Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/CAkjpe0azg4K-VMrYRpR6QaOgR0.roa
File: CAkjpe0azg4K-VMrYRpR6QaOgR0.roa (raw, json)
Hash identifier: OlYB62MgtsMBoJsrhuLkjRbybCYDOcR9h+XX5faYIv4=
Subject key identifier: 08:09:23:A5:ED:1A:CE:0E:0A:F9:53:2B:61:1A:51:E9:06:8E:81:1D
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0CD7
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/CAkjpe0azg4K-VMrYRpR6QaOgR0.roa
Signing time: Fri 01 Sep 2023 09:39:50 +0000
ROA not before: Fri 01 Sep 2023 09:39:50 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38843
IP address blocks: 223.27.58.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3287 (0xcd7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 1 09:39:50 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=080923A5ED1ACE0E0AF9532B611A51E9068E811D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b4:de:c4:b8:6a:a1:ed:a6:4b:5b:3f:e3:2e:
bb:f5:f6:c9:3e:09:d0:31:eb:dd:b0:f5:33:1e:35:
d5:00:f0:8f:59:b4:23:e2:61:55:50:12:9c:0c:1a:
e8:ff:1e:13:86:ba:6d:68:07:82:23:1b:a6:97:67:
b4:29:bb:18:67:39:f8:43:d8:04:2d:ca:af:65:ec:
fd:fb:dc:31:fa:68:c9:63:39:bb:5c:07:9f:50:48:
c1:c7:c3:4c:28:8f:87:9b:36:ec:cb:58:92:0e:a1:
90:b2:e4:4b:0a:61:fc:c7:f4:0b:1d:7e:f7:eb:ef:
9b:1b:38:06:58:97:c0:ff:b6:f9:07:b5:e3:8b:2e:
ce:e8:12:a6:e5:aa:94:cc:8c:4c:a7:59:4b:38:4d:
6c:b3:a6:72:71:60:83:d1:10:87:fc:a8:63:a7:3c:
b4:08:1a:1f:83:9f:f4:d3:60:6a:77:34:7c:5b:77:
d6:1e:a3:10:92:e7:36:1d:5c:10:1f:cc:2b:a9:0f:
ef:aa:a8:04:de:f8:f4:75:26:17:d6:69:78:4f:12:
e2:9e:a9:9e:af:f1:3e:6b:b2:e8:23:12:6f:91:72:
98:f4:71:a6:9f:f1:a3:06:62:c0:34:60:fe:05:58:
4f:1c:e9:02:54:fb:86:0c:8b:02:28:06:bb:4c:12:
fb:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:09:23:A5:ED:1A:CE:0E:0A:F9:53:2B:61:1A:51:E9:06:8E:81:1D
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/CAkjpe0azg4K-VMrYRpR6QaOgR0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.58.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:1d:32:82:de:e2:51:23:30:3f:60:62:1a:89:df:30:88:a3:
41:4b:d6:35:dc:18:74:7e:09:f7:0e:fa:05:7a:9f:30:24:95:
a0:4c:c3:f4:f5:01:45:cb:fd:6d:9c:b7:80:53:f2:e8:7d:7f:
18:41:93:fe:ea:53:39:ad:80:fb:af:90:a9:b3:7a:40:25:0d:
35:db:39:88:09:4d:f2:95:bf:92:e0:5d:ac:a4:7b:0d:a4:87:
30:63:b7:17:2e:bc:10:54:af:f8:eb:14:de:70:4d:3a:bc:a2:
54:c3:04:89:b2:77:7c:f5:3f:36:d2:7e:bf:38:77:3a:a0:b3:
b7:c1:d5:10:f2:1d:22:99:fe:8a:1f:dc:ea:a7:13:8c:8d:2d:
1b:14:ff:6e:fd:44:47:3f:1f:f5:2a:9a:63:14:9c:ce:e5:8b:
86:3d:67:ff:03:e4:1b:81:9a:c5:b9:98:23:87:2b:d2:cb:a6:
f1:48:f8:1c:93:b8:6a:e1:6a:90:b7:ed:ab:c9:6c:3b:03:f4:
27:7b:ae:d0:7d:be:63:44:1f:49:2c:0a:0f:57:63:fc:67:57:
6e:de:8f:5d:23:fc:6c:50:cd:48:69:0c:ce:78:92:d3:d8:11:
98:a8:ba:e4:4e:d7:73:ce:75:72:c3:e8:7e:9a:ff:e8:8b:6d:
63:e0:8d:45
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDA4MDkyM0E1RUQxQUNF
MEUwQUY5NTMyQjYxMUE1MUU5MDY4RTgxMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDstN7EuGqh7aZLWz/jLrv19sk+CdAx692w9TMeNdUA8I9ZtCPi
YVVQEpwMGuj/HhOGum1oB4IjG6aXZ7QpuxhnOfhD2AQtyq9l7P373DH6aMljObtc
B59QSMHHw0woj4ebNuzLWJIOoZCy5EsKYfzH9Asdfvfr75sbOAZYl8D/tvkHteOL
Ls7oEqblqpTMjEynWUs4TWyzpnJxYIPREIf8qGOnPLQIGh+Dn/TTYGp3NHxbd9Ye
oxCS5zYdXBAfzCupD++qqATe+PR1JhfWaXhPEuKeqZ6v8T5rsugjEm+Rcpj0caaf
8aMGYsA0YP4FWE8c6QJU+4YMiwIoBrtMEvsHAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCAkjpe0azg4K+VMrYRpR6QaOgR0wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vQ0FranBlMGF6ZzRLLVZNcllScFI2
UWFPZ1IwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bOjAN
BgkqhkiG9w0BAQsFAAOCAQEACh0ygt7iUSMwP2BiGonfMIijQUvWNdwYdH4J9w76
BXqfMCSVoEzD9PUBRcv9bZy3gFPy6H1/GEGT/upTOa2A+6+QqbN6QCUNNds5iAlN
8pW/kuBdrKR7DaSHMGO3Fy68EFSv+OsU3nBNOryiVMMEibJ3fPU/NtJ+vzh3OqCz
t8HVEPIdIpn+ih/c6qcTjI0tGxT/bv1ERz8f9SqaYxSczuWLhj1n/wPkG4GaxbmY
I4cr0sum8Uj4HJO4auFqkLftq8lsOwP0J3uu0H2+Y0QfSSwKD1dj/GdXbt6PXSP8
bFDNSGkMzniS09gRmKi65E7Xc851csPofpr/6IttY+CNRQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org