Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/geql-Htgll53bwUzo7oXjBvvlOE.roa
File: geql-Htgll53bwUzo7oXjBvvlOE.roa (raw, json)
Hash identifier: 6mz1rcDDeVCNwpt9rtt9oMMDlW8j5gY/NZbhDEoAacw=
Subject key identifier: 81:EA:A5:F8:7B:60:96:5E:77:6F:05:33:A3:BA:17:8C:1B:EF:94:E1
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 0D0A
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/geql-Htgll53bwUzo7oXjBvvlOE.roa
Signing time: Fri 01 Sep 2023 09:59:28 +0000
ROA not before: Fri 01 Sep 2023 09:59:28 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 1659
IP address blocks: 210.60.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3338 (0xd0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Sep 1 09:59:28 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=81EAA5F87B60965E776F0533A3BA178C1BEF94E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0d:42:92:4b:8d:3d:c0:0f:5c:e6:4b:d8:c2:
82:ba:19:55:de:de:8f:06:a2:aa:cd:b8:48:cc:7b:
a8:d3:31:b9:5d:a7:0d:67:1c:0e:e8:c5:af:f7:b1:
ab:0a:dc:b1:bd:b6:d7:bb:4d:66:7b:1b:34:90:36:
b5:49:fd:b0:d7:c2:d5:f2:fe:7c:1c:f8:fa:34:4c:
aa:5e:91:19:cc:11:c7:a0:dc:78:74:14:83:27:2c:
68:78:11:51:e5:53:5c:ff:80:02:c8:09:63:99:4f:
ba:e2:04:11:d0:48:e1:0b:3c:91:44:f6:ef:eb:4b:
c0:0b:f3:ca:b8:46:5f:a8:6f:c3:f3:7a:f6:8b:5e:
c5:3e:4b:59:70:a0:2c:9d:18:2f:07:0c:4e:71:7e:
2e:2e:e7:8a:24:05:ad:cb:c8:ae:b0:69:1c:78:26:
5a:13:f7:2e:ac:4e:c9:73:0e:87:3e:aa:72:b3:3c:
f3:44:95:d6:1c:76:fe:8d:60:89:8c:dd:fd:ab:94:
ea:1b:99:3c:e9:69:de:1d:d3:48:a5:a6:50:13:58:
d3:28:a3:aa:df:08:be:97:d4:b7:6a:17:0e:7a:80:
eb:16:d4:83:56:93:8b:59:1f:16:c6:e6:a4:d5:21:
e8:63:8a:52:6f:68:6f:c8:43:76:9d:d3:d9:d1:05:
22:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EA:A5:F8:7B:60:96:5E:77:6F:05:33:A3:BA:17:8C:1B:EF:94:E1
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/geql-Htgll53bwUzo7oXjBvvlOE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:8f:b1:4a:f7:d1:66:5d:2a:d7:04:3c:33:a2:44:6e:97:a2:
6f:69:99:80:1e:c5:1d:8d:cc:a3:3b:32:9d:31:14:3b:cd:5b:
53:88:c9:9e:b5:a7:7e:bb:8b:b6:f5:a5:3a:4f:00:6f:e7:89:
eb:4d:86:ab:91:95:47:b3:47:7d:52:5d:9b:fc:a5:e6:32:68:
d1:7f:06:a8:6c:fa:38:b1:49:49:06:08:a4:e5:79:35:39:0f:
d7:2b:bf:ec:bb:92:c1:80:33:92:bc:5d:58:f6:15:d8:a0:29:
1b:e7:ac:0e:43:d3:c9:47:4b:b7:51:c0:d1:0b:b0:ec:92:75:
01:e9:45:df:0c:5b:b3:18:e7:0e:5b:0e:37:08:7a:f4:12:71:
3c:c7:a6:6a:a8:a2:64:ad:fc:d0:46:84:e9:57:6f:12:a8:5f:
3c:56:01:d9:dc:05:1b:5d:ce:5a:9f:4f:87:cc:b4:cc:5b:11:
28:cc:b7:14:25:c8:9e:af:87:ef:a0:b6:62:42:41:8a:b8:b3:
9c:94:92:0c:0b:2d:83:03:0f:83:b7:b1:82:9c:3b:9a:05:ed:
8f:93:e1:f4:f8:36:56:bf:65:ab:1a:38:b2:ca:ca:e7:34:19:
c2:77:6a:a4:93:2f:67:55:d9:77:ae:3d:da:a2:73:fc:15:c2:
61:5e:a2:2e
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDQowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMzA5MDEw
OTU5MjhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDgxRUFBNUY4N0I2MDk2
NUU3NzZGMDUzM0EzQkExNzhDMUJFRjk0RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBDUKSS409wA9c5kvYwoK6GVXe3o8GoqrNuEjMe6jTMbldpw1n
HA7oxa/3sasK3LG9tte7TWZ7GzSQNrVJ/bDXwtXy/nwc+Po0TKpekRnMEceg3Hh0
FIMnLGh4EVHlU1z/gALICWOZT7riBBHQSOELPJFE9u/rS8AL88q4Rl+ob8PzevaL
XsU+S1lwoCydGC8HDE5xfi4u54okBa3LyK6waRx4JloT9y6sTslzDoc+qnKzPPNE
ldYcdv6NYImM3f2rlOobmTzpad4d00ilplATWNMoo6rfCL6X1LdqFw56gOsW1INW
k4tZHxbG5qTVIehjilJvaG/IQ3ad09nRBSJbAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUgeql+Htgll53bwUzo7oXjBvvlOEwHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC9nZXFsLUh0Z2xsNTNid1V6bzdv
WGpCdnZsT0Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0jww
DQYJKoZIhvcNAQELBQADggEBAHmPsUr30WZdKtcEPDOiRG6Xom9pmYAexR2NzKM7
Mp0xFDvNW1OIyZ61p367i7b1pTpPAG/nietNhquRlUezR31SXZv8peYyaNF/Bqhs
+jixSUkGCKTleTU5D9crv+y7ksGAM5K8XVj2FdigKRvnrA5D08lHS7dRwNELsOyS
dQHpRd8MW7MY5w5bDjcIevQScTzHpmqoomSt/NBGhOlXbxKoXzxWAdncBRtdzlqf
T4fMtMxbESjMtxQlyJ6vh++gtmJCQYq4s5yUkgwLLYMDD4O3sYKcO5oF7Y+T4fT4
Nla/ZasaOLLKyuc0GcJ3aqSTL2dV2XeuPdqic/wVwmFeoi4=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org