Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hkDqNC0CaIsMsFpk8PMuawotYxE.roa
File: hkDqNC0CaIsMsFpk8PMuawotYxE.roa (raw, json)
Hash identifier: LV8vqUjOl4RpZUOQjVkFxDSMSQ8AGINMsxbHCp2UqDY=
Subject key identifier: 86:40:EA:34:2D:02:68:8B:0C:B0:5A:64:F0:F3:2E:6B:0A:2D:63:11
Certificate issuer: /CN=EB675F938C85021374CAB1E1AF5099319B110B07
Certificate serial: 2A1A
Authority key identifier: EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hkDqNC0CaIsMsFpk8PMuawotYxE.roa
Signing time: Fri 01 Sep 2023 10:07:30 +0000
ROA not before: Fri 01 Sep 2023 10:07:30 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9924
IP address blocks: 123.193.125.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10778 (0x2a1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=EB675F938C85021374CAB1E1AF5099319B110B07
Validity
Not Before: Sep 1 10:07:30 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8640EA342D02688B0CB05A64F0F32E6B0A2D6311
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:15:96:58:9b:4b:30:82:4e:4b:6e:a5:ac:6c:
5c:d8:f1:3d:15:4c:a9:47:e8:01:e8:c0:c2:ff:bd:
be:a3:83:d3:0c:1a:a6:6e:e1:c6:9e:45:a8:34:47:
38:a9:83:8e:a0:ce:5a:82:d7:65:0d:5c:d3:50:9e:
2c:20:f5:4a:7e:9f:6e:24:0a:bb:f5:90:bc:39:8e:
8a:28:37:ca:a5:01:96:b4:dd:bb:d1:17:d7:71:dc:
2f:6f:a8:f8:06:ee:6b:e3:06:f8:c5:eb:36:cd:d8:
7f:e2:07:aa:3a:84:d4:e5:f7:f9:14:ba:72:ac:0a:
d6:59:ad:18:76:e5:f5:06:65:ad:e0:b2:7b:d2:93:
fb:3a:44:99:a8:7b:c8:ed:12:f3:e6:b1:ca:d5:22:
76:b8:b6:82:bd:cb:89:17:fa:82:83:18:40:65:d2:
9c:98:0d:52:97:bb:4e:3a:bb:11:4d:1e:7b:44:17:
d5:f0:28:f7:58:73:10:15:f2:fc:35:9a:bd:97:38:
48:f1:62:89:62:7e:22:c2:84:ec:ca:e2:53:8d:cf:
80:5b:52:fc:8a:1c:e9:85:79:b5:37:12:93:be:58:
de:37:0f:8a:72:59:49:81:75:ab:2a:79:68:11:48:
c2:c4:c9:5a:71:79:93:2f:99:65:c8:1b:25:67:a2:
f7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:40:EA:34:2D:02:68:8B:0C:B0:5A:64:F0:F3:2E:6B:0A:2D:63:11
X509v3 Authority Key Identifier:
keyid:EB:67:5F:93:8C:85:02:13:74:CA:B1:E1:AF:50:99:31:9B:11:0B:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/62dfk4yFAhN0yrHhr1CZMZsRCwc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/62dfk4yFAhN0yrHhr1CZMZsRCwc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TUNGHO/hkDqNC0CaIsMsFpk8PMuawotYxE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
123.193.125.0/24
Signature Algorithm: sha256WithRSAEncryption
77:c0:87:b0:17:a6:0f:9e:2b:eb:09:36:a3:03:9d:24:0f:95:
f7:26:91:8d:14:f4:0f:77:a7:58:a1:7d:59:c8:5b:f4:79:3e:
e4:d1:1a:01:e9:be:bf:3d:61:87:5b:3c:cb:8a:89:e8:80:4c:
d0:9f:4b:99:67:1f:42:35:81:66:ef:a0:42:50:cc:61:73:9d:
5c:5d:1f:5c:0f:e6:12:e7:34:48:36:4f:ee:52:3e:43:ec:f9:
14:ce:b8:3e:fc:6a:14:61:31:c8:7a:0a:2c:3f:9d:ee:ce:97:
b7:33:8f:29:ca:f7:69:96:3b:8f:e7:1e:81:0f:3e:7a:92:ff:
e5:0e:b7:bd:df:98:b8:33:97:42:c8:7c:b1:f0:77:b7:d9:f7:
46:d8:70:7c:e7:91:f7:d4:15:e6:39:de:df:35:2c:47:b3:21:
87:99:f6:77:1c:5e:5a:01:cd:59:28:91:f0:e1:d7:c6:60:df:
e1:84:dc:06:02:36:d5:65:c5:5d:de:a1:33:02:80:c1:bd:15:
a3:da:40:ab:72:0a:3e:e3:76:b5:32:bb:6c:f2:2e:73:e7:71:
c5:cd:1c:79:eb:ad:3d:fc:cb:91:ac:3c:16:25:31:32:76:bc:
71:26:b4:96:ce:0e:aa:ba:29:85:5b:8c:46:41:09:74:6e:47:
8f:cb:fb:a4
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICKhowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUI2
NzVGOTM4Qzg1MDIxMzc0Q0FCMUUxQUY1MDk5MzE5QjExMEIwNzAeFw0yMzA5MDEx
MDA3MzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg2NDBFQTM0MkQwMjY4
OEIwQ0IwNUE2NEYwRjMyRTZCMEEyRDYzMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1FZZYm0swgk5LbqWsbFzY8T0VTKlH6AHowML/vb6jg9MMGqZu
4caeRag0Rzipg46gzlqC12UNXNNQniwg9Up+n24kCrv1kLw5joooN8qlAZa03bvR
F9dx3C9vqPgG7mvjBvjF6zbN2H/iB6o6hNTl9/kUunKsCtZZrRh25fUGZa3gsnvS
k/s6RJmoe8jtEvPmscrVIna4toK9y4kX+oKDGEBl0pyYDVKXu046uxFNHntEF9Xw
KPdYcxAV8vw1mr2XOEjxYolifiLChOzK4lONz4BbUvyKHOmFebU3EpO+WN43D4py
WUmBdasqeWgRSMLEyVpxeZMvmWXIGyVnovftAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUhkDqNC0CaIsMsFpk8PMuawotYxEwHwYDVR0jBBgwFoAU62dfk4yFAhN0yrHh
r1CZMZsRCwcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hP
LzYyZGZrNHlGQWhOMHlySGhyMUNaTVpzUkN3Yy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvNjJkZms0eUZBaE4weXJIaHIxQ1pNWnNSQ3djLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFVOR0hPL2hrRHFOQzBDYUlzTXNGcGs4
UE11YXdvdFl4RS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB7
wX0wDQYJKoZIhvcNAQELBQADggEBAHfAh7AXpg+eK+sJNqMDnSQPlfcmkY0U9A93
p1ihfVnIW/R5PuTRGgHpvr89YYdbPMuKieiATNCfS5lnH0I1gWbvoEJQzGFznVxd
H1wP5hLnNEg2T+5SPkPs+RTOuD78ahRhMch6Ciw/ne7Ol7czjynK92mWO4/nHoEP
PnqS/+UOt73fmLgzl0LIfLHwd7fZ90bYcHznkffUFeY53t81LEezIYeZ9nccXloB
zVkokfDh18Zg3+GE3AYCNtVlxV3eoTMCgMG9FaPaQKtyCj7jdrUyu2zyLnPnccXN
HHnrrT38y5GsPBYlMTJ2vHEmtJbODqq6KYVbjEZBCXRuR4/L+6Q=
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:26 2024 by rpki-client on console-fra.rpki-client.org