Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ryMgLvYQqyTOO6g6ORts9P_mNDU.roa
File: ryMgLvYQqyTOO6g6ORts9P_mNDU.roa (raw, json)
Hash identifier: 5yus0gpPaHSfJ+ll6T0F+vy1zm0L+oj7clf/fDSoEm8=
Subject key identifier: AF:23:20:2E:F6:10:AB:24:CE:3B:A8:3A:39:1B:6C:F4:FF:E6:34:35
Certificate issuer: /CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Certificate serial: 0FF9
Authority key identifier: 18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ryMgLvYQqyTOO6g6ORts9P_mNDU.roa
Signing time: Fri 01 Sep 2023 09:37:35 +0000
ROA not before: Fri 01 Sep 2023 09:37:35 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131634
IP address blocks: 124.108.172.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4089 (0xff9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18A6663D6E9F80BD4CE7C8ADFEB38783C3E1A464
Validity
Not Before: Sep 1 09:37:35 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=AF23202EF610AB24CE3BA83A391B6CF4FFE63435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ea:24:5f:6d:ae:d5:4f:7c:49:45:19:63:2a:
8d:fe:a5:3f:11:41:ff:fd:3b:6f:da:4d:12:97:70:
95:17:db:97:0a:a8:31:d8:f4:63:17:af:9d:c5:ae:
01:ac:43:a6:c7:2d:07:18:d5:3c:57:f7:6c:ce:6f:
3e:d0:3c:2f:f7:6c:95:dd:d2:84:c2:1e:99:2b:c0:
e6:13:12:95:6e:f4:bd:fc:35:4b:62:fe:dd:d6:56:
e3:4b:62:01:c9:bf:c0:4f:e2:e2:23:ce:00:9f:84:
29:84:a4:63:04:78:4b:b9:c3:a5:bd:a3:04:74:0b:
92:d9:c3:57:01:e8:c9:f5:c8:7e:25:53:3c:82:8a:
24:3d:17:5d:5b:78:9b:55:7c:38:40:51:ae:c7:1c:
1c:e1:7c:11:a7:2c:c8:19:1a:dc:0e:b8:93:97:97:
a6:6a:07:0d:85:99:e5:a5:e9:b0:35:c8:a0:2b:2b:
26:d1:19:ab:dd:6a:28:39:13:1c:75:94:1e:00:e0:
e3:f9:e8:8f:a6:65:4f:a1:c0:3a:9b:1f:3a:3f:b6:
75:77:b0:67:69:99:6c:0c:60:28:7f:42:1a:ee:23:
55:4c:63:25:19:1e:94:4a:3d:e3:3d:2e:ab:f3:aa:
d4:12:bf:50:63:dd:a3:c4:8d:a9:cd:22:da:47:20:
79:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:23:20:2E:F6:10:AB:24:CE:3B:A8:3A:39:1B:6C:F4:FF:E6:34:35
X509v3 Authority Key Identifier:
keyid:18:A6:66:3D:6E:9F:80:BD:4C:E7:C8:AD:FE:B3:87:83:C3:E1:A4:64
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/GKZmPW6fgL1M58it_rOHg8PhpGQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GKZmPW6fgL1M58it_rOHg8PhpGQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PROFOND/ryMgLvYQqyTOO6g6ORts9P_mNDU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.108.172.0/22
Signature Algorithm: sha256WithRSAEncryption
16:fd:b1:c5:b1:67:ba:ce:ad:ac:ae:18:29:a7:2f:cd:b8:50:
d8:16:f1:40:52:46:72:79:ea:c2:bb:14:c9:54:7d:46:24:d3:
22:5b:d0:cc:bf:00:4e:44:d3:da:19:d5:5f:e9:59:2a:c1:a2:
b9:67:ce:7a:a1:0e:a4:dc:e5:c3:39:3f:16:1c:c4:4e:af:77:
58:08:4d:f1:c2:a9:87:eb:30:41:6f:82:1d:34:79:db:ed:b2:
c3:84:f2:5a:07:e9:36:7e:94:de:02:cc:c3:74:05:1e:99:c6:
11:16:a8:51:6b:49:b9:b8:41:38:4b:8b:7d:b0:3c:1f:9a:83:
0a:d5:1a:94:84:2f:bd:7c:07:f5:fe:6e:ca:2f:c9:a6:94:33:
5a:31:0f:4c:04:55:6a:b3:8b:57:09:f7:a5:0c:2a:3a:e2:b5:
0c:8f:b7:92:82:a7:55:9d:68:3e:18:0b:97:4e:32:ba:cb:8d:
da:f0:d5:5b:c4:aa:16:93:45:f2:16:36:c5:35:fa:3f:47:1b:
76:31:90:d5:e6:5f:7b:e2:f8:06:5e:0c:8a:4c:9d:01:f5:8c:
52:cd:c1:52:e3:05:94:28:0f:f0:a9:11:fe:7d:8d:dc:2e:7d:
8c:5f:17:21:cd:05:a8:b7:3b:bc:98:3b:b8:45:38:9d:f7:ad:
49:ac:91:26
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICD/kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMThB
NjY2M0Q2RTlGODBCRDRDRTdDOEFERkVCMzg3ODNDM0UxQTQ2NDAeFw0yMzA5MDEw
OTM3MzVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEFGMjMyMDJFRjYxMEFC
MjRDRTNCQTgzQTM5MUI2Q0Y0RkZFNjM0MzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc6iRfba7VT3xJRRljKo3+pT8RQf/9O2/aTRKXcJUX25cKqDHY
9GMXr53FrgGsQ6bHLQcY1TxX92zObz7QPC/3bJXd0oTCHpkrwOYTEpVu9L38NUti
/t3WVuNLYgHJv8BP4uIjzgCfhCmEpGMEeEu5w6W9owR0C5LZw1cB6Mn1yH4lUzyC
iiQ9F11beJtVfDhAUa7HHBzhfBGnLMgZGtwOuJOXl6ZqBw2FmeWl6bA1yKArKybR
Gavdaig5Exx1lB4A4OP56I+mZU+hwDqbHzo/tnV3sGdpmWwMYCh/QhruI1VMYyUZ
HpRKPeM9LqvzqtQSv1Bj3aPEjanNItpHIHndAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUryMgLvYQqyTOO6g6ORts9P/mNDUwHwYDVR0jBBgwFoAUGKZmPW6fgL1M58it
/rOHg8PhpGQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFJPRk9O
RC9HS1ptUFc2ZmdMMU01OGl0X3JPSGc4UGhwR1EuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL0dLWm1QVzZmZ0wxTTU4aXRfck9IZzhQaHBHUS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL1BST0ZPTkQvcnlNZ0x2WVFxeVRPTzZn
Nk9SdHM5UF9tTkRVLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AnxsrDANBgkqhkiG9w0BAQsFAAOCAQEAFv2xxbFnus6trK4YKacvzbhQ2BbxQFJG
cnnqwrsUyVR9RiTTIlvQzL8ATkTT2hnVX+lZKsGiuWfOeqEOpNzlwzk/FhzETq93
WAhN8cKph+swQW+CHTR52+2yw4TyWgfpNn6U3gLMw3QFHpnGERaoUWtJubhBOEuL
fbA8H5qDCtUalIQvvXwH9f5uyi/JppQzWjEPTARVarOLVwn3pQwqOuK1DI+3koKn
VZ1oPhgLl04yusuN2vDVW8SqFpNF8hY2xTX6P0cbdjGQ1eZfe+L4Bl4MikydAfWM
Us3BUuMFlCgP8KkR/n2N3C59jF8XIc0FqLc7vJg7uEU4nfetSayRJg==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:15 2024 by rpki-client on console-ams.rpki-client.org