Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWDS/z8lvMEmJ_x7StsJ925ukdSVsPo8.roa
File: z8lvMEmJ_x7StsJ925ukdSVsPo8.roa (raw, json)
Hash identifier: dAmhwW3wosrpMnBMReLM+Oi1eS5IJy6Vhkkc3ZbVn6k=
Subject key identifier: CF:C9:6F:30:49:89:FF:1E:D2:B6:C2:7D:DB:9B:A4:75:25:6C:3E:8F
Certificate issuer: /CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Certificate serial: 08D8
Authority key identifier: 29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/z8lvMEmJ_x7StsJ925ukdSVsPo8.roa
Signing time: Fri 01 Sep 2023 10:11:25 +0000
ROA not before: Fri 01 Sep 2023 10:11:25 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18041
IP address blocks: 103.147.22.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2264 (0x8d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=291BAF6A0C176CE0A32423666BCE78F9D91824CB
Validity
Not Before: Sep 1 10:11:25 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=CFC96F304989FF1ED2B6C27DDB9BA475256C3E8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:5e:3e:04:7e:d2:2c:de:7e:64:2a:de:69:16:
9b:0f:03:86:f2:78:99:5e:ea:c0:3e:c2:e3:65:a6:
75:4f:dd:cf:8d:9c:01:5c:98:04:5c:0d:79:9a:35:
97:ab:58:65:8b:b7:bc:e3:02:b3:bf:81:70:29:d6:
e4:57:ed:6d:f9:33:a5:da:5e:f7:ed:f8:ee:6f:c3:
a1:42:ff:f7:78:03:8d:0b:8b:3a:3e:b3:01:a5:00:
a4:cc:f8:dc:af:07:c2:48:c6:38:27:f5:fb:a1:09:
42:47:71:32:7e:2a:20:6b:85:f7:78:3b:b9:0e:f5:
2f:bf:22:87:11:ff:75:f0:db:73:c7:8d:da:1b:26:
d2:5d:61:da:57:d0:56:12:77:dc:33:bf:d3:77:7f:
b9:5c:85:fe:bf:fa:87:fa:e0:be:0e:29:b5:13:5d:
1c:bb:2b:db:fe:e6:11:8c:88:76:4b:5a:a5:7f:2c:
79:f3:f7:5e:9d:9f:18:5c:37:95:a8:04:d1:1f:31:
a8:98:53:d9:4b:9a:ea:e3:de:6d:15:fe:dc:8a:c9:
35:ec:22:da:31:a4:bb:64:23:70:40:ac:72:c0:7d:
9f:bf:67:d3:8e:7c:14:a7:b1:a6:ce:60:56:d0:50:
1b:5f:1c:a1:04:74:f0:47:6b:1d:c2:b8:dd:69:b5:
07:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C9:6F:30:49:89:FF:1E:D2:B6:C2:7D:DB:9B:A4:75:25:6C:3E:8F
X509v3 Authority Key Identifier:
keyid:29:1B:AF:6A:0C:17:6C:E0:A3:24:23:66:6B:CE:78:F9:D9:18:24:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/KRuvagwXbOCjJCNma854-dkYJMs.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KRuvagwXbOCjJCNma854-dkYJMs.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWDS/z8lvMEmJ_x7StsJ925ukdSVsPo8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.147.22.0/23
Signature Algorithm: sha256WithRSAEncryption
59:22:4e:ac:c1:5c:47:12:7a:12:21:fd:35:9a:41:2e:30:ab:
6f:39:43:37:26:ea:89:61:c8:be:2a:1f:bc:81:d8:c7:35:b7:
d4:52:75:b6:5a:25:35:9d:4e:28:94:fa:5f:54:36:78:79:5c:
a0:08:60:cf:ed:e6:84:f7:61:c5:58:a7:c9:22:48:52:40:3a:
58:60:3b:1d:34:16:30:05:e8:40:72:18:d2:c6:e7:36:fe:2e:
fb:f8:df:fa:f9:a9:1b:a9:f0:45:15:73:29:f6:2e:f1:f4:ee:
64:aa:2c:36:ba:5d:47:34:08:12:34:22:09:94:be:9c:c3:61:
f2:8a:9b:a3:47:7e:dd:c9:a6:40:64:ab:52:24:58:91:14:ab:
21:c1:90:05:70:c7:81:f6:53:e7:e8:67:e0:9b:b7:e9:67:00:
8e:ac:9c:2e:be:ba:20:c8:c4:7e:a2:3d:77:27:ab:ad:95:a6:
03:d1:47:8f:72:56:54:00:4d:30:a7:ba:ce:d2:b0:37:9b:23:
dd:77:f0:5d:81:92:ac:a4:81:ca:4b:a9:74:52:0f:8e:28:59:
31:36:63:5f:6c:21:38:b9:39:41:8c:ee:76:95:c6:7c:a5:cf:
4c:ab:a0:92:f2:8b:b9:a9:8e:1d:94:4c:15:38:20:e3:d7:31:
48:db:6f:58
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICCNgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjkx
QkFGNkEwQzE3NkNFMEEzMjQyMzY2NkJDRTc4RjlEOTE4MjRDQjAeFw0yMzA5MDEx
MDExMjVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKENGQzk2RjMwNDk4OUZG
MUVEMkI2QzI3RERCOUJBNDc1MjU2QzNFOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDoXj4EftIs3n5kKt5pFpsPA4byeJle6sA+wuNlpnVP3c+NnAFc
mARcDXmaNZerWGWLt7zjArO/gXAp1uRX7W35M6XaXvft+O5vw6FC//d4A40Lizo+
swGlAKTM+NyvB8JIxjgn9fuhCUJHcTJ+KiBrhfd4O7kO9S+/IocR/3Xw23PHjdob
JtJdYdpX0FYSd9wzv9N3f7lchf6/+of64L4OKbUTXRy7K9v+5hGMiHZLWqV/LHnz
916dnxhcN5WoBNEfMaiYU9lLmurj3m0V/tyKyTXsItoxpLtkI3BArHLAfZ+/Z9OO
fBSnsabOYFbQUBtfHKEEdPBHax3CuN1ptQefAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUz8lvMEmJ/x7StsJ925ukdSVsPo8wHwYDVR0jBBgwFoAUKRuvagwXbOCjJCNm
a854+dkYJMswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdEUy9L
UnV2YWd3WGJPQ2pKQ05tYTg1NC1ka1lKTXMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L0tSdXZhZ3dYYk9DakpDTm1hODU0LWRrWUpNcy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1RXRFMvejhsdk1FbUpfeDdTdHNKOTI1dWtk
U1ZzUG84LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeTFjAN
BgkqhkiG9w0BAQsFAAOCAQEAWSJOrMFcRxJ6EiH9NZpBLjCrbzlDNybqiWHIviof
vIHYxzW31FJ1tlolNZ1OKJT6X1Q2eHlcoAhgz+3mhPdhxVinySJIUkA6WGA7HTQW
MAXoQHIY0sbnNv4u+/jf+vmpG6nwRRVzKfYu8fTuZKosNrpdRzQIEjQiCZS+nMNh
8oqbo0d+3cmmQGSrUiRYkRSrIcGQBXDHgfZT5+hn4Ju36WcAjqycLr66IMjEfqI9
dyerrZWmA9FHj3JWVABNMKe6ztKwN5sj3XfwXYGSrKSBykupdFIPjihZMTZjX2wh
OLk5QYzudpXGfKXPTKugkvKLuamOHZRMFTgg49cxSNtvWA==
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:27 2024 by rpki-client on console-fra.rpki-client.org