Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SIGMA/K9nrkDge7zcQtbJ6ADADmyP0uQA.roa
File: K9nrkDge7zcQtbJ6ADADmyP0uQA.roa (raw, json)
Hash identifier: SqIIv72jbLu2yB+yKMrEsd8TNZOtGYtTICKaHud/rgg=
Subject key identifier: 2B:D9:EB:90:38:1E:EF:37:10:B5:B2:7A:00:30:03:9B:23:F4:B9:00
Certificate issuer: /CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Certificate serial: 0BBB
Authority key identifier: 3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/K9nrkDge7zcQtbJ6ADADmyP0uQA.roa
Signing time: Fri 01 Sep 2023 09:45:02 +0000
ROA not before: Fri 01 Sep 2023 09:45:02 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 4780
IP address blocks: 203.121.240.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3003 (0xbbb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3BE6C651350E8FA1FC7D0A3EABCF98F81B3119D3
Validity
Not Before: Sep 1 09:45:02 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=2BD9EB90381EEF3710B5B27A0030039B23F4B900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:94:53:28:cf:c5:05:43:40:9e:ec:ae:ab:6b:
70:ab:d1:a7:44:f7:eb:b7:79:e8:17:ee:43:95:99:
bc:64:0a:80:03:f5:c9:cd:f0:b9:4e:9e:e6:51:ad:
0b:83:6f:19:0a:4b:7c:cd:34:cd:14:31:81:68:70:
fb:ee:28:52:ac:9c:23:5c:3f:d8:74:3b:6b:fb:a2:
6f:55:9d:af:3a:ce:4d:f9:7e:a0:0b:c6:9a:f1:61:
d5:7c:d9:04:0e:77:a6:b9:65:3d:3f:6f:6a:02:e5:
69:f3:81:68:ca:d6:78:d8:d0:04:bb:64:3d:16:5a:
f1:09:7c:55:d9:08:a6:ba:90:7b:fc:93:19:46:aa:
f9:18:50:9f:77:ad:8a:66:d6:0e:08:f9:e5:85:47:
0e:50:dd:ee:5f:ce:f9:f5:84:62:16:30:22:a7:ac:
ac:86:7f:be:fa:d0:a6:1d:37:23:3b:9d:00:6f:59:
5f:cb:8b:54:6f:33:fb:a7:d8:a3:81:75:83:22:e9:
d7:c4:65:fd:ff:76:29:16:11:ba:7f:33:f2:d9:32:
42:31:b0:c1:da:5a:d5:77:05:db:c3:d3:19:8e:b6:
48:f6:3c:1a:db:e4:47:37:7d:5e:43:47:1e:cb:9c:
64:fc:42:ad:db:10:70:f2:fa:44:44:cb:46:9e:44:
49:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D9:EB:90:38:1E:EF:37:10:B5:B2:7A:00:30:03:9B:23:F4:B9:00
X509v3 Authority Key Identifier:
keyid:3B:E6:C6:51:35:0E:8F:A1:FC:7D:0A:3E:AB:CF:98:F8:1B:31:19:D3
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/O-bGUTUOj6H8fQo-q8-Y-BsxGdM.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SIGMA/K9nrkDge7zcQtbJ6ADADmyP0uQA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.121.240.0/20
Signature Algorithm: sha256WithRSAEncryption
b1:d9:bb:e8:a6:9d:36:e5:b5:2e:38:f4:8b:e9:b3:0d:3a:42:
cd:71:e3:d1:02:69:b3:62:37:ba:65:27:49:25:97:0b:91:46:
bc:b9:7f:71:12:72:9d:f9:12:f3:8e:85:92:23:1c:73:99:cc:
c8:22:0f:c5:11:cb:90:71:40:5a:c4:0a:42:11:27:62:f5:51:
c0:45:aa:fe:ef:93:4e:8c:dc:ba:5b:9a:b7:67:9c:cd:29:c8:
57:e4:37:5a:91:3d:7f:5f:2f:25:c9:9f:e3:4b:63:0a:0e:d4:
91:c6:2f:2d:46:da:49:4d:de:67:53:86:e7:bd:db:84:8c:db:
a0:69:ae:d1:ef:cb:23:81:35:16:3c:32:d2:2e:a6:b2:de:1b:
77:42:c1:48:d7:09:06:23:87:5b:67:f2:79:3e:54:77:c2:26:
bc:f5:a4:14:22:4b:a4:95:aa:7a:68:0d:95:c4:3d:0d:85:fb:
d7:c2:33:a7:c2:29:41:f0:bb:67:d9:87:e5:e3:ca:d9:99:69:
84:5c:6c:0b:aa:17:4d:07:77:92:9e:1d:f5:f3:0f:77:85:db:
ab:83:15:62:2f:57:0b:6d:c5:ac:b8:01:5a:db:cd:69:b0:2d:
2d:17:0a:50:55:c2:b0:62:e6:1d:71:37:d2:5b:3a:06:0f:39:
10:88:c2:64
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC7swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0JF
NkM2NTEzNTBFOEZBMUZDN0QwQTNFQUJDRjk4RjgxQjMxMTlEMzAeFw0yMzA5MDEw
OTQ1MDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDJCRDlFQjkwMzgxRUVG
MzcxMEI1QjI3QTAwMzAwMzlCMjNGNEI5MDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWlFMoz8UFQ0Ce7K6ra3Cr0adE9+u3eegX7kOVmbxkCoAD9cnN
8LlOnuZRrQuDbxkKS3zNNM0UMYFocPvuKFKsnCNcP9h0O2v7om9Vna86zk35fqAL
xprxYdV82QQOd6a5ZT0/b2oC5WnzgWjK1njY0AS7ZD0WWvEJfFXZCKa6kHv8kxlG
qvkYUJ93rYpm1g4I+eWFRw5Q3e5fzvn1hGIWMCKnrKyGf7760KYdNyM7nQBvWV/L
i1RvM/un2KOBdYMi6dfEZf3/dikWEbp/M/LZMkIxsMHaWtV3BdvD0xmOtkj2PBrb
5Ec3fV5DRx7LnGT8Qq3bEHDy+kREy0aeREl1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUK9nrkDge7zcQtbJ6ADADmyP0uQAwHwYDVR0jBBgwFoAUO+bGUTUOj6H8fQo+
q8+Y+BsxGdMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU0lHTUEv
Ty1iR1VUVU9qNkg4ZlFvLXE4LVktQnN4R2RNLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9PLWJHVVRVT2o2SDhmUW8tcTgtWS1Cc3hHZE0uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TSUdNQS9LOW5ya0RnZTd6Y1F0Yko2QURB
RG15UDB1UUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy3nw
MA0GCSqGSIb3DQEBCwUAA4IBAQCx2bvopp025bUuOPSL6bMNOkLNcePRAmmzYje6
ZSdJJZcLkUa8uX9xEnKd+RLzjoWSIxxzmczIIg/FEcuQcUBaxApCESdi9VHARar+
75NOjNy6W5q3Z5zNKchX5DdakT1/Xy8lyZ/jS2MKDtSRxi8tRtpJTd5nU4bnvduE
jNugaa7R78sjgTUWPDLSLqay3ht3QsFI1wkGI4dbZ/J5PlR3wia89aQUIkuklap6
aA2VxD0NhfvXwjOnwilB8Ltn2Yfl48rZmWmEXGwLqhdNB3eSnh318w93hdurgxVi
L1cLbcWsuAFa281psC0tFwpQVcKwYuYdcTfSWzoGDzkQiMJk
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org