
aE05Tk12MUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCygUM
MA0GCSqGSIb3DQEBCwUAA4IBAQAIhrT2xY2DDa/yrttYejkAZkqmr63qqCJalvYN
nI1lwi+6IQ4fJA11Ypj2nfu2OwUdqGBw9GLfnl1QmbThIDSR+BF1R5i6JPoTp7vB
Kho8LSSS02IzcDWM1MD6T2A7e1iIgN+NczNpBtG3LQ+TPcz5aVHPMsexo8APlcuj
GdBNaIeuAh/0C/EfN2LjOXwzQdX/s8QXeaBNmod09XbC7K6J0VRce9uSk85K8UxT
EoWvfY56SAF77Xd45D0A9vMY4TuLe7gJfO2J4atNTjaBm2okBisMvEkfv70LV94d
xyo6iA0JJ1FqkCTZMuRU9TnkJleYCdd+JmFzVWX64R8JDweM
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org