Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/ZAj8VcsLxDwTC4xcMFFcQTxEFrc.roa
File: ZAj8VcsLxDwTC4xcMFFcQTxEFrc.roa (raw, json)
Hash identifier: fHI1OWcZu0lq5AlCw4tINAKETCWAqX648TV1T6fNN6M=
Subject key identifier: 64:08:FC:55:CB:0B:C4:3C:13:0B:8C:5C:30:51:5C:41:3C:44:16:B7
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0CE8
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/ZAj8VcsLxDwTC4xcMFFcQTxEFrc.roa
Signing time: Fri 01 Sep 2023 09:39:56 +0000
ROA not before: Fri 01 Sep 2023 09:39:56 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38843
IP address blocks: 223.27.50.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3304 (0xce8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 1 09:39:56 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=6408FC55CB0BC43C130B8C5C30515C413C4416B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:39:84:24:eb:99:fd:cb:09:47:68:f6:4d:a0:
a7:f0:e0:79:a2:b8:87:3b:c6:72:12:f2:96:50:43:
67:6b:28:05:dd:15:b1:07:32:1c:90:47:a2:a3:3d:
36:a3:49:ea:c9:dc:53:32:4b:ca:5b:6d:8a:b6:ae:
18:72:22:31:51:a9:68:fa:c6:d5:5d:4c:a2:0c:31:
49:01:c2:33:8b:56:65:c8:94:0b:f3:f8:2f:35:3d:
bd:11:a6:e9:db:ea:79:c6:19:70:04:b8:dd:b6:2e:
d5:45:e8:de:96:c1:ae:ca:0c:22:0c:ae:47:8e:80:
fa:5a:9b:a0:82:ea:27:5e:73:33:65:23:9d:b4:bb:
64:0e:09:f8:16:d0:10:6d:8b:cf:ce:e3:f4:79:e6:
12:e4:e0:6c:75:ed:57:8a:0a:aa:0e:08:a0:70:45:
a8:22:41:0e:63:f5:0b:05:b4:79:ee:23:c1:b7:52:
b6:07:b0:9d:7d:96:9d:af:ff:4a:cf:ae:e6:f7:87:
e8:08:55:29:1c:f7:b6:e5:4b:c1:16:8a:61:1f:0c:
fe:3e:14:6c:df:c0:b6:ef:7f:1c:3e:dc:3c:a0:5c:
db:d9:12:39:96:d4:15:59:dd:a6:96:40:40:2a:b1:
53:85:e6:4f:ac:ed:5e:d9:2e:0b:63:c9:e5:5b:51:
aa:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:08:FC:55:CB:0B:C4:3C:13:0B:8C:5C:30:51:5C:41:3C:44:16:B7
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/ZAj8VcsLxDwTC4xcMFFcQTxEFrc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.50.0/24
Signature Algorithm: sha256WithRSAEncryption
28:a5:e1:be:4a:53:5c:ae:d5:31:e3:c7:a9:80:ed:23:30:44:
ed:f8:e3:b5:4a:47:f1:20:69:cc:a0:44:6e:7d:f9:82:69:fd:
aa:36:dd:08:26:0b:d2:9f:95:96:76:a6:a4:f4:53:0d:bb:78:
c2:78:7b:48:73:eb:0b:a7:99:b0:85:54:3f:1f:91:70:d7:b0:
67:e2:6d:30:e2:45:7b:34:42:ff:48:a5:70:b8:0e:f9:3d:ba:
5c:33:91:e4:1c:fb:fd:7d:4f:ff:29:00:a2:7e:54:22:8a:58:
f2:48:47:dc:8a:1e:bd:ac:ef:40:2c:62:7a:59:28:76:d2:f4:
d5:20:9b:a7:44:6b:ad:21:70:29:bc:cf:26:1e:43:c9:9e:b4:
53:ad:9e:f1:81:be:35:a7:b0:57:e7:ce:54:6c:84:f6:4d:b2:
6d:71:73:23:50:40:ff:79:f8:72:d6:64:07:51:70:64:f4:74:
16:29:12:ca:10:21:b0:0f:be:8b:5a:e3:b9:31:a6:ff:7b:b8:
5b:ab:2a:29:9e:1a:81:84:db:71:0b:c7:63:b8:59:3f:0d:55:
23:db:3a:e2:04:27:18:61:94:b2:fe:96:7b:17:71:61:03:b0:
b9:65:d3:02:88:e0:df:fb:41:fd:23:b8:fc:c8:b8:9e:4c:bc:
30:d7:bc:49
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDOgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY0MDhGQzU1Q0IwQkM0
M0MxMzBCOEM1QzMwNTE1QzQxM0M0NDE2QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5OYQk65n9ywlHaPZNoKfw4HmiuIc7xnIS8pZQQ2drKAXdFbEH
MhyQR6KjPTajSerJ3FMyS8pbbYq2rhhyIjFRqWj6xtVdTKIMMUkBwjOLVmXIlAvz
+C81Pb0Rpunb6nnGGXAEuN22LtVF6N6Wwa7KDCIMrkeOgPpam6CC6ideczNlI520
u2QOCfgW0BBti8/O4/R55hLk4Gx17VeKCqoOCKBwRagiQQ5j9QsFtHnuI8G3UrYH
sJ19lp2v/0rPrub3h+gIVSkc97blS8EWimEfDP4+FGzfwLbvfxw+3DygXNvZEjmW
1BVZ3aaWQEAqsVOF5k+s7V7ZLgtjyeVbUaqZAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUZAj8VcsLxDwTC4xcMFFcQTxEFrcwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vWkFqOFZjc0x4RHdUQzR4Y01GRmNR
VHhFRnJjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bMjAN
BgkqhkiG9w0BAQsFAAOCAQEAKKXhvkpTXK7VMePHqYDtIzBE7fjjtUpH8SBpzKBE
bn35gmn9qjbdCCYL0p+VlnampPRTDbt4wnh7SHPrC6eZsIVUPx+RcNewZ+JtMOJF
ezRC/0ilcLgO+T26XDOR5Bz7/X1P/ykAon5UIopY8khH3IoevazvQCxielkodtL0
1SCbp0RrrSFwKbzPJh5DyZ60U62e8YG+NaewV+fOVGyE9k2ybXFzI1BA/3n4ctZk
B1FwZPR0FikSyhAhsA++i1rjuTGm/3u4W6sqKZ4agYTbcQvHY7hZPw1VI9s64gQn
GGGUsv6WexdxYQOwuWXTAojg3/tB/SO4/Mi4nky8MNe8SQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org