Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNIC/fr7IJw5kzNk7Ge8Y3dk9N9o0e3k.roa
File: fr7IJw5kzNk7Ge8Y3dk9N9o0e3k.roa (raw, json)
Hash identifier: 1Di2k9Gbr5SE5vjw6i7lsGhpm4jbIxh++CgQXruz92g=
Subject key identifier: 7E:BE:C8:27:0E:64:CC:D9:3B:19:EF:18:DD:D9:3D:37:DA:34:7B:79
Certificate issuer: /CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Certificate serial: 1177
Authority key identifier: DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/fr7IJw5kzNk7Ge8Y3dk9N9o0e3k.roa
Signing time: Fri 01 Sep 2023 03:14:23 +0000
ROA not before: Fri 01 Sep 2023 03:14:23 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17408
IP address blocks: 203.119.3.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4471 (0x1177)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=DFA8C454815C3017456EA3B4A7D00213BB85C965
Validity
Not Before: Sep 1 03:14:23 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=7EBEC8270E64CCD93B19EF18DDD93D37DA347B79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:62:c6:e5:d0:8a:de:52:7c:71:c8:d5:7b:08:
4f:97:79:2b:e7:19:ae:34:6c:de:ab:3c:4d:9c:ea:
b7:b3:b3:98:b5:4e:95:e5:17:2a:47:1d:09:bc:d8:
4a:a8:a4:a4:ea:b7:cd:f5:74:a3:24:df:7d:96:7f:
a0:19:51:9b:00:05:55:ce:57:15:1f:80:46:e1:5b:
91:82:87:9c:71:cb:c3:5f:1a:02:98:4b:b1:60:15:
b6:02:62:d0:25:0e:fb:d4:dd:df:39:ce:37:ba:5d:
a6:79:37:2a:23:2d:10:69:02:7f:23:36:6e:78:04:
3d:1a:da:e8:f2:d7:89:b4:64:82:25:f8:f5:0d:bb:
54:5f:e3:20:27:e6:e5:96:a0:bd:b5:11:57:ba:83:
00:f8:41:e7:fd:53:21:aa:a3:14:ee:c3:08:99:d4:
b5:61:c8:a1:91:e4:e0:01:8d:aa:93:99:f0:6d:2d:
09:28:8b:14:45:9c:c6:87:7a:30:c9:3c:09:7c:6d:
11:43:d7:28:28:64:26:69:6b:00:98:d7:8e:4a:c4:
f0:c5:a7:14:7f:a2:08:89:b3:0d:ca:ce:90:eb:ef:
66:49:f6:14:18:d7:8a:35:3a:c4:38:60:cb:55:e7:
b5:ee:25:2c:ce:64:fa:4e:ff:97:26:d5:77:56:4c:
bc:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:BE:C8:27:0E:64:CC:D9:3B:19:EF:18:DD:D9:3D:37:DA:34:7B:79
X509v3 Authority Key Identifier:
keyid:DF:A8:C4:54:81:5C:30:17:45:6E:A3:B4:A7:D0:02:13:BB:85:C9:65
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/36jEVIFcMBdFbqO0p9ACE7uFyWU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/36jEVIFcMBdFbqO0p9ACE7uFyWU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNIC/fr7IJw5kzNk7Ge8Y3dk9N9o0e3k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.119.3.0/24
Signature Algorithm: sha256WithRSAEncryption
20:bd:d0:02:f4:e8:13:65:69:35:41:e9:8b:fb:4b:f6:8b:a8:
9a:6f:dc:13:b1:70:96:45:15:fa:6a:07:0c:a6:73:6e:bf:af:
00:b5:0d:5d:7e:95:0f:8a:6a:4a:06:4a:a6:6e:97:f8:72:89:
70:ec:6b:eb:7d:91:80:85:88:66:09:5a:af:27:bf:73:fc:99:
fb:7a:97:6e:cb:5b:fb:99:27:62:84:7a:8f:cb:b4:11:76:c3:
d9:7b:9d:05:fc:b6:c6:c8:c1:40:38:99:6c:72:87:5e:de:20:
89:f5:3a:e3:b3:28:e1:5e:fe:b9:a7:4c:cd:bc:a1:fd:c4:da:
83:90:29:ad:2c:58:4b:13:e7:0c:89:80:1c:f0:b3:2f:4e:09:
76:c1:30:c2:7b:1d:86:34:94:fe:6c:9b:50:42:83:50:25:f7:
90:71:fc:48:a6:a8:f7:a5:e1:43:01:03:22:b1:a4:f5:a1:09:
c8:c9:2c:69:f3:ef:6f:8e:92:b2:d7:b1:b9:83:df:a8:95:f8:
6a:7d:7d:94:c6:87:03:d4:67:b6:f8:89:7c:a8:cd:44:b9:66:
ee:b1:15:5f:cf:a1:46:55:44:f2:9c:b5:5c:41:86:1c:27:0d:
af:fe:14:56:0d:9e:dd:8f:21:18:0e:e9:10:b7:ec:ef:75:97:
2a:57:1d:04
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICEXcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoREZB
OEM0NTQ4MTVDMzAxNzQ1NkVBM0I0QTdEMDAyMTNCQjg1Qzk2NTAeFw0yMzA5MDEw
MzE0MjNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDdFQkVDODI3MEU2NEND
RDkzQjE5RUYxOERERDkzRDM3REEzNDdCNzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD4Ysbl0IreUnxxyNV7CE+XeSvnGa40bN6rPE2c6rezs5i1TpXl
FypHHQm82EqopKTqt831dKMk332Wf6AZUZsABVXOVxUfgEbhW5GCh5xxy8NfGgKY
S7FgFbYCYtAlDvvU3d85zje6XaZ5NyojLRBpAn8jNm54BD0a2ujy14m0ZIIl+PUN
u1Rf4yAn5uWWoL21EVe6gwD4Qef9UyGqoxTuwwiZ1LVhyKGR5OABjaqTmfBtLQko
ixRFnMaHejDJPAl8bRFD1ygoZCZpawCY145KxPDFpxR/ogiJsw3KzpDr72ZJ9hQY
14o1OsQ4YMtV57XuJSzOZPpO/5cm1XdWTLyBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUfr7IJw5kzNk7Ge8Y3dk9N9o0e3kwHwYDVR0jBBgwFoAU36jEVIFcMBdFbqO0
p9ACE7uFyWUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOSUMv
MzZqRVZJRmNNQmRGYnFPMHA5QUNFN3VGeVdVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8zNmpFVklGY01CZEZicU8wcDlBQ0U3dUZ5V1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05JQy9mcjdJSnc1a3pOazdHZThZM2Rr
OU45bzBlM2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy3cD
MA0GCSqGSIb3DQEBCwUAA4IBAQAgvdAC9OgTZWk1QemL+0v2i6iab9wTsXCWRRX6
agcMpnNuv68AtQ1dfpUPimpKBkqmbpf4colw7GvrfZGAhYhmCVqvJ79z/Jn7epdu
y1v7mSdihHqPy7QRdsPZe50F/LbGyMFAOJlscode3iCJ9TrjsyjhXv65p0zNvKH9
xNqDkCmtLFhLE+cMiYAc8LMvTgl2wTDCex2GNJT+bJtQQoNQJfeQcfxIpqj3peFD
AQMisaT1oQnIySxp8+9vjpKy17G5g9+olfhqfX2UxocD1Ge2+Il8qM1EuWbusRVf
z6FGVUTynLVcQYYcJw2v/hRWDZ7djyEYDukQt+zvdZcqVx0E
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:20 2024 by rpki-client on console-ams.rpki-client.org