Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUCD/cpT2m_t1T_VW2x7eVh06wgqDHM0.roa
File: cpT2m_t1T_VW2x7eVh06wgqDHM0.roa (raw, json)
Hash identifier: xV2dbC2UHaDO3WES2Eqj/MvjEqDZIPL20M5k94lcNg4=
Subject key identifier: 72:94:F6:9B:FB:75:4F:F5:56:DB:1E:DE:56:1D:3A:C2:0A:83:1C:CD
Certificate issuer: /CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Certificate serial: FC
Authority key identifier: 35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/cpT2m_t1T_VW2x7eVh06wgqDHM0.roa
Signing time: Tue 12 Mar 2024 02:13:37 +0000
ROA not before: Tue 12 Mar 2024 02:13:37 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 152179
IP address blocks: 103.115.108.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 252 (0xfc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35D63F285426D9D57209D42C46B9125B23A78EC1
Validity
Not Before: Mar 12 02:13:37 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=7294F69BFB754FF556DB1EDE561D3AC20A831CCD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6d:ad:bb:ad:58:ea:7e:c9:6d:56:ef:6b:5e:
2a:0e:12:af:6e:5b:88:8d:86:e9:77:60:f3:3e:09:
b6:b0:68:65:d1:f3:b1:92:0a:b4:27:73:30:dc:c0:
cb:02:e9:0b:10:aa:96:ae:2c:22:e0:79:93:32:72:
49:ad:36:93:e5:f6:ba:32:13:c3:78:82:5d:05:3b:
f8:ee:e9:55:33:51:c9:7a:cd:21:71:6c:f8:40:21:
d6:52:78:a3:65:ef:c5:e5:46:fe:55:93:07:56:af:
6d:75:bf:dd:4f:52:20:5e:43:5a:8d:1a:a6:6a:2e:
fb:27:dd:90:6a:b6:1f:d6:24:fe:97:29:39:5a:22:
a8:09:97:34:3b:bc:7c:74:eb:08:fb:6b:f2:fd:2d:
10:9b:74:cd:d3:57:3b:9d:a4:7a:d0:f7:a7:d6:80:
42:9c:04:36:c1:9b:d7:3d:01:8c:86:63:ef:8d:1d:
c1:4d:c1:9a:11:9f:23:b5:fb:e6:f8:41:78:59:3b:
6c:0d:5a:02:40:c6:75:7f:12:45:da:ca:d9:10:70:
95:0c:51:5a:4a:51:13:f5:eb:2a:50:1b:b8:7b:50:
f0:30:cf:81:ea:3a:ea:2d:63:2e:9a:f0:db:ca:16:
a2:a2:79:b1:8e:72:40:b3:36:e4:18:4c:54:88:0c:
77:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:94:F6:9B:FB:75:4F:F5:56:DB:1E:DE:56:1D:3A:C2:0A:83:1C:CD
X509v3 Authority Key Identifier:
keyid:35:D6:3F:28:54:26:D9:D5:72:09:D4:2C:46:B9:12:5B:23:A7:8E:C1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/NdY_KFQm2dVyCdQsRrkSWyOnjsE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NdY_KFQm2dVyCdQsRrkSWyOnjsE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUCD/cpT2m_t1T_VW2x7eVh06wgqDHM0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.115.108.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:98:4a:40:e9:1d:06:f9:7a:72:13:67:fd:73:85:16:aa:c3:
22:99:e1:ab:23:8e:a1:9e:c9:49:c9:cd:eb:90:4b:ae:37:76:
70:ab:f0:a2:93:24:03:fc:c2:56:96:21:99:c7:bf:72:b7:6b:
47:6a:d9:79:04:51:26:3e:64:19:c0:c0:96:9b:1e:bc:f3:b5:
61:05:ae:b7:0f:0a:b7:5a:68:98:68:b8:2d:d4:84:08:36:43:
16:64:87:ac:87:ce:7d:6a:5a:00:9f:a5:00:85:2d:b5:62:d9:
1c:92:6c:9c:61:c1:87:60:93:95:56:f1:b3:07:fb:cb:b0:b9:
a3:b0:b1:a1:74:62:92:bd:ae:50:83:e2:64:ba:01:b2:01:bc:
a3:9d:97:8b:8d:41:99:b7:94:f8:ec:5f:2c:7d:47:63:70:bf:
70:d7:2d:dd:9d:93:59:02:9d:29:34:96:a6:3b:ed:18:10:08:
d0:c2:a8:ba:f8:23:01:bf:c9:61:28:f6:ff:5b:79:9b:b2:e6:
30:00:e0:ce:69:c1:19:76:84:22:a2:88:d4:1a:a5:50:8d:e9:
ca:29:65:92:3c:c0:5c:e3:49:4e:b8:9d:21:b6:fd:bc:1c:8a:
e6:ea:04:76:f9:61:e1:f1:8d:94:9f:3c:82:0e:38:8f:f1:cd:
aa:d7:5d:cc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICAPwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzVE
NjNGMjg1NDI2RDlENTcyMDlENDJDNDZCOTEyNUIyM0E3OEVDMTAeFw0yNDAzMTIw
MjEzMzdaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDcyOTRGNjlCRkI3NTRG
RjU1NkRCMUVERTU2MUQzQUMyMEE4MzFDQ0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiba27rVjqfsltVu9rXioOEq9uW4iNhul3YPM+CbawaGXR87GS
CrQnczDcwMsC6QsQqpauLCLgeZMyckmtNpPl9royE8N4gl0FO/ju6VUzUcl6zSFx
bPhAIdZSeKNl78XlRv5VkwdWr211v91PUiBeQ1qNGqZqLvsn3ZBqth/WJP6XKTla
IqgJlzQ7vHx06wj7a/L9LRCbdM3TVzudpHrQ96fWgEKcBDbBm9c9AYyGY++NHcFN
wZoRnyO1++b4QXhZO2wNWgJAxnV/EkXaytkQcJUMUVpKURP16ypQG7h7UPAwz4Hq
OuotYy6a8NvKFqKiebGOckCzNuQYTFSIDHdJAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUcpT2m/t1T/VW2x7eVh06wgqDHM0wHwYDVR0jBBgwFoAUNdY/KFQm2dVyCdQs
RrkSWyOnjsEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVDRC9O
ZFlfS0ZRbTJkVnlDZFFzUnJrU1d5T25qc0UuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L05kWV9LRlFtMmRWeUNkUXNScmtTV3lPbmpzRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RVQ0QvY3BUMm1fdDFUX1ZXMng3ZVZoMDZ3
Z3FESE0wLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWdzbDAN
BgkqhkiG9w0BAQsFAAOCAQEACphKQOkdBvl6chNn/XOFFqrDIpnhqyOOoZ7JScnN
65BLrjd2cKvwopMkA/zCVpYhmce/crdrR2rZeQRRJj5kGcDAlpsevPO1YQWutw8K
t1pomGi4LdSECDZDFmSHrIfOfWpaAJ+lAIUttWLZHJJsnGHBh2CTlVbxswf7y7C5
o7CxoXRikr2uUIPiZLoBsgG8o52Xi41BmbeU+OxfLH1HY3C/cNct3Z2TWQKdKTSW
pjvtGBAI0MKouvgjAb/JYSj2/1t5m7LmMADgzmnBGXaEIqKI1BqlUI3pyillkjzA
XONJTridIbb9vByK5uoEdvlh4fGNlJ88gg44j/HNqtddzA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:17 2024 by rpki-client on console-ams.rpki-client.org