Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SCNET/43iGRfVqMPQDyd4u4HsXYh3S_cw.roa
File: 43iGRfVqMPQDyd4u4HsXYh3S_cw.roa (raw, json)
Hash identifier: 9iv8w7WTrrK47VULSxEby/OiEmzMZa05EUdAdRQ+CNk=
Subject key identifier: E3:78:86:45:F5:6A:30:F4:03:C9:DE:2E:E0:7B:17:62:1D:D2:FD:CC
Certificate issuer: /CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Certificate serial: 129C
Authority key identifier: 34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/43iGRfVqMPQDyd4u4HsXYh3S_cw.roa
Signing time: Mon 12 Feb 2024 16:25:09 +0000
ROA not before: Mon 12 Feb 2024 16:25:09 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131631
IP address blocks: 103.123.216.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4764 (0x129c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349B9CE90AE03DAD19BC54DFF63AE8C41E223948
Validity
Not Before: Feb 12 16:25:09 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=E3788645F56A30F403C9DE2EE07B17621DD2FDCC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cd:d7:e7:56:d2:20:6e:78:6f:10:52:7b:ff:
42:dd:93:f6:2b:a1:f3:4b:e8:fa:a3:7a:1b:62:59:
d4:41:21:6e:d3:10:a9:85:65:e4:aa:c0:3e:14:0d:
e5:8e:95:87:ac:81:8e:bc:6b:8d:40:4d:94:ae:8c:
48:93:bb:b4:2d:b9:29:bd:65:db:a2:3e:22:d6:40:
50:55:2e:85:ec:cb:78:02:74:99:a3:39:7f:22:2a:
75:a1:0a:4e:65:c1:71:b8:42:59:67:10:33:a9:65:
83:64:74:87:a7:ed:bc:6e:37:02:ed:27:f1:51:0c:
d4:d5:ca:24:27:58:21:9a:ba:37:a2:12:e4:5e:5a:
6f:75:ca:7d:de:21:87:af:f6:0e:63:a2:aa:1e:b3:
6d:76:ec:03:a6:12:7b:45:a7:93:f4:e9:0c:8f:f1:
b0:b3:c7:71:c3:88:ae:4b:70:b8:f5:69:f8:49:49:
05:38:0c:b9:0e:cb:e6:62:65:2d:e6:55:66:b1:6d:
96:18:92:2f:81:80:5a:68:4a:f8:43:fd:4d:f2:b5:
96:cb:23:11:c4:bd:54:d6:99:2e:9a:ec:5c:b9:fc:
9c:57:c7:35:00:60:97:f3:5a:de:d7:5c:73:56:51:
96:92:89:9c:ec:ce:bc:b4:f3:a0:44:94:69:d7:95:
d1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:78:86:45:F5:6A:30:F4:03:C9:DE:2E:E0:7B:17:62:1D:D2:FD:CC
X509v3 Authority Key Identifier:
keyid:34:9B:9C:E9:0A:E0:3D:AD:19:BC:54:DF:F6:3A:E8:C4:1E:22:39:48
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/NJuc6QrgPa0ZvFTf9jroxB4iOUg.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NJuc6QrgPa0ZvFTf9jroxB4iOUg.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SCNET/43iGRfVqMPQDyd4u4HsXYh3S_cw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.216.0/24
Signature Algorithm: sha256WithRSAEncryption
24:4e:c1:79:40:2e:f5:73:ca:98:56:fe:77:84:81:47:d7:be:
0c:0b:86:a5:a3:01:01:d8:0c:f6:1b:4c:8f:02:ad:07:7d:45:
0f:3c:5d:48:0a:4a:f6:ff:88:ec:d1:76:fb:c9:ea:a1:42:5d:
83:2d:f2:19:81:5b:18:88:1c:94:e0:0c:6a:d6:25:0b:6e:26:
cc:a3:31:0c:43:a8:72:76:f3:47:7a:38:d9:8b:d7:53:6e:88:
a9:ef:71:4e:fa:3b:ec:f4:c6:8a:40:68:e0:8a:21:df:cd:1a:
d7:c3:45:c6:9f:59:32:f7:87:92:ef:09:48:d3:fb:12:fa:c1:
3f:21:9c:76:d6:ea:93:d8:10:55:6b:b6:59:a2:6e:a8:61:5e:
7a:1c:d3:29:79:27:d2:cf:f9:5c:04:06:55:44:8d:fe:43:52:
97:8f:8a:89:98:42:14:0b:54:be:cf:81:cc:85:8e:dd:9d:07:
95:bb:b5:3a:d2:18:20:16:7a:20:a1:4f:a9:62:8c:8d:d9:3a:
14:99:90:35:54:d4:33:36:1a:ad:f3:6d:24:c2:9a:83:29:1a:
ba:ac:ef:1f:c8:2f:7b:65:ba:e2:4f:28:ec:48:4b:9a:38:17:
39:ac:f3:fc:9f:c2:0e:ed:4c:04:17:7d:2c:8d:9e:a8:6d:46:
48:62:b1:df
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEpwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzQ5
QjlDRTkwQUUwM0RBRDE5QkM1NERGRjYzQUU4QzQxRTIyMzk0ODAeFw0yNDAyMTIx
NjI1MDlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEUzNzg4NjQ1RjU2QTMw
RjQwM0M5REUyRUUwN0IxNzYyMUREMkZEQ0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCezdfnVtIgbnhvEFJ7/0Ldk/YrofNL6PqjehtiWdRBIW7TEKmF
ZeSqwD4UDeWOlYesgY68a41ATZSujEiTu7QtuSm9ZduiPiLWQFBVLoXsy3gCdJmj
OX8iKnWhCk5lwXG4QllnEDOpZYNkdIen7bxuNwLtJ/FRDNTVyiQnWCGaujeiEuRe
Wm91yn3eIYev9g5joqoes2127AOmEntFp5P06QyP8bCzx3HDiK5LcLj1afhJSQU4
DLkOy+ZiZS3mVWaxbZYYki+BgFpoSvhD/U3ytZbLIxHEvVTWmS6a7Fy5/JxXxzUA
YJfzWt7XXHNWUZaSiZzszry086BElGnXldGxAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU43iGRfVqMPQDyd4u4HsXYh3S/cwwHwYDVR0jBBgwFoAUNJuc6QrgPa0ZvFTf
9jroxB4iOUgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0NORVQv
Tkp1YzZRcmdQYTBadkZUZjlqcm94QjRpT1VnLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9OSnVjNlFyZ1BhMFp2RlRmOWpyb3hCNGlPVWcuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TQ05FVC80M2lHUmZWcU1QUUR5ZDR1NEhz
WFloM1NfY3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3vY
MA0GCSqGSIb3DQEBCwUAA4IBAQAkTsF5QC71c8qYVv53hIFH174MC4alowEB2Az2
G0yPAq0HfUUPPF1ICkr2/4js0Xb7yeqhQl2DLfIZgVsYiByU4Axq1iULbibMozEM
Q6hydvNHejjZi9dTboip73FO+jvs9MaKQGjgiiHfzRrXw0XGn1ky94eS7wlI0/sS
+sE/IZx21uqT2BBVa7ZZom6oYV56HNMpeSfSz/lcBAZVRI3+Q1KXj4qJmEIUC1S+
z4HMhY7dnQeVu7U60hggFnogoU+pYoyN2ToUmZA1VNQzNhqt820kwpqDKRq6rO8f
yC97ZbriTyjsSEuaOBc5rPP8n8IO7UwEF30sjZ6obUZIYrHf
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org