Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TANET/w_kdilKg-b7bMi-GZWrIGI71zls.roa
File: w_kdilKg-b7bMi-GZWrIGI71zls.roa (raw, json)
Hash identifier: y2DkVUG3ck1zvUTq39gAJuYQXjF/u/eUowz8cZmVcyU=
Subject key identifier: C3:F9:1D:8A:52:A0:F9:BE:DB:32:2F:86:65:6A:C8:18:8E:F5:CE:5B
Certificate issuer: /CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Certificate serial: 0D00
Authority key identifier: E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/w_kdilKg-b7bMi-GZWrIGI71zls.roa
Signing time: Fri 01 Sep 2023 09:59:22 +0000
ROA not before: Fri 01 Sep 2023 09:59:22 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38844
IP address blocks: 210.60.149.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3328 (0xd00)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=E1A88C34D246EF7C2A7C1AC5FE97B262BC48178E
Validity
Not Before: Sep 1 09:59:22 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=C3F91D8A52A0F9BEDB322F86656AC8188EF5CE5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f4:96:6c:3c:15:94:1b:1c:3c:cf:b3:f7:ad:
0d:09:33:cf:2d:69:e5:a5:ec:47:0d:ca:f3:78:ad:
d7:9b:26:93:9f:1a:6e:ac:d6:d3:3d:ba:36:fb:05:
3f:f0:b7:2b:d9:ac:28:3b:af:49:bd:25:02:dc:b0:
a7:c9:f0:9e:72:07:77:a9:0e:fa:76:6c:a5:a4:b1:
ff:87:de:52:f8:16:f1:98:89:22:af:e8:c9:26:e7:
41:d3:0e:66:1c:5f:62:1c:c7:63:da:8a:35:66:ec:
89:63:e4:c4:03:cf:90:a0:8a:fd:34:08:71:fa:ad:
1a:ec:c1:c2:27:41:0e:a7:b9:9e:00:9f:db:59:46:
82:d3:46:6e:86:a4:2d:bb:7e:51:a2:37:2b:40:3d:
b7:3b:dd:80:18:0e:5b:12:1b:ca:cc:e2:3d:ba:12:
17:2e:f6:f7:35:a4:16:ec:94:34:1b:c0:ba:09:21:
8e:e6:06:02:5c:d9:69:9d:68:6e:06:1d:af:94:04:
0b:fc:4a:e2:63:f4:46:6c:84:80:22:7d:1c:b4:57:
96:b6:8f:4c:77:f5:a7:a1:50:54:55:a9:59:e7:75:
b5:c4:f1:9e:20:39:b8:06:03:f8:5e:f6:47:6e:3f:
9b:31:ca:23:ff:f9:f2:52:ae:c4:4c:60:3a:00:41:
14:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F9:1D:8A:52:A0:F9:BE:DB:32:2F:86:65:6A:C8:18:8E:F5:CE:5B
X509v3 Authority Key Identifier:
keyid:E1:A8:8C:34:D2:46:EF:7C:2A:7C:1A:C5:FE:97:B2:62:BC:48:17:8E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/4aiMNNJG73wqfBrF_peyYrxIF44.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/4aiMNNJG73wqfBrF_peyYrxIF44.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TANET/w_kdilKg-b7bMi-GZWrIGI71zls.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.60.149.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b7:76:22:69:d7:3c:69:a3:57:de:6f:0d:a5:64:35:39:76:
d7:72:99:ef:b5:a4:79:e5:e2:d2:23:5e:41:09:ec:04:e7:ab:
5f:0b:fb:fb:5f:dc:cd:71:8f:b9:1b:f0:3f:7b:e5:e3:d5:53:
fa:f7:73:99:57:67:a2:b1:f5:03:04:db:a1:fc:65:89:32:99:
ad:4c:e4:68:d3:81:39:8c:67:7b:99:3e:0d:05:3e:e4:3f:f5:
24:5f:01:cd:1e:da:de:96:08:f4:23:96:f8:a1:5b:4e:6f:d1:
b6:18:19:46:f5:e9:3e:bd:73:25:0f:08:e1:69:f4:74:d0:c4:
b3:96:40:b9:df:a8:45:49:03:4c:e1:33:36:96:4c:e6:7a:37:
4f:ac:58:7a:8f:d7:f5:94:82:d7:90:9b:fe:7b:96:e1:e5:24:
7e:90:05:95:72:e7:04:5a:cb:12:d2:a6:49:3f:fe:ff:ff:33:
7f:27:60:49:84:b0:76:f6:6a:64:56:7a:49:fd:66:f3:14:b6:
4b:dd:79:90:e1:37:eb:d3:3f:d3:05:7e:6f:38:7b:66:3d:a5:
ad:d8:e8:e5:54:2c:29:7c:43:47:5e:4e:cb:03:a6:e5:c4:16:
1c:f7:7c:e5:33:c0:4c:77:d7:45:02:23:04:c6:d2:f4:8d:97:
83:2a:46:3f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDQAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRTFB
ODhDMzREMjQ2RUY3QzJBN0MxQUM1RkU5N0IyNjJCQzQ4MTc4RTAeFw0yMzA5MDEw
OTU5MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEMzRjkxRDhBNTJBMEY5
QkVEQjMyMkY4NjY1NkFDODE4OEVGNUNFNUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv9JZsPBWUGxw8z7P3rQ0JM88taeWl7EcNyvN4rdebJpOfGm6s
1tM9ujb7BT/wtyvZrCg7r0m9JQLcsKfJ8J5yB3epDvp2bKWksf+H3lL4FvGYiSKv
6Mkm50HTDmYcX2Icx2PaijVm7Ilj5MQDz5Cgiv00CHH6rRrswcInQQ6nuZ4An9tZ
RoLTRm6GpC27flGiNytAPbc73YAYDlsSG8rM4j26Ehcu9vc1pBbslDQbwLoJIY7m
BgJc2WmdaG4GHa+UBAv8SuJj9EZshIAifRy0V5a2j0x39aehUFRVqVnndbXE8Z4g
ObgGA/he9kduP5sxyiP/+fJSrsRMYDoAQRQ5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUw/kdilKg+b7bMi+GZWrIGI71zlswHwYDVR0jBBgwFoAU4aiMNNJG73wqfBrF
/peyYrxIF44wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEFORVQv
NGFpTU5OSkc3M3dxZkJyRl9wZXlZcnhJRjQ0LmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS80YWlNTk5KRzczd3FmQnJGX3BleVlyeElGNDQuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQU5FVC93X2tkaWxLZy1iN2JNaS1HWldy
SUdJNzF6bHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0jyV
MA0GCSqGSIb3DQEBCwUAA4IBAQBat3Yiadc8aaNX3m8NpWQ1OXbXcpnvtaR55eLS
I15BCewE56tfC/v7X9zNcY+5G/A/e+Xj1VP693OZV2eisfUDBNuh/GWJMpmtTORo
04E5jGd7mT4NBT7kP/UkXwHNHtrelgj0I5b4oVtOb9G2GBlG9ek+vXMlDwjhafR0
0MSzlkC536hFSQNM4TM2lkzmejdPrFh6j9f1lILXkJv+e5bh5SR+kAWVcucEWssS
0qZJP/7//zN/J2BJhLB29mpkVnpJ/WbzFLZL3XmQ4Tfr0z/TBX5vOHtmPaWt2Ojl
VCwpfENHXk7LA6blxBYc93zlM8BMd9dFAiMExtL0jZeDKkY/
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:16 2024 by rpki-client on console-ams.rpki-client.org