Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/iVGhMK9bamE-lpdzLYMHKscOTDQ.roa
File: iVGhMK9bamE-lpdzLYMHKscOTDQ.roa (raw, json)
Hash identifier: l4m7Cf4C2IvjSl6/X7enrp2hxWtNDAveO3q2EVq/VqA=
Subject key identifier: 89:51:A1:30:AF:5B:6A:61:3E:96:97:73:2D:83:07:2A:C7:0E:4C:34
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0CC4
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/iVGhMK9bamE-lpdzLYMHKscOTDQ.roa
Signing time: Fri 01 Sep 2023 09:39:43 +0000
ROA not before: Fri 01 Sep 2023 09:39:43 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38843
IP address blocks: 223.27.51.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3268 (0xcc4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 1 09:39:43 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8951A130AF5B6A613E9697732D83072AC70E4C34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:90:a8:7b:bf:11:6a:8c:60:56:c9:7c:ce:65:
a5:f8:fd:0b:b9:75:62:b7:3f:38:2c:b0:a8:9e:e4:
33:08:2a:3e:db:18:31:3c:b6:1c:b1:cf:b6:03:48:
a5:ed:a6:05:10:d6:a0:e6:af:13:35:7c:a1:af:b3:
c4:40:77:68:fa:8f:18:a1:a7:19:53:6a:f8:d6:55:
bb:39:c4:bf:36:f3:c4:e6:4c:17:90:8a:fd:b1:f7:
e1:06:87:64:5b:dd:79:85:a6:0d:f0:ea:e5:91:85:
df:f6:85:7b:72:5d:e1:d7:ac:2f:e7:b7:fc:47:5a:
db:ee:07:df:e3:30:dd:43:60:89:13:cf:00:03:81:
c9:be:8e:31:c5:e4:4e:cb:f2:3f:f0:c4:7f:55:b0:
c9:e5:e0:bf:0d:c0:c2:72:18:ed:c9:ba:65:3c:61:
d1:14:b0:c7:59:4c:39:9d:9d:26:2b:d4:c6:ca:87:
92:c1:25:7e:a0:8b:d2:2f:2f:e2:16:7c:31:4b:13:
37:42:d2:5e:ae:57:f2:64:e0:46:40:6c:49:e9:9b:
34:ef:4c:d7:04:7c:de:9d:97:f1:76:85:eb:ac:11:
ff:3f:89:0a:07:40:7d:52:a3:b4:98:59:73:1a:8b:
3f:49:2b:4d:11:1a:ac:a5:ae:69:8b:59:57:c3:1c:
c7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:51:A1:30:AF:5B:6A:61:3E:96:97:73:2D:83:07:2A:C7:0E:4C:34
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/iVGhMK9bamE-lpdzLYMHKscOTDQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.51.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:55:93:5e:cf:99:75:59:4b:8d:aa:69:c3:9e:13:2a:4d:20:
63:52:92:c4:55:62:fb:24:d9:5c:f7:e5:18:51:d5:3b:9c:38:
f9:f0:45:d1:a5:93:77:62:d9:48:86:70:0d:46:22:11:31:4d:
0d:14:8d:dc:ba:24:87:bd:7c:82:02:33:97:b6:e8:8e:2a:b3:
4e:21:df:25:f5:af:22:b2:76:f3:2b:33:6e:23:8a:c5:70:96:
38:18:ca:2b:4b:9d:d2:9a:83:e0:f2:58:d9:f5:ce:14:fb:b4:
cc:1c:50:0d:b4:a7:93:42:23:b7:ca:65:91:01:92:a8:1b:c9:
48:18:35:d9:e5:d5:cb:55:fc:6f:8d:05:e9:d9:07:68:cf:d8:
e4:51:f5:68:c1:5c:6d:93:02:51:22:06:3d:b8:24:92:dc:d9:
79:14:f8:79:7e:92:f2:73:d6:82:38:f0:af:4f:cf:59:b9:67:
f9:76:d3:40:f3:dd:8c:01:af:4e:97:5b:41:3c:d1:6b:4a:8a:
63:ec:ec:1e:fc:22:e6:7d:a5:c6:b3:75:a6:e1:32:39:10:a5:
d5:d4:b6:da:37:e8:26:8c:6a:cb:6a:9c:cb:92:97:26:27:73:
32:13:73:59:b0:bb:5d:b1:e8:f9:ab:7e:a6:f5:2a:d4:78:e3:
48:73:64:9b
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDMQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg5NTFBMTMwQUY1QjZB
NjEzRTk2OTc3MzJEODMwNzJBQzcwRTRDMzQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJkKh7vxFqjGBWyXzOZaX4/Qu5dWK3PzgssKie5DMIKj7bGDE8
thyxz7YDSKXtpgUQ1qDmrxM1fKGvs8RAd2j6jxihpxlTavjWVbs5xL8288TmTBeQ
iv2x9+EGh2Rb3XmFpg3w6uWRhd/2hXtyXeHXrC/nt/xHWtvuB9/jMN1DYIkTzwAD
gcm+jjHF5E7L8j/wxH9VsMnl4L8NwMJyGO3JumU8YdEUsMdZTDmdnSYr1MbKh5LB
JX6gi9IvL+IWfDFLEzdC0l6uV/Jk4EZAbEnpmzTvTNcEfN6dl/F2heusEf8/iQoH
QH1So7SYWXMaiz9JK00RGqylrmmLWVfDHMepAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUiVGhMK9bamE+lpdzLYMHKscOTDQwHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vaVZHaE1LOWJhbUUtbHBkekxZTUhL
c2NPVERRLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAN8bMzAN
BgkqhkiG9w0BAQsFAAOCAQEAsVWTXs+ZdVlLjappw54TKk0gY1KSxFVi+yTZXPfl
GFHVO5w4+fBF0aWTd2LZSIZwDUYiETFNDRSN3Lokh718ggIzl7bojiqzTiHfJfWv
IrJ28yszbiOKxXCWOBjKK0ud0pqD4PJY2fXOFPu0zBxQDbSnk0Ijt8plkQGSqBvJ
SBg12eXVy1X8b40F6dkHaM/Y5FH1aMFcbZMCUSIGPbgkktzZeRT4eX6S8nPWgjjw
r0/PWbln+XbTQPPdjAGvTpdbQTzRa0qKY+zsHvwi5n2lxrN1puEyORCl1dS22jfo
Joxqy2qcy5KXJidzMhNzWbC7XbHo+at+pvUq1HjjSHNkmw==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org