Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUCD/D6Agb4TjPPxQYY8TxiR42jZ0hPY.roa
File: D6Agb4TjPPxQYY8TxiR42jZ0hPY.roa (raw, json)
Hash identifier: cyUdWyVY1lOAkqiuOUIVSLqwi4MTsLNxiOzEdsLJwGw=
Subject key identifier: 0F:A0:20:6F:84:E3:3C:FC:50:61:8F:13:C6:24:78:DA:36:74:84:F6
Certificate issuer: /CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Certificate serial: 0158
Authority key identifier: 35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/D6Agb4TjPPxQYY8TxiR42jZ0hPY.roa
Signing time: Wed 24 Jul 2024 02:24:38 +0000
ROA not before: Wed 24 Jul 2024 02:24:38 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 63908
IP address blocks: 2400:ebe0::/32 maxlen: 32
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 344 (0x158)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Validity
Not Before: Jul 24 02:24:38 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0FA0206F84E33CFC50618F13C62478DA367484F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:19:4d:42:a2:7a:00:cd:a4:48:66:8e:bc:34:
54:60:87:4f:fe:ee:3d:4a:51:de:31:1c:9e:4c:69:
e0:52:4d:4d:b9:67:07:88:f2:b5:df:bd:f5:9f:a1:
39:c4:9f:6f:2e:fc:dd:d4:5a:63:f2:fd:3f:cc:8c:
d6:a5:91:99:4a:37:90:92:35:c8:6e:4e:e1:52:b9:
71:c0:2e:45:e4:b5:61:63:1c:54:0d:74:bb:0a:5f:
41:59:07:78:ac:8e:a3:0a:2a:12:63:86:77:d0:9d:
69:76:75:e1:d7:5b:59:b5:be:ba:16:02:de:ab:aa:
65:ea:83:d3:ea:3f:6d:0d:b1:0f:4d:78:bf:84:b3:
df:9a:64:72:ff:5f:7e:5c:56:67:e9:0c:cd:ec:a5:
49:a2:7a:a3:0c:27:9c:9a:e0:7a:e2:69:94:0d:9c:
b4:b0:4f:47:ee:5a:ce:7b:b7:7c:ac:99:a5:d5:5e:
83:57:70:ce:2b:d2:17:42:5c:b1:a5:50:2f:ea:dd:
6d:7f:13:f1:31:f6:ec:eb:25:76:c0:4f:5a:97:57:
0d:b6:a4:4d:0b:d5:1b:1d:00:d8:93:89:85:6d:25:
8c:0b:9e:c2:0b:4b:49:98:be:4f:39:76:61:3c:0e:
3a:3f:bf:f0:06:1f:9f:32:be:7a:17:75:7b:b2:e3:
84:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A0:20:6F:84:E3:3C:FC:50:61:8F:13:C6:24:78:DA:36:74:84:F6
X509v3 Authority Key Identifier:
keyid:35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/NdY_KFQm2dVyCdQsRrkSWyOnjsE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/D6Agb4TjPPxQYY8TxiR42jZ0hPY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2400:ebe0::/32
Signature Algorithm: sha256WithRSAEncryption
35:b0:ef:b2:b1:02:a8:c0:e7:ee:ba:5d:7b:42:84:32:25:f2:
df:67:ed:28:2d:88:c2:08:f0:2d:a5:af:13:c7:e4:ca:cf:ae:
2c:da:39:e7:27:41:40:1c:5d:e9:4b:cd:35:0c:10:55:66:31:
46:3e:24:0a:49:cb:3d:05:c4:b1:18:85:40:e6:47:98:e0:e9:
3a:ee:9d:f2:51:da:44:c0:b8:f6:9f:eb:6c:d1:bb:24:80:e5:
ee:f4:bd:32:5c:76:30:7e:72:44:8c:09:b1:2f:e2:96:51:03:
ef:8e:db:d8:2d:c7:22:0e:9e:eb:06:92:26:0a:b3:df:6b:10:
d3:f0:48:ed:87:98:c1:e9:f3:1e:e9:78:57:91:6f:b3:33:b7:
cc:29:a1:c8:66:dd:c2:ed:71:00:57:54:fc:c0:26:50:13:04:
0a:d6:69:5d:35:62:c0:1c:93:0b:64:cb:25:2f:fb:00:fb:13:
82:96:6b:9d:79:db:db:d4:d1:8d:4a:79:c5:ff:0d:c5:b7:b5:
06:2e:b0:be:d9:c7:86:a9:f5:17:ad:73:d1:80:c9:f0:61:11:
bf:b9:9d:bb:ad:fc:69:7f:f7:60:9e:b9:d2:bd:b4:f1:4f:b9:
15:bf:8c:0b:7f:fb:67:a2:a3:0b:37:27:97:d3:9e:a3:a6:8c:
20:d4:18:b3
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICAVgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzVE
NjNGMjg1NDI2RDlENTcyMDlENDJDNDZCOTEyNUIyM0E3OEVDMTAeFw0yNDA3MjQw
MjI0MzhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBGQTAyMDZGODRFMzND
RkM1MDYxOEYxM0M2MjQ3OERBMzY3NDg0RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKGU1ConoAzaRIZo68NFRgh0/+7j1KUd4xHJ5MaeBSTU25ZweI
8rXfvfWfoTnEn28u/N3UWmPy/T/MjNalkZlKN5CSNchuTuFSuXHALkXktWFjHFQN
dLsKX0FZB3isjqMKKhJjhnfQnWl2deHXW1m1vroWAt6rqmXqg9PqP20NsQ9NeL+E
s9+aZHL/X35cVmfpDM3spUmieqMMJ5ya4HriaZQNnLSwT0fuWs57t3ysmaXVXoNX
cM4r0hdCXLGlUC/q3W1/E/Ex9uzrJXbAT1qXVw22pE0L1RsdANiTiYVtJYwLnsIL
S0mYvk85dmE8Djo/v/AGH58yvnoXdXuy44TzAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUD6Agb4TjPPxQYY8TxiR42jZ0hPYwHwYDVR0jBBgwFoAUNdY/KFQm2dVyCdQs
RrkSWyOnjsEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVDRC9O
ZFlfS0ZRbTJkVnlDZFFzUnJrU1d5T25qc0UuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05kWV9LRlFtMmRWeUNkUXNScmtTV3lPbmpzRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RVQ0QvRDZBZ2I0VGpQUHhRWVk4VHhpUjQy
alowaFBZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACQA6+Aw
DQYJKoZIhvcNAQELBQADggEBADWw77KxAqjA5+66XXtChDIl8t9n7SgtiMII8C2l
rxPH5MrPrizaOecnQUAcXelLzTUMEFVmMUY+JApJyz0FxLEYhUDmR5jg6TrunfJR
2kTAuPaf62zRuySA5e70vTJcdjB+ckSMCbEv4pZRA++O29gtxyIOnusGkiYKs99r
ENPwSO2HmMHp8x7peFeRb7Mzt8wpochm3cLtcQBXVPzAJlATBArWaV01YsAckwtk
yyUv+wD7E4KWa51529vU0Y1KecX/DcW3tQYusL7Zx4ap9Retc9GAyfBhEb+5nbut
/Gl/92CeudK9tPFPuRW/jAt/+2eiows3J5fTnqOmjCDUGLM=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:23 2024 by rpki-client on console-fra.rpki-client.org