Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/vOnEZD2StL2EvIuIjNO_pCoNlLc.roa
File: vOnEZD2StL2EvIuIjNO_pCoNlLc.roa (raw, json)
Hash identifier: YqEnpkL4NDkb3NAGV6bwHcl5+tRDqTdRmCpgABhT1v8=
Subject key identifier: BC:E9:C4:64:3D:92:B4:BD:84:BC:8B:88:8C:D3:BF:A4:2A:0D:94:B7
Certificate issuer: /CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Certificate serial: 0CB5
Authority key identifier: 45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/vOnEZD2StL2EvIuIjNO_pCoNlLc.roa
Signing time: Fri 01 Sep 2023 09:59:36 +0000
ROA not before: Fri 01 Sep 2023 09:59:36 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38845
IP address blocks: 140.136.160.0/22 maxlen: 22
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3253 (0xcb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=457B10372A686E3FF73656BEB5CD3DEBC932371A
Validity
Not Before: Sep 1 09:59:36 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=BCE9C4643D92B4BD84BC8B888CD3BFA42A0D94B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:dc:70:47:9f:13:70:09:24:ff:39:2f:c7:64:
1d:83:0c:4b:c2:11:5e:c3:72:6e:e4:ca:8e:cb:1f:
44:34:85:1f:96:e2:d1:70:4b:97:8c:cf:59:b4:00:
21:2e:83:89:09:fa:64:ad:67:f0:c3:83:ff:8d:66:
b8:8c:87:03:69:0f:d3:94:06:f1:2f:8d:3c:9f:55:
33:ca:78:06:e3:46:cd:68:85:8f:dc:78:6f:2f:95:
7c:11:8f:02:38:e1:4f:11:38:ba:e3:02:70:a5:de:
75:5c:ca:52:f0:1d:86:22:03:0b:c8:18:f8:d6:a9:
65:38:e5:74:1a:48:a6:5e:9c:77:ba:5a:35:da:98:
58:aa:db:8a:c2:32:ea:d7:b8:c5:cd:62:16:f4:7c:
29:03:ff:54:5d:53:bb:85:b8:7c:c4:72:47:22:4c:
be:65:79:61:10:07:be:2c:58:f7:21:3e:87:67:de:
05:e9:d3:c3:44:83:a7:7b:b7:00:6b:73:a3:c3:4c:
f2:10:d3:29:f4:5f:92:70:4c:fc:a0:fe:82:19:e1:
a9:56:f6:bc:d2:82:92:62:e3:70:57:1e:89:f1:dc:
17:8d:0c:cf:22:4e:f5:bf:25:f9:f2:f7:e2:11:87:
59:36:ba:13:62:fb:df:bb:0a:e6:97:f7:eb:10:ab:
d2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E9:C4:64:3D:92:B4:BD:84:BC:8B:88:8C:D3:BF:A4:2A:0D:94:B7
X509v3 Authority Key Identifier:
keyid:45:7B:10:37:2A:68:6E:3F:F7:36:56:BE:B5:CD:3D:EB:C9:32:37:1A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/RXsQNypobj_3Nla-tc0968kyNxo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RXsQNypobj_3Nla-tc0968kyNxo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/vOnEZD2StL2EvIuIjNO_pCoNlLc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
140.136.160.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:87:c8:a8:4b:30:c0:4a:c6:9d:16:ca:d1:bd:2d:c0:4d:0d:
69:41:03:54:bb:a8:d2:f3:8b:b1:db:31:bd:40:c8:16:96:00:
b3:55:06:3d:49:5f:49:30:30:ec:a2:59:ec:cf:f5:14:25:fe:
2b:44:f3:b2:d3:f0:10:c1:5e:5f:b5:91:43:d9:d3:7d:7c:39:
cc:36:d6:29:71:6e:9b:1d:53:8f:86:08:41:4b:a6:a2:91:df:
75:2f:c9:7a:65:d6:91:85:13:54:64:d6:93:fd:a2:65:7f:f4:
81:78:a0:b1:b9:93:f8:d6:f2:f5:9d:61:fb:3f:90:68:9e:4b:
1e:29:16:05:f3:33:48:8a:5e:74:3e:aa:26:19:2d:79:d4:1b:
68:3e:46:92:af:b7:1c:b7:80:15:e0:c5:92:8e:68:2c:48:52:
38:a0:b4:90:9f:d5:9a:3d:ad:04:cb:16:75:e1:eb:03:b8:07:
9d:a3:39:fc:58:96:48:de:6e:d5:f5:cd:58:fe:ba:ea:4f:ad:
15:85:a1:b4:8c:0f:2f:93:da:50:5f:a5:0e:b9:ab:0d:0f:e2:
be:db:23:80:b8:97:35:a0:0a:69:1b:0e:4e:74:32:02:34:8e:
cf:84:94:8c:6b:fc:04:7a:42:fc:9f:d0:1d:84:7f:f5:18:34:
83:dc:99:6d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDLUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDU3
QjEwMzcyQTY4NkUzRkY3MzY1NkJFQjVDRDNERUJDOTMyMzcxQTAeFw0yMzA5MDEw
OTU5MzZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEJDRTlDNDY0M0Q5MkI0
QkQ4NEJDOEI4ODhDRDNCRkE0MkEwRDk0QjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG3HBHnxNwCST/OS/HZB2DDEvCEV7Dcm7kyo7LH0Q0hR+W4tFw
S5eMz1m0ACEug4kJ+mStZ/DDg/+NZriMhwNpD9OUBvEvjTyfVTPKeAbjRs1ohY/c
eG8vlXwRjwI44U8ROLrjAnCl3nVcylLwHYYiAwvIGPjWqWU45XQaSKZenHe6WjXa
mFiq24rCMurXuMXNYhb0fCkD/1RdU7uFuHzEckciTL5leWEQB74sWPchPodn3gXp
08NEg6d7twBrc6PDTPIQ0yn0X5JwTPyg/oIZ4alW9rzSgpJi43BXHonx3BeNDM8i
TvW/Jfny9+IRh1k2uhNi+9+7CuaX9+sQq9L9AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUvOnEZD2StL2EvIuIjNO/pCoNlLcwHwYDVR0jBBgwFoAURXsQNypobj/3Nla+
tc0968kyNxowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
UlhzUU55cG9ial8zTmxhLXRjMDk2OGt5TnhvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9SWHNRTnlwb2JqXzNObGEtdGMwOTY4a3lOeG8uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC92T25FWkQyU3RMMkV2SXVJak5P
X3BDb05sTGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCjIig
MA0GCSqGSIb3DQEBCwUAA4IBAQBKh8ioSzDASsadFsrRvS3ATQ1pQQNUu6jS84ux
2zG9QMgWlgCzVQY9SV9JMDDsolnsz/UUJf4rRPOy0/AQwV5ftZFD2dN9fDnMNtYp
cW6bHVOPhghBS6aikd91L8l6ZdaRhRNUZNaT/aJlf/SBeKCxuZP41vL1nWH7P5Bo
nkseKRYF8zNIil50PqomGS151BtoPkaSr7cct4AV4MWSjmgsSFI4oLSQn9WaPa0E
yxZ14esDuAedozn8WJZI3m7V9c1Y/rrqT60VhaG0jA8vk9pQX6UOuasND+K+2yOA
uJc1oAppGw5OdDICNI7PhJSMa/wEekL8n9AdhH/1GDSD3Jlt
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org