Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/PUMO/lk4BSJwZaQyk_otWupEylooCJW0.roa
File: lk4BSJwZaQyk_otWupEylooCJW0.roa (raw, json)
Hash identifier: hFayzxCTDZO3EC8Px2ODDYteukYx/sAN0O27+MoXips=
Subject key identifier: 96:4E:01:48:9C:19:69:0C:A4:FE:8B:56:BA:91:32:96:8A:02:25:6D
Certificate issuer: /CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Certificate serial: 0CDB
Authority key identifier: 34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/lk4BSJwZaQyk_otWupEylooCJW0.roa
Signing time: Fri 01 Sep 2023 09:39:51 +0000
ROA not before: Fri 01 Sep 2023 09:39:51 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38843
IP address blocks: 223.27.32.0/20 maxlen: 20
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3291 (0xcdb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34DD432961AC42D644AEAF34B14AEC70275B06A3
Validity
Not Before: Sep 1 09:39:51 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=964E01489C19690CA4FE8B56BA9132968A02256D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:57:a1:c7:14:d5:60:7a:23:d2:5a:49:a6:f3:
bc:67:be:00:55:0e:e9:a9:b2:27:40:6c:c9:a6:eb:
62:9d:a6:9d:02:33:c0:a0:7e:88:fe:6c:27:22:41:
e5:0d:6a:bf:d8:59:54:71:59:6c:7c:98:aa:a7:c7:
49:b5:82:27:e3:fb:68:81:55:9d:55:f8:c9:dc:7e:
6b:6c:96:4c:49:dd:c0:f8:0b:a1:b0:12:9e:53:2a:
df:b7:d2:89:79:3a:91:99:7e:40:e8:e1:e5:88:f1:
8b:3d:e4:c5:ca:4f:22:fb:dd:68:22:e3:48:f3:35:
8e:bd:52:44:8c:7e:b9:b6:e4:4f:7e:ef:6d:8d:f6:
c2:52:c9:a6:fc:88:e2:f0:8f:bd:26:c6:83:eb:b3:
56:b7:ee:f7:22:44:1d:a6:b7:2d:f6:d0:96:f5:65:
7b:9a:e3:fe:d0:36:5b:f8:83:c4:9b:88:1f:47:38:
fe:87:d8:e0:9f:1d:e4:a5:7f:95:6f:79:e9:f8:4c:
1b:2a:a7:cf:f6:d2:cc:28:55:24:27:3a:29:4b:c6:
17:45:20:f2:74:16:c4:38:1d:e2:ce:fa:13:72:3c:
70:31:28:61:22:60:7d:de:57:d6:41:d9:09:3c:d9:
df:84:6c:ac:05:0d:41:ff:a3:4a:6e:f1:49:d1:a0:
20:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4E:01:48:9C:19:69:0C:A4:FE:8B:56:BA:91:32:96:8A:02:25:6D
X509v3 Authority Key Identifier:
keyid:34:DD:43:29:61:AC:42:D6:44:AE:AF:34:B1:4A:EC:70:27:5B:06:A3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/NN1DKWGsQtZErq80sUrscCdbBqM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NN1DKWGsQtZErq80sUrscCdbBqM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PUMO/lk4BSJwZaQyk_otWupEylooCJW0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.27.32.0/20
Signature Algorithm: sha256WithRSAEncryption
83:8d:07:9f:f6:c7:15:e1:bd:06:15:67:1d:b0:aa:b6:a5:94:
b2:20:3b:df:62:ff:65:c0:db:f4:32:fa:92:18:7a:30:f0:fc:
7a:17:e6:e7:8b:c8:46:5e:51:53:ad:30:61:5d:95:3b:a8:56:
8c:a5:b5:cd:61:4b:20:e8:06:16:e0:a7:6f:55:eb:73:91:64:
75:2f:82:5a:61:c0:2d:38:22:f4:a9:12:d5:31:26:0c:ba:23:
f2:50:55:af:19:24:b6:b0:af:a4:a5:5d:38:cc:95:89:30:bd:
9d:24:fd:a1:b6:1c:6d:bf:6f:fd:da:e3:74:31:6b:47:b3:e2:
cf:e0:2b:64:a4:28:af:b1:0b:5c:5d:11:f5:71:99:b3:dd:59:
98:57:b4:34:e9:9f:d1:58:31:ac:c9:39:e4:c6:fa:b7:63:4e:
a6:f7:98:d4:be:f6:8f:a6:bf:bc:41:8f:3c:b7:8b:1a:c4:0b:
59:a9:99:29:38:57:f1:f9:0a:69:ca:17:2d:95:e6:02:7e:02:
d4:77:7a:48:20:4a:01:ca:98:f3:9d:8d:68:5f:0a:ba:c1:60:
f4:06:78:9c:9e:14:b7:88:a8:a9:b0:ce:14:4e:57:ec:41:a5:
ad:b1:af:ff:cf:88:a2:62:cc:e0:39:ff:b9:03:d3:d6:6e:95:
32:a2:b5:31
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDNswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzRE
RDQzMjk2MUFDNDJENjQ0QUVBRjM0QjE0QUVDNzAyNzVCMDZBMzAeFw0yMzA5MDEw
OTM5NTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDk2NEUwMTQ4OUMxOTY5
MENBNEZFOEI1NkJBOTEzMjk2OEEwMjI1NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpV6HHFNVgeiPSWkmm87xnvgBVDumpsidAbMmm62Kdpp0CM8Cg
foj+bCciQeUNar/YWVRxWWx8mKqnx0m1gifj+2iBVZ1V+MncfmtslkxJ3cD4C6Gw
Ep5TKt+30ol5OpGZfkDo4eWI8Ys95MXKTyL73Wgi40jzNY69UkSMfrm25E9+722N
9sJSyab8iOLwj70mxoPrs1a37vciRB2mty320Jb1ZXua4/7QNlv4g8SbiB9HOP6H
2OCfHeSlf5Vveen4TBsqp8/20swoVSQnOilLxhdFIPJ0FsQ4HeLO+hNyPHAxKGEi
YH3eV9ZB2Qk82d+EbKwFDUH/o0pu8UnRoCDvAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUlk4BSJwZaQyk/otWupEylooCJW0wHwYDVR0jBBgwFoAUNN1DKWGsQtZErq80
sUrscCdbBqMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvUFVNTy9O
TjFES1dHc1F0WkVycTgwc1Vyc2NDZGJCcU0uY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05OMURLV0dzUXRaRXJxODBzVXJzY0NkYkJxTS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1BVTU8vbGs0QlNKd1phUXlrX290V3VwRXls
b29DSlcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBN8bIDAN
BgkqhkiG9w0BAQsFAAOCAQEAg40Hn/bHFeG9BhVnHbCqtqWUsiA732L/ZcDb9DL6
khh6MPD8ehfm54vIRl5RU60wYV2VO6hWjKW1zWFLIOgGFuCnb1Xrc5FkdS+CWmHA
LTgi9KkS1TEmDLoj8lBVrxkktrCvpKVdOMyViTC9nST9obYcbb9v/drjdDFrR7Pi
z+ArZKQor7ELXF0R9XGZs91ZmFe0NOmf0VgxrMk55Mb6t2NOpveY1L72j6a/vEGP
PLeLGsQLWamZKThX8fkKacoXLZXmAn4C1Hd6SCBKAcqY852NaF8KusFg9AZ4nJ4U
t4ioqbDOFE5X7EGlrbGv/8+IomLM4Dn/uQPT1m6VMqK1MQ==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:22 2024 by rpki-client on console-fra.rpki-client.org