Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TGM/YrLSG2QbbWGm-rBJtIMvIQN_8jo.roa
File: YrLSG2QbbWGm-rBJtIMvIQN_8jo.roa (raw, json)
Hash identifier: WVHHri6mBlDZHzc/huixSxjkU7k/DOlweYBhihwb/w4=
Subject key identifier: 62:B2:D2:1B:64:1B:6D:61:A6:FA:B0:49:B4:83:2F:21:03:7F:F2:3A
Certificate issuer: /CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Certificate serial: 0199
Authority key identifier: 9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/YrLSG2QbbWGm-rBJtIMvIQN_8jo.roa
Signing time: Fri 01 Sep 2023 10:00:25 +0000
ROA not before: Fri 01 Sep 2023 10:00:25 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131642
IP address blocks: 2400:5120::/32 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 409 (0x199)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B60696D68773AE2E532F0CD5D10FDC0C8273EA5
Validity
Not Before: Sep 1 10:00:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=62B2D21B641B6D61A6FAB049B4832F21037FF23A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e7:ce:69:43:d8:83:6f:d4:99:11:38:82:84:
fb:e4:54:fb:12:bc:10:ed:14:da:73:f1:7c:b0:bb:
bb:ce:b2:de:24:1d:78:0e:05:d3:a5:ba:26:1c:8d:
31:98:42:c4:3f:4d:d3:ab:e1:31:41:0c:0e:84:69:
38:1e:a6:3b:f2:c7:2b:8d:b8:cf:18:47:d9:60:d6:
9e:df:71:41:a4:2f:f8:49:61:3b:14:d7:7f:7d:af:
e2:ce:aa:1a:3e:dd:71:39:b7:7a:63:de:ff:ce:75:
2c:85:55:c8:7b:74:43:f2:e8:9d:0d:c6:c7:da:3b:
d7:ad:0f:85:b9:96:fe:5b:1e:29:9b:b9:80:8c:97:
d3:1d:a7:81:a0:ae:67:32:8d:03:ee:64:23:52:24:
69:65:9d:42:b7:89:c7:75:73:f1:9c:b7:78:a6:63:
17:c0:7e:da:b9:d5:0e:a2:56:5b:b6:3a:2c:b4:ca:
8d:6c:c8:ff:e8:61:d3:92:4e:2b:92:44:b0:ad:01:
b3:77:06:51:27:71:db:83:50:70:d3:b6:89:48:8e:
82:d6:74:c8:e7:26:f5:5a:14:20:f6:c2:9e:88:dc:
b4:da:1c:14:87:e5:3f:b1:8c:3e:ab:67:82:7a:bd:
c3:ba:f6:c9:bf:38:28:f2:2c:d1:6b:72:5a:71:ff:
fb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B2:D2:1B:64:1B:6D:61:A6:FA:B0:49:B4:83:2F:21:03:7F:F2:3A
X509v3 Authority Key Identifier:
keyid:9B:60:69:6D:68:77:3A:E2:E5:32:F0:CD:5D:10:FD:C0:C8:27:3E:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/m2BpbWh3OuLlMvDNXRD9wMgnPqU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/m2BpbWh3OuLlMvDNXRD9wMgnPqU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TGM/YrLSG2QbbWGm-rBJtIMvIQN_8jo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:5120::/32
Signature Algorithm: sha256WithRSAEncryption
5c:11:b8:98:07:6a:83:66:37:91:8f:51:13:23:02:12:e2:83:
7f:14:1f:fe:5c:6b:42:e4:fc:42:00:d3:ec:31:22:dc:88:10:
1c:e0:ff:b9:09:8e:cc:5f:52:7a:9b:3c:b1:f6:e5:41:00:59:
8a:eb:c7:76:7d:60:e3:77:58:bf:fd:93:7f:5b:cd:54:94:49:
18:c8:50:61:34:31:fc:55:e2:14:21:b2:f9:45:4b:df:62:f2:
49:2f:1e:f9:48:b5:22:7e:e9:e3:07:ee:3b:66:92:02:90:8f:
86:00:5f:21:21:c7:b9:22:27:fd:c1:2f:be:f8:7b:ec:96:af:
00:46:9a:90:61:dd:2a:aa:d6:a2:9c:cd:12:10:a3:f2:08:09:
17:f4:81:cf:e4:4f:72:c3:5f:30:91:a3:55:9c:1f:4d:8b:f9:
36:74:ad:7b:97:df:04:ed:08:0f:c3:5a:24:fb:d2:34:ec:7d:
29:f9:a6:a4:4a:a6:1e:b0:ef:92:b9:de:ec:9e:ec:3b:e4:64:
ef:f4:03:23:6b:a7:04:47:de:ad:db:e1:57:2c:f3:77:eb:f5:
d3:5e:cb:81:e2:8f:3f:d1:90:36:3f:e6:09:2d:60:e5:12:89:
ef:09:b1:60:56:99:cd:e9:2c:a4:90:f1:26:49:53:6a:c3:e1:
43:11:4a:c0
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUI2
MDY5NkQ2ODc3M0FFMkU1MzJGMENENUQxMEZEQzBDODI3M0VBNTAeFw0yMzA5MDEx
MDAwMjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDYyQjJEMjFCNjQxQjZE
NjFBNkZBQjA0OUI0ODMyRjIxMDM3RkYyM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3585pQ9iDb9SZETiChPvkVPsSvBDtFNpz8Xywu7vOst4kHXgO
BdOluiYcjTGYQsQ/TdOr4TFBDA6EaTgepjvyxyuNuM8YR9lg1p7fcUGkL/hJYTsU
1399r+LOqho+3XE5t3pj3v/OdSyFVch7dEPy6J0NxsfaO9etD4W5lv5bHimbuYCM
l9Mdp4GgrmcyjQPuZCNSJGllnUK3icd1c/Gct3imYxfAftq51Q6iVlu2Oiy0yo1s
yP/oYdOSTiuSRLCtAbN3BlEncduDUHDTtolIjoLWdMjnJvVaFCD2wp6I3LTaHBSH
5T+xjD6rZ4J6vcO69sm/OCjyLNFrclpx//uFAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUYrLSG2QbbWGm+rBJtIMvIQN/8jowHwYDVR0jBBgwFoAUm2BpbWh3OuLlMvDN
XRD9wMgnPqUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL20y
QnBiV2gzT3VMbE12RE5YUkQ5d01nblBxVS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bTJCcGJXaDNPdUxsTXZETlhSRDl3TWduUHFVLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVEdNL1lyTFNHMlFiYldHbS1yQkp0SU12SVFO
Xzhqby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAkAFEgMA0G
CSqGSIb3DQEBCwUAA4IBAQBcEbiYB2qDZjeRj1ETIwIS4oN/FB/+XGtC5PxCANPs
MSLciBAc4P+5CY7MX1J6mzyx9uVBAFmK68d2fWDjd1i//ZN/W81UlEkYyFBhNDH8
VeIUIbL5RUvfYvJJLx75SLUifunjB+47ZpICkI+GAF8hIce5Iif9wS+++Hvslq8A
RpqQYd0qqtainM0SEKPyCAkX9IHP5E9yw18wkaNVnB9Ni/k2dK17l98E7QgPw1ok
+9I07H0p+aakSqYesO+Sud7snuw75GTv9AMja6cER96t2+FXLPN36/XTXsuB4o8/
0ZA2P+YJLWDlEonvCbFgVpnN6SykkPEmSVNqw+FDEUrA
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:17 2024 by rpki-client on console-ams.rpki-client.org