Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/2M644Owz-KEhZkoe5GtegSYKm_8.roa
File: 2M644Owz-KEhZkoe5GtegSYKm_8.roa (raw, json)
Hash identifier: 5oGBJIsF1jIk+fuY2Smqdifgzs8+i2Dk3sYviLF+4vo=
Subject key identifier: D8:CE:B8:E0:EC:33:F8:A1:21:66:4A:1E:E4:6B:5E:81:26:0A:9B:FF
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0B4C
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/2M644Owz-KEhZkoe5GtegSYKm_8.roa
Signing time: Fri 01 Sep 2023 10:00:51 +0000
ROA not before: Fri 01 Sep 2023 10:00:51 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 20473
IP address blocks: 103.129.147.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2892 (0xb4c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 1 10:00:51 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D8CEB8E0EC33F8A121664A1EE46B5E81260A9BFF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:7e:f8:de:92:8e:d3:4b:da:51:f5:4c:62:0b:
fb:7a:13:c4:0f:f6:01:78:86:48:db:dd:9d:77:b5:
82:ff:9e:83:19:0f:26:05:99:1a:19:03:7d:b6:da:
be:bc:01:ba:df:2b:ce:92:73:f1:26:01:cb:d6:53:
45:25:73:9b:9b:17:8f:b3:df:87:6a:03:8b:69:c7:
f9:98:4a:1f:91:3d:d9:40:8a:85:26:67:98:5d:99:
e6:97:3a:8e:f5:10:2d:9a:dd:8d:34:07:1b:bb:64:
ff:90:83:d8:25:bd:87:b5:71:50:07:da:e9:94:32:
0a:bd:28:77:08:fb:7a:94:f3:81:84:e5:15:f0:ac:
72:1d:ba:70:99:1d:68:18:c9:52:95:80:23:93:d2:
b5:dc:b4:a0:84:86:9c:64:3d:37:dd:31:57:d8:dd:
e2:55:0a:5b:52:f9:1b:5f:e6:c0:c8:7f:5c:b2:38:
2f:f2:23:f4:2e:11:39:88:fc:0d:43:42:fe:a8:88:
fe:53:3a:48:e3:76:bb:3d:4b:33:c4:f0:b7:fe:47:
d5:f1:75:47:39:9b:7b:d4:8e:f3:47:03:4c:2d:44:
fb:4b:86:29:a0:62:61:b1:eb:6b:dd:86:bd:f0:1e:
c0:e7:e4:ea:72:e8:2b:8a:bd:f2:04:a1:66:34:21:
13:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:CE:B8:E0:EC:33:F8:A1:21:66:4A:1E:E4:6B:5E:81:26:0A:9B:FF
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/2M644Owz-KEhZkoe5GtegSYKm_8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.147.0/24
Signature Algorithm: sha256WithRSAEncryption
33:79:b7:00:04:3f:76:76:e0:b6:d9:2e:4e:8a:0e:92:07:f7:
bb:ae:39:cd:dd:2a:e6:79:f5:ec:46:f3:e3:01:b1:ee:da:d9:
c2:89:7f:5f:f1:6a:c4:a2:39:0d:90:6e:0b:f3:06:67:e2:36:
ec:ac:7d:b7:a6:05:86:38:b2:2c:3a:a2:ea:d5:3d:7b:d0:ff:
4d:e8:b7:86:65:01:f4:1f:67:1e:ed:67:1e:69:e6:b4:7e:6f:
d3:e5:a5:1b:01:d7:82:e7:f3:91:57:1e:2d:5e:99:5a:9e:29:
e3:bc:38:11:38:a9:cd:f5:e3:8a:d4:95:43:0c:f4:a7:e1:83:
77:7a:ca:5c:43:96:42:2a:0d:53:8f:35:0e:c3:af:71:75:43:
27:67:62:a7:65:5a:42:3d:26:ad:14:53:fc:c2:ca:6f:83:5e:
f6:cb:9d:cc:c7:da:04:24:30:09:30:49:27:c9:9a:1c:fa:72:
39:65:99:6f:cf:ba:bc:d4:87:ab:8f:26:f7:ef:a0:3a:dd:ce:
39:2a:12:ed:a0:eb:4a:5f:3f:fb:9d:f8:77:35:d2:1f:be:c8:
0b:7d:93:fb:0c:d8:47:5c:d1:b8:d3:d9:e3:6d:b8:8d:10:d4:
36:25:c6:a7:54:6a:97:6a:3a:f4:87:db:55:08:29:ef:fa:73:
dc:6e:0c:0b
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC0wwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMzA5MDEx
MDAwNTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ4Q0VCOEUwRUMzM0Y4
QTEyMTY2NEExRUU0NkI1RTgxMjYwQTlCRkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDTfvjeko7TS9pR9UxiC/t6E8QP9gF4hkjb3Z13tYL/noMZDyYF
mRoZA3222r68AbrfK86Sc/EmAcvWU0Ulc5ubF4+z34dqA4tpx/mYSh+RPdlAioUm
Z5hdmeaXOo71EC2a3Y00Bxu7ZP+Qg9glvYe1cVAH2umUMgq9KHcI+3qU84GE5RXw
rHIdunCZHWgYyVKVgCOT0rXctKCEhpxkPTfdMVfY3eJVCltS+Rtf5sDIf1yyOC/y
I/QuETmI/A1DQv6oiP5TOkjjdrs9SzPE8Lf+R9XxdUc5m3vUjvNHA0wtRPtLhimg
YmGx62vdhr3wHsDn5Opy6CuKvfIEoWY0IRMhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU2M644Owz+KEhZkoe5GtegSYKm/8wHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElILzJNNjQ0T3d6LUtFaFprb2U1R3RlZ1NZ
S21fOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZMwDQYJ
KoZIhvcNAQELBQADggEBADN5twAEP3Z24LbZLk6KDpIH97uuOc3dKuZ59exG8+MB
se7a2cKJf1/xasSiOQ2QbgvzBmfiNuysfbemBYY4siw6ourVPXvQ/03ot4ZlAfQf
Zx7tZx5p5rR+b9PlpRsB14Ln85FXHi1emVqeKeO8OBE4qc3144rUlUMM9Kfhg3d6
ylxDlkIqDVOPNQ7Dr3F1QydnYqdlWkI9Jq0UU/zCym+DXvbLnczH2gQkMAkwSSfJ
mhz6cjllmW/PurzUh6uPJvfvoDrdzjkqEu2g60pfP/ud+Hc10h++yAt9k/sM2Edc
0bjT2eNtuI0Q1DYlxqdUapdqOvSH21UIKe/6c9xuDAs=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:17 2024 by rpki-client on console-ams.rpki-client.org