Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/DdkM4U6KqzoFpKGn8N3Ye4A0CWQ.roa
File: DdkM4U6KqzoFpKGn8N3Ye4A0CWQ.roa (raw, json)
Hash identifier: pk+BVec55UpJxZZYiZLxsYmKzaYba9qQXXbrMui6PIo=
Subject key identifier: 0D:D9:0C:E1:4E:8A:AB:3A:05:A4:A1:A7:F0:DD:D8:7B:80:34:09:64
Certificate issuer: /CN=7B8257FFDC7CD1CB4196129CD40493352BC83BB9
Certificate serial: 021D
Authority key identifier: 7B:82:57:FF:DC:7C:D1:CB:41:96:12:9C:D4:04:93:35:2B:C8:3B:B9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/e4JX_9x80ctBlhKc1ASTNSvIO7k.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/DdkM4U6KqzoFpKGn8N3Ye4A0CWQ.roa
Signing time: Fri 01 Sep 2023 09:35:12 +0000
ROA not before: Fri 01 Sep 2023 09:35:12 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38853
IP address blocks: 2407:9a40::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 541 (0x21d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7B8257FFDC7CD1CB4196129CD40493352BC83BB9
Validity
Not Before: Sep 1 09:35:12 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0DD90CE14E8AAB3A05A4A1A7F0DDD87B80340964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:eb:d9:05:2a:46:44:f1:7a:90:e3:40:5e:64:
89:61:15:64:8e:f5:72:12:23:51:ed:1f:19:16:4c:
4a:8d:5a:c6:01:2b:34:df:2f:bf:c5:98:fa:4b:d6:
dd:ab:75:6a:b2:97:12:58:c2:26:54:16:0c:7c:9a:
df:01:71:62:4f:eb:d7:ad:70:d4:38:9b:5c:9e:8b:
0a:cc:72:30:a8:26:ef:8b:0a:52:d6:d3:be:58:64:
0e:26:61:7b:48:05:b6:37:3b:55:35:aa:68:6e:26:
59:10:23:e9:bc:88:95:02:0b:cf:aa:67:ce:7b:e9:
6c:46:23:a2:86:a6:61:b3:d8:57:d6:ac:68:b7:31:
b7:1b:23:79:ec:a7:7f:6d:10:7a:03:fa:66:8d:31:
57:60:44:96:65:b8:78:7e:f0:f7:8a:9b:84:92:c6:
81:45:bb:26:49:ad:a5:24:11:c6:53:77:70:5e:89:
6a:6c:fc:a8:d4:e5:21:3a:df:e6:ea:db:81:11:30:
17:37:b1:a7:2b:f0:63:a4:c5:bb:f4:b1:56:49:5a:
82:c7:8f:7e:c1:89:cb:8e:e7:04:bd:ac:69:c9:88:
c0:c9:27:2e:3d:81:ac:dd:38:4b:f8:3e:ce:03:94:
9d:90:35:ad:6f:cd:0e:a8:34:3e:d8:df:b4:53:e2:
31:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D9:0C:E1:4E:8A:AB:3A:05:A4:A1:A7:F0:DD:D8:7B:80:34:09:64
X509v3 Authority Key Identifier:
keyid:7B:82:57:FF:DC:7C:D1:CB:41:96:12:9C:D4:04:93:35:2B:C8:3B:B9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/e4JX_9x80ctBlhKc1ASTNSvIO7k.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/e4JX_9x80ctBlhKc1ASTNSvIO7k.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PARAMITA/DdkM4U6KqzoFpKGn8N3Ye4A0CWQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2407:9a40::/32
Signature Algorithm: sha256WithRSAEncryption
47:af:39:d4:57:38:41:60:10:77:c0:91:24:96:c2:f4:b1:bc:
35:a1:37:b5:56:de:02:6a:57:05:e0:a7:82:5b:62:1c:fd:06:
ec:11:11:2d:b1:df:41:f8:36:2f:7f:c6:b8:7d:7c:2f:26:8b:
f8:b3:97:16:ca:46:45:fb:89:a5:06:a4:b0:fa:da:11:34:51:
d4:74:4f:a1:19:74:e6:df:71:e2:ee:1a:24:cd:2a:0b:8d:fd:
2e:1e:76:b3:42:d3:cc:d2:60:6f:1a:39:cb:f4:8c:72:96:54:
28:41:c9:10:74:ea:7a:af:c2:f3:84:52:77:0b:68:30:85:98:
74:19:67:c3:c1:cd:01:6a:a3:a4:ef:6b:2c:03:63:69:16:dc:
41:39:9f:fe:2f:56:26:52:d9:79:68:7a:60:49:26:d3:f9:c7:
0c:fd:07:00:fd:f8:2f:0b:6a:21:d8:cd:5f:9a:fc:5f:0a:ee:
8d:6b:7c:0e:2b:8d:7f:2d:3e:ab:a0:b5:ca:91:75:a1:a6:40:
b9:9a:b3:f4:0d:fe:de:83:af:68:96:58:ff:8e:aa:e9:86:1a:
94:ee:c3:b2:b6:3f:72:d1:42:5c:b7:b8:46:9e:16:3f:91:31:
69:cb:09:b1:a2:48:d8:78:d9:28:46:c7:ae:ce:80:c6:52:06:
53:ed:05:19
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICAh0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0I4
MjU3RkZEQzdDRDFDQjQxOTYxMjlDRDQwNDkzMzUyQkM4M0JCOTAeFw0yMzA5MDEw
OTM1MTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBERDkwQ0UxNEU4QUFC
M0EwNUE0QTFBN0YwREREODdCODAzNDA5NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDx69kFKkZE8XqQ40BeZIlhFWSO9XISI1HtHxkWTEqNWsYBKzTf
L7/FmPpL1t2rdWqylxJYwiZUFgx8mt8BcWJP69etcNQ4m1yeiwrMcjCoJu+LClLW
075YZA4mYXtIBbY3O1U1qmhuJlkQI+m8iJUCC8+qZ8576WxGI6KGpmGz2FfWrGi3
MbcbI3nsp39tEHoD+maNMVdgRJZluHh+8PeKm4SSxoFFuyZJraUkEcZTd3BeiWps
/KjU5SE63+bq24ERMBc3sacr8GOkxbv0sVZJWoLHj37BicuO5wS9rGnJiMDJJy49
gazdOEv4Ps4DlJ2QNa1vzQ6oND7Y37RT4jHpAgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUDdkM4U6KqzoFpKGn8N3Ye4A0CWQwHwYDVR0jBBgwFoAUe4JX/9x80ctBlhKc
1ASTNSvIO7kwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUEFSQU1J
VEEvZTRKWF85eDgwY3RCbGhLYzFBU1ROU3ZJTzdrLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9lNEpYXzl4ODBjdEJsaEtjMUFTVE5TdklPN2suY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9QQVJBTUlUQS9EZGtNNFU2S3F6b0Zw
S0duOE4zWWU0QTBDV1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAH
AwUAJAeaQDANBgkqhkiG9w0BAQsFAAOCAQEAR6851Fc4QWAQd8CRJJbC9LG8NaE3
tVbeAmpXBeCngltiHP0G7BERLbHfQfg2L3/GuH18LyaL+LOXFspGRfuJpQaksPra
ETRR1HRPoRl05t9x4u4aJM0qC439Lh52s0LTzNJgbxo5y/SMcpZUKEHJEHTqeq/C
84RSdwtoMIWYdBlnw8HNAWqjpO9rLANjaRbcQTmf/i9WJlLZeWh6YEkm0/nHDP0H
AP34LwtqIdjNX5r8XwrujWt8DiuNfy0+q6C1ypF1oaZAuZqz9A3+3oOvaJZY/46q
6YYalO7DsrY/ctFCXLe4Rp4WP5ExacsJsaJI2HjZKEbHrs6AxlIGU+0FGQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org