Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/FXk0oyxupJXuXXavSI12Vms5924.roa
File: FXk0oyxupJXuXXavSI12Vms5924.roa (raw, json)
Hash identifier: sWnSigLZMLa+9IfgIT9o97G3XQaU2xfzQaVvHbs89KI=
Subject key identifier: 15:79:34:A3:2C:6E:A4:95:EE:5D:76:AF:48:8D:76:56:6B:39:F7:6E
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0BBF
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/FXk0oyxupJXuXXavSI12Vms5924.roa
Signing time: Fri 01 Sep 2023 09:45:03 +0000
ROA not before: Fri 01 Sep 2023 09:45:03 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 4780
IP address blocks: 61.60.192.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3007 (0xbbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 1 09:45:03 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=157934A32C6EA495EE5D76AF488D76566B39F76E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ec:3a:1d:c4:c2:13:95:75:18:d2:e6:11:99:
7d:40:b3:24:57:4d:a5:ab:97:83:73:6c:ed:21:21:
68:06:eb:4e:38:ea:18:4b:a1:41:48:99:41:10:3e:
51:dd:8d:b5:a6:95:8f:a1:5a:89:e9:73:6e:dd:ff:
cc:3e:04:fe:a6:ad:73:7e:14:2d:c4:e9:49:37:97:
ba:00:2b:ae:63:b4:9c:08:da:56:f0:bd:94:eb:8f:
b8:1c:fb:30:0d:10:b9:fb:3f:a9:97:b1:ff:de:aa:
53:cc:29:0f:a5:67:27:89:ac:33:80:48:85:77:03:
d4:3e:6e:6d:f2:2f:55:d6:4b:60:5c:f4:70:eb:2b:
94:87:3b:fd:29:6a:9f:b9:25:cb:74:bd:40:7e:92:
41:3c:4d:89:25:8b:8b:96:1f:a7:c6:bc:9f:08:1f:
7c:f1:3c:7d:c5:b9:d2:1a:81:e7:e7:33:ed:cc:1f:
44:ab:81:d9:4c:f7:3b:69:e0:e4:51:80:9d:7b:c8:
75:a2:5c:ea:0a:da:7f:fe:dd:64:31:ea:5a:3d:50:
2b:a9:1e:8d:12:0f:4e:e4:b2:aa:62:c3:8a:00:f3:
fc:93:29:b0:bd:93:e6:b8:4f:aa:44:18:55:88:4f:
e2:f9:bc:25:53:0d:74:45:b5:22:67:f9:5d:a5:00:
1b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:79:34:A3:2C:6E:A4:95:EE:5D:76:AF:48:8D:76:56:6B:39:F7:6E
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/FXk0oyxupJXuXXavSI12Vms5924.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.60.192.0/20
Signature Algorithm: sha256WithRSAEncryption
65:c6:fc:9a:1e:f2:e6:ec:4b:df:c7:5f:8b:5a:e1:a5:cd:42:
1f:22:77:f5:f8:44:92:f6:7c:3f:68:da:14:e9:50:52:45:85:
da:ee:50:21:f7:66:0c:fc:2d:e4:1d:26:d2:c3:2b:21:d9:fd:
1c:c6:ba:a1:e4:bb:a3:71:c7:e9:db:c5:77:51:3a:8b:df:3b:
b6:cc:8a:69:39:ed:b3:7f:e0:52:3a:bd:83:02:8d:0b:3c:29:
f2:c7:eb:8b:56:76:0a:e3:40:07:01:41:70:8e:da:2f:4e:81:
a4:51:aa:12:7f:d7:0f:85:2e:21:47:73:c2:11:ce:55:55:f7:
6a:5f:d5:ed:4f:c7:de:7b:23:28:03:b3:b0:64:b0:32:30:ac:
21:c3:37:2a:af:b9:cc:32:20:d2:6a:eb:12:f3:d0:80:f1:83:
1e:c0:db:45:64:e8:95:7f:2a:cd:25:a7:d4:8d:5e:6e:8a:5e:
28:6c:e5:f6:4b:05:e1:5e:5a:2f:52:7a:dd:a1:1b:8b:98:1d:
fa:21:7a:87:2d:eb:24:8d:ae:46:8e:b8:75:8f:cb:06:8d:b0:
0b:7d:ab:4d:22:2f:ba:4d:78:88:57:41:11:63:83:ff:dd:32:
9b:38:96:fc:dc:8d:49:1a:dc:8f:c6:73:82:14:b3:3a:06:85:
51:8b:ac:38
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC78wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMzA5MDEw
OTQ1MDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDE1NzkzNEEzMkM2RUE0
OTVFRTVENzZBRjQ4OEQ3NjU2NkIzOUY3NkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCt7DodxMITlXUY0uYRmX1AsyRXTaWrl4NzbO0hIWgG60446hhL
oUFImUEQPlHdjbWmlY+hWonpc27d/8w+BP6mrXN+FC3E6Uk3l7oAK65jtJwI2lbw
vZTrj7gc+zANELn7P6mXsf/eqlPMKQ+lZyeJrDOASIV3A9Q+bm3yL1XWS2Bc9HDr
K5SHO/0pap+5Jct0vUB+kkE8TYkli4uWH6fGvJ8IH3zxPH3FudIagefnM+3MH0Sr
gdlM9ztp4ORRgJ17yHWiXOoK2n/+3WQx6lo9UCupHo0SD07ksqpiw4oA8/yTKbC9
k+a4T6pEGFWIT+L5vCVTDXRFtSJn+V2lABvNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUFXk0oyxupJXuXXavSI12Vms5924wHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9GWGswb3l4dXBKWHVYWGF2U0kx
MlZtczU5MjQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTzA
MA0GCSqGSIb3DQEBCwUAA4IBAQBlxvyaHvLm7Evfx1+LWuGlzUIfInf1+ESS9nw/
aNoU6VBSRYXa7lAh92YM/C3kHSbSwysh2f0cxrqh5Lujccfp28V3UTqL3zu2zIpp
Oe2zf+BSOr2DAo0LPCnyx+uLVnYK40AHAUFwjtovToGkUaoSf9cPhS4hR3PCEc5V
VfdqX9XtT8feeyMoA7OwZLAyMKwhwzcqr7nMMiDSausS89CA8YMewNtFZOiVfyrN
JafUjV5uil4obOX2SwXhXlovUnrdoRuLmB36IXqHLeskja5Gjrh1j8sGjbALfatN
Ii+6TXiIV0ERY4P/3TKbOJb83I1JGtyPxnOCFLM6BoVRi6w4
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org