Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/U7VB5mZnKpgvaCNgkoQ7QBcyPxc.roa
File: U7VB5mZnKpgvaCNgkoQ7QBcyPxc.roa (raw, json)
Hash identifier: tRYyxHEwG3jzRHf2YjgYrx8Ud3MOJIKjgWeORxiT7sI=
Subject key identifier: 53:B5:41:E6:66:67:2A:98:2F:68:23:60:92:84:3B:40:17:32:3F:17
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0CF5
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/U7VB5mZnKpgvaCNgkoQ7QBcyPxc.roa
Signing time: Thu 30 Nov 2023 08:08:12 +0000
ROA not before: Thu 30 Nov 2023 08:08:12 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18217
IP address blocks: 140.109.224.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3317 (0xcf5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Nov 30 08:08:12 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=53B541E666672A982F68236092843B4017323F17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:97:9f:10:c4:c1:bc:1e:23:25:6c:c1:a5:42:
df:9c:b2:68:2b:3a:72:34:d8:23:01:07:dd:57:12:
38:fd:24:52:87:cb:47:55:82:f0:d0:a2:7c:f5:1b:
28:a1:13:8a:ae:84:c1:af:e2:a3:b2:e7:8f:12:e9:
dd:73:7a:bd:5d:c4:fe:dc:c2:24:13:ce:bd:43:85:
5e:2c:47:f4:51:7b:5b:d9:b8:1f:61:c1:78:0e:ed:
fa:fe:f6:6a:11:f7:18:ab:77:7d:4c:ac:fd:a1:3e:
6d:2f:f8:61:b9:fb:90:43:ba:c5:17:b5:9f:db:51:
bd:b6:04:0b:12:c4:44:f9:2d:02:e0:8c:b4:04:a9:
36:b0:41:75:09:f2:e7:40:3b:ce:17:b3:1f:bd:9d:
6a:8d:c8:a2:99:2e:b0:39:24:71:a9:a5:b6:7b:0a:
85:cd:b8:09:8e:ea:de:45:21:5c:89:fb:d8:a2:57:
67:27:7c:9a:c4:04:01:59:e5:6b:90:09:07:52:8e:
14:0a:b5:c0:e7:31:d2:e3:20:d7:45:80:90:f2:8b:
22:99:be:73:cf:d3:0f:8c:3b:91:3e:de:6e:5b:18:
e1:7e:fc:72:33:06:32:0d:71:50:60:08:b5:bb:ab:
aa:27:6f:af:91:f6:f4:58:d6:43:5c:ce:69:e4:9a:
b7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B5:41:E6:66:67:2A:98:2F:68:23:60:92:84:3B:40:17:32:3F:17
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/U7VB5mZnKpgvaCNgkoQ7QBcyPxc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.109.224.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:06:29:c9:8c:f1:8f:56:0d:69:13:cb:18:40:b7:ec:40:8b:
04:4c:1e:3a:98:0f:79:62:ed:12:30:40:12:6f:70:09:37:cb:
34:3e:56:f5:c1:d6:24:01:f4:f1:1c:9e:f8:43:47:89:77:50:
58:bc:e6:a2:11:6b:86:21:12:f1:49:f3:5d:46:50:4c:83:2d:
db:63:7e:31:f8:e5:81:ec:42:4d:e9:29:b8:a7:d0:e3:fc:0f:
1c:a8:aa:19:9e:36:43:99:75:ef:af:77:41:80:f6:05:d8:a6:
a2:54:1c:ab:f2:45:54:2d:53:61:f8:93:8a:8c:d1:78:1f:90:
d7:74:a5:11:8d:25:73:ae:cc:c0:e7:f5:49:24:69:7a:0e:9a:
52:94:74:14:28:36:b4:e1:0b:28:96:93:71:f8:09:05:6d:2e:
4c:2f:6c:ad:05:84:cf:37:ed:43:c5:c5:10:eb:2c:21:2e:f7:
cc:c6:20:bf:be:8c:f6:af:ff:1d:71:b5:b1:5e:fd:11:c7:d3:
51:15:7d:0b:4b:12:82:2b:2f:c0:96:62:db:de:5b:a9:b4:fc:
32:6f:cf:c8:c4:6b:89:42:61:bf:d3:bc:99:5e:8a:1b:43:a2:
a0:14:c5:04:c1:f6:23:a9:48:6f:e5:6f:a9:cd:67:96:fe:c4:
8a:ea:40:69
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDPUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMzExMzAw
ODA4MTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDUzQjU0MUU2NjY2NzJB
OTgyRjY4MjM2MDkyODQzQjQwMTczMjNGMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfl58QxMG8HiMlbMGlQt+csmgrOnI02CMBB91XEjj9JFKHy0dV
gvDQonz1GyihE4quhMGv4qOy548S6d1zer1dxP7cwiQTzr1DhV4sR/RRe1vZuB9h
wXgO7fr+9moR9xird31MrP2hPm0v+GG5+5BDusUXtZ/bUb22BAsSxET5LQLgjLQE
qTawQXUJ8udAO84Xsx+9nWqNyKKZLrA5JHGppbZ7CoXNuAmO6t5FIVyJ+9iiV2cn
fJrEBAFZ5WuQCQdSjhQKtcDnMdLjINdFgJDyiyKZvnPP0w+MO5E+3m5bGOF+/HIz
BjINcVBgCLW7q6onb6+R9vRY1kNczmnkmrfrAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUU7VB5mZnKpgvaCNgkoQ7QBcyPxcwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9VN1ZCNW1abktwZ3ZhQ05na29R
N1FCY3lQeGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBjG3g
MA0GCSqGSIb3DQEBCwUAA4IBAQCgBinJjPGPVg1pE8sYQLfsQIsETB46mA95Yu0S
MEASb3AJN8s0Plb1wdYkAfTxHJ74Q0eJd1BYvOaiEWuGIRLxSfNdRlBMgy3bY34x
+OWB7EJN6Sm4p9Dj/A8cqKoZnjZDmXXvr3dBgPYF2KaiVByr8kVULVNh+JOKjNF4
H5DXdKURjSVzrszA5/VJJGl6DppSlHQUKDa04QsolpNx+AkFbS5ML2ytBYTPN+1D
xcUQ6ywhLvfMxiC/voz2r/8dcbWxXv0Rx9NRFX0LSxKCKy/AlmLb3luptPwyb8/I
xGuJQmG/07yZXoobQ6KgFMUEwfYjqUhv5W+pzWeW/sSK6kBp
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org