Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/HSprM-I1Bj5R_IrZgCbeLMIhsd4.roa
File: HSprM-I1Bj5R_IrZgCbeLMIhsd4.roa (raw, json)
Hash identifier: q9sU2R+KmVlKhtBXEEwUdOieLzQwiIes5lstCke4io0=
Subject key identifier: 1D:2A:6B:33:E2:35:06:3E:51:FC:8A:D9:80:26:DE:2C:C2:21:B1:DE
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0B4E
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/HSprM-I1Bj5R_IrZgCbeLMIhsd4.roa
Signing time: Fri 01 Sep 2023 10:00:52 +0000
ROA not before: Fri 01 Sep 2023 10:00:52 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131639
IP address blocks: 2403:7f40:f000::/48 maxlen: 64
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2894 (0xb4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 1 10:00:52 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1D2A6B33E235063E51FC8AD98026DE2CC221B1DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:37:cf:57:86:79:4f:5c:62:c5:1f:45:79:08:
92:6f:39:ce:27:0f:8c:a3:db:f8:8f:c5:84:fd:a7:
03:d7:35:1b:93:79:cc:f6:a2:75:74:5f:d6:07:04:
d8:ed:a9:b0:59:66:12:7c:80:f8:a8:40:96:4b:ab:
80:a2:c1:56:84:14:36:b7:13:38:cf:fc:75:9a:9f:
b0:dd:04:23:50:12:19:d9:7a:42:df:a9:7a:1c:d5:
c0:08:39:5a:e4:c8:6e:b1:0d:05:1e:a2:5b:0d:9f:
71:ab:9a:ff:6a:a6:1f:42:60:b8:c5:c4:04:cf:8f:
19:d1:8d:22:2f:a2:2d:0f:85:a5:29:3f:4c:3f:ce:
cf:23:5d:16:52:54:99:ef:3e:2c:77:c0:4b:59:29:
94:51:72:92:99:94:42:5f:a9:59:78:e1:6c:b1:30:
46:3d:04:75:09:27:ec:b5:fc:ee:ef:12:de:27:16:
7b:d0:b8:4a:7e:20:71:f1:cf:d9:52:bf:b5:18:48:
81:19:d4:0c:b9:65:3b:0b:b2:a7:9d:a1:e9:59:b8:
7b:46:92:ae:74:cf:a8:14:40:57:74:aa:80:21:82:
9f:fd:31:ac:a0:82:f2:80:ae:d8:a3:5f:6b:5e:5d:
06:7d:dc:22:23:9e:68:da:74:59:b0:51:6c:9b:29:
ae:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:2A:6B:33:E2:35:06:3E:51:FC:8A:D9:80:26:DE:2C:C2:21:B1:DE
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/HSprM-I1Bj5R_IrZgCbeLMIhsd4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2403:7f40:f000::/48
Signature Algorithm: sha256WithRSAEncryption
9f:d1:d6:40:39:b7:2b:df:59:29:0e:8f:ca:27:18:04:6a:77:
eb:f2:c9:ff:2a:f9:9b:1d:53:04:43:a0:46:fd:93:65:53:14:
2b:7a:45:5b:29:b4:78:e9:80:1d:ca:08:cb:19:29:8a:3a:73:
c6:59:d8:76:49:a5:57:fa:88:89:f6:42:49:8e:21:c7:31:43:
b6:43:0b:7e:da:fd:d3:31:d6:bc:53:02:88:f1:f0:25:ba:a4:
bf:1c:2e:ca:04:b2:cc:ed:30:d9:b9:25:7d:4b:b5:e3:bd:7a:
a4:ef:bf:a0:f8:57:f2:79:8e:f2:72:2e:c1:a0:a4:1b:a3:90:
d7:c2:db:bb:59:58:92:ec:69:14:65:20:14:a6:40:f6:65:eb:
8b:ed:0e:02:0c:19:c8:c5:46:cf:0b:3d:97:92:57:ec:80:e8:
9b:63:e3:cd:2e:bd:1f:57:0d:10:01:b7:ad:b4:7d:47:e5:05:
7c:18:57:b4:b2:90:9f:f9:39:25:c5:d3:17:19:57:bc:fd:31:
57:4d:9f:b4:65:ac:4a:84:ea:dd:e9:bc:68:5b:79:d3:2a:db:
3f:18:0e:96:dc:30:6d:ba:37:66:8c:54:55:af:65:b3:e3:32:
61:e8:d4:24:60:3a:1f:ce:62:5f:56:88:aa:5a:06:a2:39:13:
42:20:94:c5
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICC04wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMzA5MDEx
MDAwNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDFEMkE2QjMzRTIzNTA2
M0U1MUZDOEFEOTgwMjZERTJDQzIyMUIxREUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDiN89XhnlPXGLFH0V5CJJvOc4nD4yj2/iPxYT9pwPXNRuTecz2
onV0X9YHBNjtqbBZZhJ8gPioQJZLq4CiwVaEFDa3EzjP/HWan7DdBCNQEhnZekLf
qXoc1cAIOVrkyG6xDQUeolsNn3Grmv9qph9CYLjFxATPjxnRjSIvoi0PhaUpP0w/
zs8jXRZSVJnvPix3wEtZKZRRcpKZlEJfqVl44WyxMEY9BHUJJ+y1/O7vEt4nFnvQ
uEp+IHHxz9lSv7UYSIEZ1Ay5ZTsLsqedoelZuHtGkq50z6gUQFd0qoAhgp/9Mayg
gvKArtijX2teXQZ93CIjnmjadFmwUWybKa7BAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUHSprM+I1Bj5R/IrZgCbeLMIhsd4wHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0hTcHJNLUkxQmo1Ul9JclpnQ2JlTE1J
aHNkNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkA39A8AAw
DQYJKoZIhvcNAQELBQADggEBAJ/R1kA5tyvfWSkOj8onGARqd+vyyf8q+ZsdUwRD
oEb9k2VTFCt6RVsptHjpgB3KCMsZKYo6c8ZZ2HZJpVf6iIn2QkmOIccxQ7ZDC37a
/dMx1rxTAojx8CW6pL8cLsoEssztMNm5JX1LteO9eqTvv6D4V/J5jvJyLsGgpBuj
kNfC27tZWJLsaRRlIBSmQPZl64vtDgIMGcjFRs8LPZeSV+yA6Jtj480uvR9XDRAB
t620fUflBXwYV7SykJ/5OSXF0xcZV7z9MVdNn7RlrEqE6t3pvGhbedMq2z8YDpbc
MG26N2aMVFWvZbPjMmHo1CRgOh/OYl9WiKpaBqI5E0IglMU=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org