Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/KWVtLhMSFFZ5hsXtDSFQcbBwC4k.roa
File: KWVtLhMSFFZ5hsXtDSFQcbBwC4k.roa (raw, json)
Hash identifier: QY+0b/EhkhNewHoicGrjqCAPKVDN/0wJHqQz9FFbMX8=
Subject key identifier: 29:65:6D:2E:13:12:14:56:79:86:C5:ED:0D:21:50:71:B0:70:0B:89
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0CE0
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/KWVtLhMSFFZ5hsXtDSFQcbBwC4k.roa
Signing time: Fri 01 Sep 2023 09:39:52 +0000
ROA not before: Fri 01 Sep 2023 09:39:52 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38843
IP address blocks: 223.27.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3296 (0xce0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 1 09:39:52 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=29656D2E131214567986C5ED0D215071B0700B89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b9:88:b1:17:d4:a3:29:7d:d0:2b:c5:a2:87:
11:19:13:ad:21:be:99:28:d4:d5:85:98:b7:d7:d6:
d6:9b:0e:9b:ef:69:df:29:04:57:db:73:62:48:22:
d0:a0:fc:70:9c:c3:3b:a8:a7:50:fd:03:aa:d1:14:
cf:2e:8b:d6:c3:81:84:1f:d9:50:ff:cc:78:f1:58:
f0:8a:29:17:fb:45:11:58:4d:3d:13:7f:63:8e:33:
ee:c7:eb:0f:2a:74:70:41:0b:5d:6d:26:20:be:d5:
bd:94:4e:d1:5d:33:e8:2f:ec:20:d2:9e:33:d6:1c:
59:00:38:65:03:7f:fc:56:88:c3:a8:01:66:91:3b:
61:d6:b7:0c:cc:04:d7:38:4f:69:8b:38:2a:48:0f:
89:4a:a4:8d:75:c9:d5:6d:63:6a:87:f4:47:0d:85:
18:54:c5:0c:c0:ef:50:c2:01:a0:2b:f1:73:5a:41:
6f:5f:f1:d4:d5:37:00:60:9f:0d:a0:9c:9b:10:cf:
23:96:04:02:1a:15:20:78:9a:ce:ec:bc:4f:17:47:
7f:c2:00:cb:7a:67:47:70:a5:19:ac:bc:16:1f:5f:
d6:52:08:b7:4c:f0:6e:f9:af:8c:eb:d9:bb:88:a9:
83:e7:e4:7d:69:5b:7a:2e:e7:a1:7c:7f:2a:2c:94:
a4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:65:6D:2E:13:12:14:56:79:86:C5:ED:0D:21:50:71:B0:70:0B:89
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/KWVtLhMSFFZ5hsXtDSFQcbBwC4k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.56.0/21
Signature Algorithm: sha256WithRSAEncryption
54:68:92:3b:dc:a5:d9:b6:bc:68:f2:cc:03:45:96:cf:05:93:
f6:06:98:89:0d:12:35:0e:95:eb:90:ce:ee:e7:55:07:bd:27:
2d:d7:d9:c3:5b:c1:4e:b1:cb:16:22:88:a9:bb:a9:f0:f2:12:
79:1c:fd:5b:dc:97:29:26:7d:26:b3:cc:1d:cc:80:f9:79:1c:
a6:24:f1:94:89:47:4b:fc:df:13:d7:f5:1c:40:c8:4a:25:23:
1e:9f:34:d0:d5:42:37:39:e0:50:59:a8:8c:28:35:95:62:ce:
62:16:ac:26:2a:94:6d:46:ef:72:e4:17:b1:48:87:6d:19:a3:
6e:f8:04:a0:24:84:e7:cb:09:10:b1:25:cb:ae:df:48:82:d6:
63:8f:e0:9c:52:df:b2:25:3e:ae:f4:a9:c5:88:3b:33:7e:82:
98:1f:d3:15:04:6e:71:f7:67:26:4a:8d:3e:95:74:c5:72:ec:
9f:e6:77:96:f3:9e:70:38:d8:fe:b7:e4:ef:f0:c1:bd:51:1e:
f7:c6:f0:a8:eb:d4:8d:c3:4a:33:57:13:a8:6e:1e:da:b9:aa:
87:bb:66:cf:22:32:6a:9c:71:10:c4:ad:1c:39:80:bc:b2:34:
15:69:e6:d6:f9:63:74:e4:fc:19:d9:8d:ec:b7:d6:26:0e:01:
85:0c:04:8d
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI5NjU2RDJFMTMxMjE0
NTY3OTg2QzVFRDBEMjE1MDcxQjA3MDBCODkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDVuYixF9SjKX3QK8WihxEZE60hvpko1NWFmLfX1tabDpvvad8p
BFfbc2JIItCg/HCcwzuop1D9A6rRFM8ui9bDgYQf2VD/zHjxWPCKKRf7RRFYTT0T
f2OOM+7H6w8qdHBBC11tJiC+1b2UTtFdM+gv7CDSnjPWHFkAOGUDf/xWiMOoAWaR
O2HWtwzMBNc4T2mLOCpID4lKpI11ydVtY2qH9EcNhRhUxQzA71DCAaAr8XNaQW9f
8dTVNwBgnw2gnJsQzyOWBAIaFSB4ms7svE8XR3/CAMt6Z0dwpRmsvBYfX9ZSCLdM
8G75r4zr2buIqYPn5H1pW3ou56F8fyoslKQ9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUKWVtLhMSFFZ5hsXtDSFQcbBwC4kwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vS1dWdExoTVNGRlo1aHNYdERTRlFj
YkJ3QzRrLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA98bODAN
BgkqhkiG9w0BAQsFAAOCAQEAVGiSO9yl2ba8aPLMA0WWzwWT9gaYiQ0SNQ6V65DO
7udVB70nLdfZw1vBTrHLFiKIqbup8PISeRz9W9yXKSZ9JrPMHcyA+XkcpiTxlIlH
S/zfE9f1HEDISiUjHp800NVCNzngUFmojCg1lWLOYhasJiqUbUbvcuQXsUiHbRmj
bvgEoCSE58sJELEly67fSILWY4/gnFLfsiU+rvSpxYg7M36CmB/TFQRucfdnJkqN
PpV0xXLsn+Z3lvOecDjY/rfk7/DBvVEe98bwqOvUjcNKM1cTqG4e2rmqh7tmzyIy
apxxEMStHDmAvLI0FWnm1vljdOT8GdmN7LfWJg4BhQwEjQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org