Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SGU/kvZDCE5l3JSOfw_8KDeaXDLwtk8.roa
File: kvZDCE5l3JSOfw_8KDeaXDLwtk8.roa (raw, json)
Hash identifier: D07ZfzffFOh71aQL8kM2Se8+G/Gupk+X0uAZR6C9Jbc=
Subject key identifier: 92:F6:43:08:4E:65:DC:94:8E:7F:0F:FC:28:37:9A:5C:32:F0:B6:4F
Certificate issuer: /CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Certificate serial: 0141
Authority key identifier: 32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/kvZDCE5l3JSOfw_8KDeaXDLwtk8.roa
Signing time: Fri 01 Sep 2023 09:41:46 +0000
ROA not before: Fri 01 Sep 2023 09:41:46 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 134823
IP address blocks: 2400:7420::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321 (0x141)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3294E71902A4A5C31B987BD67D094AF5830A816D
Validity
Not Before: Sep 1 09:41:46 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=92F643084E65DC948E7F0FFC28379A5C32F0B64F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a0:f8:85:ac:96:68:e9:24:af:ca:9b:4e:fe:
0b:d3:e0:c9:25:2f:07:27:20:13:08:de:66:d3:0a:
69:0d:58:a7:91:1a:78:c4:7f:51:db:40:28:a5:62:
ef:b9:65:60:0d:9a:b4:8b:19:64:9d:29:a0:da:48:
dc:ad:63:68:69:af:1d:ac:de:58:2f:29:7b:3f:a4:
ad:39:74:ac:a1:84:ed:aa:c0:36:ce:c8:07:28:43:
00:14:77:84:7d:8f:c1:2d:a0:c3:f6:87:ec:1e:e3:
b1:97:e6:e7:a6:06:b1:57:b2:78:98:af:ca:56:e2:
f8:80:04:54:1a:93:00:06:e8:ad:fe:3f:d0:47:28:
10:99:4f:88:2c:a0:dd:65:fb:7f:ef:ce:0b:24:b3:
4a:4a:53:04:1f:a8:68:14:bc:99:70:3f:fd:e8:b6:
c2:e0:b0:b7:d0:75:d4:fb:43:27:4c:6a:a6:fd:9a:
29:7d:4e:54:da:c8:28:b7:d3:99:f2:b0:78:98:06:
3e:ec:b2:d4:f1:4a:43:39:c2:b7:ba:fd:57:69:08:
8a:92:ae:2a:07:6a:3b:f4:46:1d:39:c8:f1:b0:cd:
db:9e:11:5a:09:24:f1:63:0b:1d:ba:4e:8c:18:4c:
a3:89:88:0d:03:8b:09:c8:03:4b:cf:28:c3:26:8f:
6e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:F6:43:08:4E:65:DC:94:8E:7F:0F:FC:28:37:9A:5C:32:F0:B6:4F
X509v3 Authority Key Identifier:
keyid:32:94:E7:19:02:A4:A5:C3:1B:98:7B:D6:7D:09:4A:F5:83:0A:81:6D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/MpTnGQKkpcMbmHvWfQlK9YMKgW0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/MpTnGQKkpcMbmHvWfQlK9YMKgW0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SGU/kvZDCE5l3JSOfw_8KDeaXDLwtk8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:7420::/32
Signature Algorithm: sha256WithRSAEncryption
99:1f:43:23:54:30:cd:4f:9a:ea:71:0e:b6:8a:2c:df:3f:f0:
a8:52:6f:fe:2e:ef:24:8a:0a:df:00:2b:0e:f5:53:15:79:6d:
df:0c:32:ed:01:b4:65:20:43:06:c3:5e:02:25:ac:b1:15:a2:
cc:88:eb:e7:d1:f0:ca:bd:72:52:f9:40:b7:d0:8a:6a:63:df:
8a:c5:df:26:5f:83:a5:86:1f:06:de:04:e4:ef:f1:e6:db:3f:
fe:8e:20:56:c1:10:ce:c0:63:15:ea:72:88:6a:88:74:d7:14:
01:90:d5:a8:f3:1e:47:3b:79:60:d2:94:4a:51:7c:2f:95:13:
ef:af:89:49:10:f7:d9:78:53:19:e3:f4:ce:a4:48:d3:b4:48:
58:23:5b:1a:41:e0:c7:8a:95:4e:c9:e4:40:96:1e:d8:41:cc:
69:a8:28:b0:c9:d9:f0:24:c5:0c:03:d4:35:cf:11:7d:b4:87:
c9:32:15:02:3d:c5:20:86:2b:b2:fd:f3:ac:16:76:d3:04:49:
84:a2:5f:1f:df:d0:45:37:bf:20:50:67:f2:ec:ec:ea:47:fd:
78:71:70:03:fc:6b:e8:cb:99:d5:cf:45:6f:5b:06:46:4b:8e:
be:c0:19:5a:7c:dd:f0:95:d6:19:23:f8:08:e6:bb:37:27:81:
84:98:5e:55
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAUEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzI5
NEU3MTkwMkE0QTVDMzFCOTg3QkQ2N0QwOTRBRjU4MzBBODE2RDAeFw0yMzA5MDEw
OTQxNDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDkyRjY0MzA4NEU2NURD
OTQ4RTdGMEZGQzI4Mzc5QTVDMzJGMEI2NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDnoPiFrJZo6SSvyptO/gvT4MklLwcnIBMI3mbTCmkNWKeRGnjE
f1HbQCilYu+5ZWANmrSLGWSdKaDaSNytY2hprx2s3lgvKXs/pK05dKyhhO2qwDbO
yAcoQwAUd4R9j8EtoMP2h+we47GX5uemBrFXsniYr8pW4viABFQakwAG6K3+P9BH
KBCZT4gsoN1l+3/vzgsks0pKUwQfqGgUvJlwP/3otsLgsLfQddT7QydMaqb9mil9
TlTayCi305nysHiYBj7sstTxSkM5wre6/VdpCIqSrioHajv0Rh05yPGwzdueEVoJ
JPFjCx26TowYTKOJiA0DiwnIA0vPKMMmj24TAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUkvZDCE5l3JSOfw/8KDeaXDLwtk8wHwYDVR0jBBgwFoAUMpTnGQKkpcMbmHvW
fQlK9YMKgW0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL01w
VG5HUUtrcGNNYm1IdldmUWxLOVlNS2dXMC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TXBUbkdRS2twY01ibUh2V2ZRbEs5WU1LZ1cwLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvU0dVL2t2WkRDRTVsM0pTT2Z3XzhLRGVhWERM
d3RrOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAHQgMA0G
CSqGSIb3DQEBCwUAA4IBAQCZH0MjVDDNT5rqcQ62iizfP/CoUm/+Lu8kigrfACsO
9VMVeW3fDDLtAbRlIEMGw14CJayxFaLMiOvn0fDKvXJS+UC30IpqY9+Kxd8mX4Ol
hh8G3gTk7/Hm2z/+jiBWwRDOwGMV6nKIaoh01xQBkNWo8x5HO3lg0pRKUXwvlRPv
r4lJEPfZeFMZ4/TOpEjTtEhYI1saQeDHipVOyeRAlh7YQcxpqCiwydnwJMUMA9Q1
zxF9tIfJMhUCPcUghiuy/fOsFnbTBEmEol8f39BFN78gUGfy7OzqR/14cXAD/Gvo
y5nVz0VvWwZGS46+wBlafN3wldYZI/gI5rs3J4GEmF5V
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org