Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/SONET/idXxfYf_OvLG_CDCp4ZDdsbCwyA.roa
File: idXxfYf_OvLG_CDCp4ZDdsbCwyA.roa (raw, json)
Hash identifier: zuMFV6JLvXkrphmTCYc77R8fT87pTpHYNW9upcQ62LQ=
Subject key identifier: 89:D5:F1:7D:87:FF:3A:F2:C6:FC:20:C2:A7:86:43:76:C6:C2:C3:20
Certificate issuer: /CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Certificate serial: 0C2D
Authority key identifier: CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/idXxfYf_OvLG_CDCp4ZDdsbCwyA.roa
Signing time: Mon 03 Jun 2024 05:59:01 +0000
ROA not before: Mon 03 Jun 2024 05:59:01 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9922
IP address blocks: 39.1.40.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3117 (0xc2d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=CCB5454153ACCECE8520D33907D54E56C5CA9A4B
Validity
Not Before: Jun 3 05:59:01 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=89D5F17D87FF3AF2C6FC20C2A7864376C6C2C320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:a8:d3:15:54:52:11:11:f2:5f:fb:1c:2f:1d:
48:46:62:2d:43:92:cf:22:b6:97:d4:13:90:a5:f9:
0b:40:71:3f:64:71:c2:d4:e0:a6:fe:0f:0a:d2:73:
4f:98:60:55:c6:bc:a6:19:fe:78:a7:9d:78:99:a4:
cd:35:3c:24:4d:4e:b0:62:8e:47:68:1f:8c:9e:d3:
4f:ff:0a:3d:0c:37:c8:db:90:af:2a:b3:db:e4:87:
bf:e7:1b:d1:2d:c3:33:6e:d8:53:d5:fa:ba:ec:c9:
42:ad:ad:95:b0:0c:fa:d1:06:94:43:69:c1:16:9c:
dc:6f:1e:b2:c9:09:88:87:df:49:e3:50:79:75:98:
ff:e6:aa:3f:06:72:37:a7:58:67:c1:54:ac:fe:a2:
03:8d:93:3a:5e:1e:8a:5a:61:db:18:d8:bd:bd:75:
a0:5a:56:73:22:56:be:72:9f:5c:bf:06:2a:00:21:
df:ee:ee:99:da:31:71:bd:2a:c0:e8:dd:e6:9f:e2:
27:60:67:8a:b4:bd:44:ca:83:d3:f1:fa:27:dd:c0:
30:a6:5e:36:76:a6:71:70:28:3c:e1:51:70:2d:02:
a6:45:09:70:45:d1:62:ea:fd:1c:63:99:be:0e:ff:
d5:cb:7d:9a:d3:b1:8b:ab:a9:50:33:5b:5d:c3:45:
72:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D5:F1:7D:87:FF:3A:F2:C6:FC:20:C2:A7:86:43:76:C6:C2:C3:20
X509v3 Authority Key Identifier:
keyid:CC:B5:45:41:53:AC:CE:CE:85:20:D3:39:07:D5:4E:56:C5:CA:9A:4B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/zLVFQVOszs6FINM5B9VOVsXKmks.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/zLVFQVOszs6FINM5B9VOVsXKmks.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/SONET/idXxfYf_OvLG_CDCp4ZDdsbCwyA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
39.1.40.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:0c:27:cb:7a:d8:eb:5a:de:3b:6c:5b:13:f6:86:ea:e3:86:
92:de:e8:34:34:bf:f3:d2:10:dc:41:c2:c6:2b:b2:ac:73:6a:
b5:9e:c8:45:9d:fb:39:2c:a1:78:9d:2b:55:f0:be:d1:ab:15:
03:58:70:9b:84:27:79:8d:a2:eb:92:ca:13:fe:d0:5d:ce:3b:
2f:a3:c5:4b:e2:e9:3a:4b:07:72:17:4b:b9:f9:f9:4b:c3:21:
d6:7b:d8:7a:90:9c:f0:af:ad:ba:6d:dd:0c:86:4a:21:0c:ff:
07:1b:8d:04:80:f6:f8:8c:fc:0f:01:25:c1:bf:70:60:15:cb:
09:9c:bc:95:f5:82:e5:74:29:0a:79:38:27:b9:a6:72:b4:11:
1e:e3:b5:50:96:31:1d:fa:2c:45:eb:ef:03:73:5d:92:0b:8c:
90:e0:34:3b:e5:39:28:39:68:e9:d4:ab:b6:9c:33:f8:01:20:
fd:62:35:9f:55:0e:1b:f6:ee:14:5b:21:4d:fc:f1:fc:d1:ed:
f1:ab:ab:df:44:cd:c6:88:30:b7:41:23:14:08:bf:17:04:2c:
a6:2e:f1:3f:2c:31:05:94:41:05:c7:93:a2:d0:c6:99:c2:19:
b8:71:5d:27:0f:ef:a3:13:34:aa:c1:81:da:0a:41:9b:ad:3c:
ab:05:9d:81
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDC0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQ0NC
NTQ1NDE1M0FDQ0VDRTg1MjBEMzM5MDdENTRFNTZDNUNBOUE0QjAeFw0yNDA2MDMw
NTU5MDFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg5RDVGMTdEODdGRjNB
RjJDNkZDMjBDMkE3ODY0Mzc2QzZDMkMzMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdqNMVVFIREfJf+xwvHUhGYi1Dks8itpfUE5Cl+QtAcT9kccLU
4Kb+DwrSc0+YYFXGvKYZ/ninnXiZpM01PCRNTrBijkdoH4ye00//Cj0MN8jbkK8q
s9vkh7/nG9EtwzNu2FPV+rrsyUKtrZWwDPrRBpRDacEWnNxvHrLJCYiH30njUHl1
mP/mqj8GcjenWGfBVKz+ogONkzpeHopaYdsY2L29daBaVnMiVr5yn1y/BioAId/u
7pnaMXG9KsDo3eaf4idgZ4q0vUTKg9Px+ifdwDCmXjZ2pnFwKDzhUXAtAqZFCXBF
0WLq/Rxjmb4O/9XLfZrTsYurqVAzW13DRXJlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUidXxfYf/OvLG/CDCp4ZDdsbCwyAwHwYDVR0jBBgwFoAUzLVFQVOszs6FINM5
B9VOVsXKmkswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvU09ORVQv
ekxWRlFWT3N6czZGSU5NNUI5Vk9Wc1hLbWtzLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS96TFZGUVZPc3pzNkZJTk01QjlWT1ZzWEtta3MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9TT05FVC9pZFh4ZllmX092TEdfQ0RDcDRa
RGRzYkN3eUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJwEo
MA0GCSqGSIb3DQEBCwUAA4IBAQCrDCfLetjrWt47bFsT9obq44aS3ug0NL/z0hDc
QcLGK7Ksc2q1nshFnfs5LKF4nStV8L7RqxUDWHCbhCd5jaLrksoT/tBdzjsvo8VL
4uk6SwdyF0u5+flLwyHWe9h6kJzwr626bd0MhkohDP8HG40EgPb4jPwPASXBv3Bg
FcsJnLyV9YLldCkKeTgnuaZytBEe47VQljEd+ixF6+8Dc12SC4yQ4DQ75TkoOWjp
1Ku2nDP4ASD9YjWfVQ4b9u4UWyFN/PH80e3xq6vfRM3GiDC3QSMUCL8XBCymLvE/
LDEFlEEFx5Oi0MaZwhm4cV0nD++jEzSqwYHaCkGbrTyrBZ2B
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org