Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TIH/NSOvMn7pkk3KKz_xRMq70bugFbs.roa
File: NSOvMn7pkk3KKz_xRMq70bugFbs.roa (raw, json)
Hash identifier: /bIrEIANxL5yipaUdkZOysvDrg2VGQFDgYclQvAtUs8=
Subject key identifier: 35:23:AF:32:7E:E9:92:4D:CA:2B:3F:F1:44:CA:BB:D1:BB:A0:15:BB
Certificate issuer: /CN=2D7204617354D70523B6F65A270712B6B19D815E
Certificate serial: 0B48
Authority key identifier: 2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/NSOvMn7pkk3KKz_xRMq70bugFbs.roa
Signing time: Fri 01 Sep 2023 10:00:50 +0000
ROA not before: Fri 01 Sep 2023 10:00:50 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131639
IP address blocks: 103.129.146.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2888 (0xb48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2D7204617354D70523B6F65A270712B6B19D815E
Validity
Not Before: Sep 1 10:00:50 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=3523AF327EE9924DCA2B3FF144CABBD1BBA015BB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7d:c8:07:80:ae:de:7e:5f:d3:88:94:09:bf:
f9:2b:c7:b0:35:99:7b:20:44:f0:f7:69:d1:1b:73:
d8:3d:86:39:80:c7:29:b2:1b:f7:35:58:fe:8d:73:
c8:ff:a1:a6:ad:51:8f:bd:ba:c1:dc:20:a2:b7:78:
5f:e8:d5:ca:dc:60:25:bf:6c:15:b9:59:ae:13:1a:
e9:38:94:e0:71:fb:1e:b6:7e:a8:36:7b:5c:74:a9:
6f:4e:a9:6a:80:9e:0f:ca:64:92:29:54:e0:fc:f5:
b6:b5:39:47:d5:bf:1e:88:cc:f3:e8:a8:13:5d:20:
8f:23:d0:79:89:cf:09:6e:b9:ba:f0:19:b9:b1:f6:
0f:a1:9e:c7:b5:1a:53:d1:fb:68:44:76:48:77:b2:
df:58:db:cd:d0:06:46:91:93:62:f7:e7:1d:df:28:
64:bd:54:a6:87:59:1f:e6:17:1b:51:38:be:54:0b:
d0:b9:d0:cd:88:a2:0c:5c:85:92:38:af:5a:f2:11:
29:9f:1d:c4:c1:4a:8e:0b:c0:97:cc:a3:09:9c:0b:
99:3a:45:7c:4d:9f:eb:35:db:ec:c2:3f:4c:a2:67:
a5:83:1c:1d:28:81:2e:9e:ac:6e:a9:c2:80:29:98:
9f:62:37:36:5f:48:a6:54:b8:84:4d:58:4a:d2:a3:
b5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:23:AF:32:7E:E9:92:4D:CA:2B:3F:F1:44:CA:BB:D1:BB:A0:15:BB
X509v3 Authority Key Identifier:
keyid:2D:72:04:61:73:54:D7:05:23:B6:F6:5A:27:07:12:B6:B1:9D:81:5E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/LXIEYXNU1wUjtvZaJwcStrGdgV4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LXIEYXNU1wUjtvZaJwcStrGdgV4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TIH/NSOvMn7pkk3KKz_xRMq70bugFbs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.146.0/24
Signature Algorithm: sha256WithRSAEncryption
87:b3:85:30:ed:48:a7:37:1d:5f:95:a6:12:15:61:ac:99:78:
11:63:71:de:5c:98:f7:f1:d7:de:94:58:d6:c4:e1:48:21:49:
b3:36:51:5f:95:36:09:53:38:04:a5:31:06:8b:a8:35:e8:af:
0b:79:8c:17:d3:aa:49:c7:ce:e3:4a:a1:da:eb:83:59:2b:f1:
04:36:eb:20:84:2a:9a:c5:d6:f9:31:64:b6:4f:5a:58:6c:23:
af:cd:33:e2:ca:f7:54:e3:51:df:23:a6:9a:f5:8e:4a:ba:5d:
9d:d8:b8:e7:65:6b:54:92:b3:cb:4c:84:44:0f:97:ec:ad:7c:
c9:88:aa:f6:ba:f4:41:10:ab:96:9e:c7:7d:97:89:a0:76:99:
41:27:26:0d:72:ef:02:dc:5c:dc:74:1e:f9:30:e8:de:5b:27:
31:5a:9d:a1:15:cc:3e:c5:be:7d:df:c6:98:26:27:86:04:05:
c8:ba:49:3a:6e:5b:07:84:8e:60:3d:b4:5a:9a:53:7a:84:a9:
8a:06:d4:c0:37:84:a0:45:b1:be:eb:41:82:e5:77:4d:94:cf:
e4:48:3c:3f:32:cf:2d:51:d6:4f:b1:13:a1:8c:e2:a6:1c:45:
5d:84:15:1b:f8:9b:21:c7:a5:b1:33:64:e0:0d:8e:98:e2:6f:
5f:d6:c5:10
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC0gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkQ3
MjA0NjE3MzU0RDcwNTIzQjZGNjVBMjcwNzEyQjZCMTlEODE1RTAeFw0yMzA5MDEx
MDAwNTBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM1MjNBRjMyN0VFOTky
NERDQTJCM0ZGMTQ0Q0FCQkQxQkJBMDE1QkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtfcgHgK7efl/TiJQJv/krx7A1mXsgRPD3adEbc9g9hjmAxymy
G/c1WP6Nc8j/oaatUY+9usHcIKK3eF/o1crcYCW/bBW5Wa4TGuk4lOBx+x62fqg2
e1x0qW9OqWqAng/KZJIpVOD89ba1OUfVvx6IzPPoqBNdII8j0HmJzwluubrwGbmx
9g+hnse1GlPR+2hEdkh3st9Y283QBkaRk2L35x3fKGS9VKaHWR/mFxtROL5UC9C5
0M2IogxchZI4r1ryESmfHcTBSo4LwJfMowmcC5k6RXxNn+s12+zCP0yiZ6WDHB0o
gS6erG6pwoApmJ9iNzZfSKZUuIRNWErSo7X5AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUNSOvMn7pkk3KKz/xRMq70bugFbswHwYDVR0jBBgwFoAULXIEYXNU1wUjtvZa
JwcStrGdgV4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL0xY
SUVZWE5VMXdVanR2WmFKd2NTdHJHZGdWNC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
TFhJRVlYTlUxd1VqdHZaYUp3Y1N0ckdkZ1Y0LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVElIL05TT3ZNbjdwa2szS0t6X3hSTXE3MGJ1
Z0Zicy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABngZIwDQYJ
KoZIhvcNAQELBQADggEBAIezhTDtSKc3HV+VphIVYayZeBFjcd5cmPfx196UWNbE
4UghSbM2UV+VNglTOASlMQaLqDXorwt5jBfTqknHzuNKodrrg1kr8QQ26yCEKprF
1vkxZLZPWlhsI6/NM+LK91TjUd8jppr1jkq6XZ3YuOdla1SSs8tMhEQPl+ytfMmI
qva69EEQq5aex32XiaB2mUEnJg1y7wLcXNx0Hvkw6N5bJzFanaEVzD7Fvn3fxpgm
J4YEBci6STpuWweEjmA9tFqaU3qEqYoG1MA3hKBFsb7rQYLld02Uz+RIPD8yzy1R
1k+xE6GM4qYcRV2EFRv4myHHpbEzZOANjpjib1/WxRA=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:17 2024 by rpki-client on console-ams.rpki-client.org