Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/S6pAEDg5P7Ny6J97uNJGMbVC-b4.roa
File: S6pAEDg5P7Ny6J97uNJGMbVC-b4.roa (raw, json)
Hash identifier: 8oew3JCDBJmkEBQtuWhDQKZkeLE6dpJkmldKd0zGKRM=
Subject key identifier: 4B:AA:40:10:38:39:3F:B3:72:E8:9F:7B:B8:D2:46:31:B5:42:F9:BE
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0CC6
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/S6pAEDg5P7Ny6J97uNJGMbVC-b4.roa
Signing time: Fri 01 Sep 2023 09:39:44 +0000
ROA not before: Fri 01 Sep 2023 09:39:44 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38843
IP address blocks: 223.27.60.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3270 (0xcc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 1 09:39:44 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=4BAA401038393FB372E89F7BB8D24631B542F9BE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:04:0b:3f:ad:a5:8f:68:f4:56:56:17:93:ba:
21:90:b3:e8:84:e7:23:bc:9a:cf:e9:3d:b7:db:ab:
56:22:0a:20:9a:ef:83:b6:67:01:f9:6d:e3:2a:c1:
9b:a8:71:70:84:b5:98:e7:bc:34:2c:25:03:8f:34:
08:eb:58:25:14:fd:62:86:3c:4e:f9:49:f6:ff:27:
a5:d3:95:c2:5b:a3:90:a9:4c:09:a5:4d:03:28:21:
9a:02:d8:20:62:64:5a:55:c2:eb:73:25:f3:a6:f2:
be:82:26:d1:b7:54:11:dc:b8:af:ca:9c:03:be:0d:
ed:31:3f:24:24:22:16:c6:67:b0:dc:02:c3:26:40:
28:0d:63:7e:58:be:1f:40:0b:5e:ff:5a:c1:97:b1:
35:cb:fe:b6:92:1f:82:d6:cd:c1:45:65:2c:d2:f8:
5e:bf:b3:a4:1c:9a:72:bc:d8:81:1e:41:ab:b5:44:
98:8c:98:d3:3c:ab:24:9e:d0:c6:3d:c6:4b:fc:8e:
44:0c:11:47:61:78:2d:2c:bd:13:fa:0d:53:c5:ef:
fe:79:f5:c5:36:e6:59:56:1e:94:ce:2a:78:9b:4b:
76:aa:4c:75:0f:68:6d:a3:5e:a0:ef:16:47:fd:d3:
24:17:01:b3:5c:6c:f2:ba:e1:25:f3:b8:bb:2d:fb:
f8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AA:40:10:38:39:3F:B3:72:E8:9F:7B:B8:D2:46:31:B5:42:F9:BE
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/S6pAEDg5P7Ny6J97uNJGMbVC-b4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.60.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:52:4e:35:f2:e6:37:18:1c:70:a0:7b:77:1a:40:df:08:b9:
36:be:6f:14:7a:7f:5e:a7:7e:0a:4f:86:09:f6:89:ac:2b:05:
06:57:1d:dc:8d:36:74:10:9a:96:a9:44:68:14:21:21:eb:db:
18:5b:67:b1:82:0a:42:e0:f9:0b:fb:1c:3b:2e:ff:4a:d7:00:
b4:94:2b:08:94:c6:84:02:66:14:32:17:8e:d5:8e:b4:19:ca:
01:27:e2:58:15:20:bb:b4:44:42:38:b8:3b:19:c0:99:d3:78:
6d:f8:27:d4:7b:db:9f:20:8f:db:4c:55:79:56:97:4e:1e:7c:
e2:c6:00:78:84:9e:d5:21:f1:15:a4:ec:82:cf:7a:43:d4:9f:
46:2b:dc:af:28:83:1f:0d:9f:5f:39:03:f1:c4:be:71:a9:a9:
b4:1b:61:5d:e1:b7:3f:94:0f:86:fb:8c:3a:8a:13:26:2e:f5:
75:83:c3:18:72:92:99:9e:76:95:02:37:02:60:9a:ff:08:75:
e0:47:37:c2:68:a2:a1:f3:39:49:6e:f5:84:ba:6e:82:47:73:
ae:25:2f:39:54:17:50:c9:e5:4b:63:a9:32:0e:8c:e7:13:fb:
07:09:ae:6d:73:01:fa:5c:b9:30:0d:39:8d:14:b6:f6:50:c6:
3e:24:43:29
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDRCQUE0MDEwMzgzOTNG
QjM3MkU4OUY3QkI4RDI0NjMxQjU0MkY5QkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKBAs/raWPaPRWVheTuiGQs+iE5yO8ms/pPbfbq1YiCiCa74O2
ZwH5beMqwZuocXCEtZjnvDQsJQOPNAjrWCUU/WKGPE75Sfb/J6XTlcJbo5CpTAml
TQMoIZoC2CBiZFpVwutzJfOm8r6CJtG3VBHcuK/KnAO+De0xPyQkIhbGZ7DcAsMm
QCgNY35Yvh9AC17/WsGXsTXL/raSH4LWzcFFZSzS+F6/s6QcmnK82IEeQau1RJiM
mNM8qySe0MY9xkv8jkQMEUdheC0svRP6DVPF7/559cU25llWHpTOKnibS3aqTHUP
aG2jXqDvFkf90yQXAbNcbPK64SXzuLst+/g9AgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUS6pAEDg5P7Ny6J97uNJGMbVC+b4wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vUzZwQUVEZzVQN055Nko5N3VOSkdN
YlZDLWI0LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAt8bPDAN
BgkqhkiG9w0BAQsFAAOCAQEAnlJONfLmNxgccKB7dxpA3wi5Nr5vFHp/Xqd+Ck+G
CfaJrCsFBlcd3I02dBCalqlEaBQhIevbGFtnsYIKQuD5C/scOy7/StcAtJQrCJTG
hAJmFDIXjtWOtBnKASfiWBUgu7REQji4OxnAmdN4bfgn1HvbnyCP20xVeVaXTh58
4sYAeISe1SHxFaTsgs96Q9SfRivcryiDHw2fXzkD8cS+camptBthXeG3P5QPhvuM
OooTJi71dYPDGHKSmZ52lQI3AmCa/wh14Ec3wmiiofM5SW71hLpugkdzriUvOVQX
UMnlS2OpMg6M5xP7BwmubXMB+ly5MA05jRS29lDGPiRDKQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org