Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa
File: DUp9xvMUZQjdODlrc7CqK0EIiHg.roa (raw, json)
Hash identifier: T8DFg/bLFJRv1bgyEWdzGXYAxY5cstnqiYCz0Vc1Xbc=
Subject key identifier: 0D:4A:7D:C6:F3:14:65:08:DD:38:39:6B:73:B0:AA:2B:41:08:88:78
Certificate issuer: /CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Certificate serial: 0B65
Authority key identifier: 9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa
Signing time: Fri 01 Sep 2023 10:13:52 +0000
ROA not before: Fri 01 Sep 2023 10:13:52 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 2914
IP address blocks: 61.58.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2917 (0xb65)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9E2697FA70252F83F41D121EC0B5CB458B6FF214
Validity
Not Before: Sep 1 10:13:52 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=0D4A7DC6F3146508DD38396B73B0AA2B41088878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c9:30:4a:a3:bd:0b:46:09:c1:4b:75:c8:79:
20:9d:70:45:f8:24:cd:d1:2e:49:f5:12:1b:b7:d8:
4e:36:bd:41:e3:5c:17:de:4e:d9:e6:2f:71:9f:ad:
59:42:f9:a5:2f:3f:2f:67:ab:ac:16:59:3e:ee:6a:
9d:36:53:db:45:6c:ab:13:ce:2e:00:96:c8:5f:c4:
37:ab:09:24:64:a0:c9:69:b8:ef:24:5f:ae:52:c0:
7b:00:b3:01:7d:66:81:05:80:ba:25:a1:92:50:a1:
b9:4d:a7:e4:8d:8e:24:fd:a1:69:4e:72:be:40:73:
90:6f:78:83:7d:65:fa:7b:d7:ce:11:23:ac:5c:66:
3d:32:12:c9:30:2a:af:5a:de:01:fa:e0:fd:23:0b:
2c:df:69:c3:07:cd:fa:db:19:2b:64:73:a9:ed:1b:
2d:87:5a:eb:34:42:9b:57:83:ad:03:fa:e4:a6:45:
7a:73:fb:51:1e:d7:cf:67:54:e3:21:d6:a7:0c:3d:
63:0d:59:19:69:a5:a0:34:78:7e:f6:26:2c:bc:53:
c9:cd:b4:4f:0d:77:42:dc:03:c6:a3:29:c5:34:6d:
21:17:f5:c1:f8:41:3d:14:53:32:d9:b3:9a:ba:d0:
62:59:58:52:a6:a9:7f:61:23:b1:36:7a:91:a4:72:
5e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4A:7D:C6:F3:14:65:08:DD:38:39:6B:73:B0:AA:2B:41:08:88:78
X509v3 Authority Key Identifier:
keyid:9E:26:97:FA:70:25:2F:83:F4:1D:12:1E:C0:B5:CB:45:8B:6F:F2:14
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/niaX-nAlL4P0HRIewLXLRYtv8hQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/niaX-nAlL4P0HRIewLXLRYtv8hQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TWNTT/DUp9xvMUZQjdODlrc7CqK0EIiHg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.58.32.0/20
Signature Algorithm: sha256WithRSAEncryption
67:56:14:1a:94:e3:d9:2d:f0:ec:69:6f:2e:a8:95:08:76:db:
cd:39:db:24:04:30:f3:20:e2:01:fb:17:0c:e0:5d:3c:2e:3c:
54:a9:7d:93:ea:4d:78:84:6b:d0:56:9f:2b:72:a9:e1:63:42:
66:c8:03:ac:6e:51:1d:e5:79:fb:89:be:4a:40:6a:ea:7a:e3:
38:54:3a:65:67:3d:42:33:1b:1d:5d:00:76:c8:b1:29:b4:b4:
1e:c9:de:7e:03:61:07:72:6b:d2:63:87:5f:59:a6:d8:3e:62:
5f:fc:89:82:5f:9c:eb:85:f0:02:c6:e4:fc:a1:34:22:a9:15:
66:eb:4e:a6:f1:5d:a5:3a:6e:19:ae:63:ea:6a:07:f9:c9:f0:
e4:0b:9e:b8:68:40:63:97:d4:23:4a:ee:ac:25:f5:b7:03:a7:
65:aa:4b:05:77:23:19:d7:e0:1e:61:98:c9:8a:56:df:e7:c5:
35:8f:07:7c:96:48:e9:e0:05:6c:0b:1b:81:32:f9:1d:2f:1b:
58:97:10:ab:f5:f2:7a:a7:c4:7f:c8:c4:22:1a:da:34:c4:40:
b0:7b:17:ae:f4:fb:6e:c4:44:eb:b0:fc:d6:db:5a:c2:27:96:
4e:28:11:95:11:33:55:0d:da:74:82:a2:00:44:43:6f:6d:66:
6a:48:be:56
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC2UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUUy
Njk3RkE3MDI1MkY4M0Y0MUQxMjFFQzBCNUNCNDU4QjZGRjIxNDAeFw0yMzA5MDEx
MDEzNTJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDBENEE3REM2RjMxNDY1
MDhERDM4Mzk2QjczQjBBQTJCNDEwODg4NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDgyTBKo70LRgnBS3XIeSCdcEX4JM3RLkn1Ehu32E42vUHjXBfe
TtnmL3GfrVlC+aUvPy9nq6wWWT7uap02U9tFbKsTzi4AlshfxDerCSRkoMlpuO8k
X65SwHsAswF9ZoEFgLoloZJQoblNp+SNjiT9oWlOcr5Ac5BveIN9Zfp7184RI6xc
Zj0yEskwKq9a3gH64P0jCyzfacMHzfrbGStkc6ntGy2HWus0QptXg60D+uSmRXpz
+1Ee189nVOMh1qcMPWMNWRlppaA0eH72Jiy8U8nNtE8Nd0LcA8ajKcU0bSEX9cH4
QT0UUzLZs5q60GJZWFKmqX9hI7E2epGkcl45AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUDUp9xvMUZQjdODlrc7CqK0EIiHgwHwYDVR0jBBgwFoAUniaX+nAlL4P0HRIe
wLXLRYtv8hQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVFdOVFQv
bmlhWC1uQWxMNFAwSFJJZXdMWExSWXR2OGhRLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9uaWFYLW5BbEw0UDBIUklld0xYTFJZdHY4aFEuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UV05UVC9EVXA5eHZNVVpRamRPRGxyYzdD
cUswRUlpSGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEPTog
MA0GCSqGSIb3DQEBCwUAA4IBAQBnVhQalOPZLfDsaW8uqJUIdtvNOdskBDDzIOIB
+xcM4F08LjxUqX2T6k14hGvQVp8rcqnhY0JmyAOsblEd5Xn7ib5KQGrqeuM4VDpl
Zz1CMxsdXQB2yLEptLQeyd5+A2EHcmvSY4dfWabYPmJf/ImCX5zrhfACxuT8oTQi
qRVm606m8V2lOm4ZrmPqagf5yfDkC564aEBjl9QjSu6sJfW3A6dlqksFdyMZ1+Ae
YZjJilbf58U1jwd8lkjp4AVsCxuBMvkdLxtYlxCr9fJ6p8R/yMQiGto0xECwexeu
9PtuxETrsPzW21rCJ5ZOKBGVETNVDdp0gqIARENvbWZqSL5W
-----END CERTIFICATE-----
Generated at Mon Aug 26 08:57:27 2024 by rpki-client on console-fra.rpki-client.org