Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/VIBO/KalH2YUuVZ338iEBll6z652fAcE.roa
File: KalH2YUuVZ338iEBll6z652fAcE.roa (raw, json)
Hash identifier: 0l9Oofm1NwOq+KTJi2SY2q5vqsMyFxmB9XSsbMcah3s=
Subject key identifier: 29:A9:47:D9:85:2E:55:9D:F7:F2:21:01:96:5E:B3:EB:9D:9F:01:C1
Certificate issuer: /CN=52A3F0198009803B5165DE5ECB61FD451246CFAB
Certificate serial: 0B85
Authority key identifier: 52:A3:F0:19:80:09:80:3B:51:65:DE:5E:CB:61:FD:45:12:46:CF:AB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/UqPwGYAJgDtRZd5ey2H9RRJGz6s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/VIBO/KalH2YUuVZ338iEBll6z652fAcE.roa
Signing time: Fri 01 Sep 2023 10:19:15 +0000
ROA not before: Fri 01 Sep 2023 10:19:15 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 24157
IP address blocks: 1.200.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2949 (0xb85)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52A3F0198009803B5165DE5ECB61FD451246CFAB
Validity
Not Before: Sep 1 10:19:15 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=29A947D9852E559DF7F22101965EB3EB9D9F01C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:86:15:38:ac:82:da:47:2d:74:cb:9b:e6:85:
cc:bf:e4:67:c0:64:a6:60:b7:10:d0:8f:12:61:6a:
e1:b2:da:39:a8:44:af:a2:ea:01:49:30:94:e0:8e:
1c:79:a2:f0:43:85:e4:50:02:01:1c:3e:74:35:e6:
1f:23:f4:69:57:e6:8a:37:b1:0e:c2:da:58:48:61:
dc:fd:df:ad:28:51:c2:19:86:e4:c4:8d:4f:92:44:
9b:57:34:10:03:77:2a:6d:aa:a6:58:9f:43:8f:28:
c0:86:77:b5:b7:81:f6:8b:5f:10:2d:02:52:0c:84:
b0:a7:cf:2b:05:ae:90:d9:fd:91:1b:35:70:43:6c:
ea:82:f0:15:b4:1a:67:56:a2:57:72:f0:a1:ef:d3:
1e:5a:89:79:47:39:7f:dd:77:df:31:02:5c:76:8d:
e3:2b:79:3d:eb:b2:a0:14:bc:39:1e:3a:20:52:2f:
84:1f:85:42:f8:50:4b:8a:8b:84:6f:3a:b9:c5:a0:
16:69:0a:05:6f:69:2a:8d:69:8c:3f:e6:8b:61:e1:
6b:8f:8c:b2:cc:23:18:37:aa:3a:b9:f7:f7:b2:7d:
fb:7f:4f:0c:c6:c0:f8:21:2e:b4:3f:bb:54:70:83:
e5:a0:57:38:c1:f1:b7:e5:e7:1a:c5:62:be:ba:bc:
c2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:A9:47:D9:85:2E:55:9D:F7:F2:21:01:96:5E:B3:EB:9D:9F:01:C1
X509v3 Authority Key Identifier:
keyid:52:A3:F0:19:80:09:80:3B:51:65:DE:5E:CB:61:FD:45:12:46:CF:AB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VIBO/UqPwGYAJgDtRZd5ey2H9RRJGz6s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/UqPwGYAJgDtRZd5ey2H9RRJGz6s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VIBO/KalH2YUuVZ338iEBll6z652fAcE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
1.200.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:be:9f:b1:0d:68:fb:1f:f8:ea:52:b7:d8:89:79:e1:cc:0d:
79:de:d5:e2:63:21:74:9e:d1:6d:ff:61:73:f8:b8:fb:34:fb:
0a:0b:1b:34:85:eb:d6:cb:c5:c5:2f:5a:67:7e:c0:43:92:59:
7f:c2:3e:1b:f2:2e:3e:d6:7a:b1:bb:88:66:e5:bc:c7:92:9e:
de:f9:de:f8:1b:91:9f:b9:55:50:a1:a1:33:4d:cf:fa:8d:b4:
cf:fb:4c:d6:94:41:62:0a:d5:d3:9d:cb:6b:a7:23:91:67:07:
5e:ff:5e:fe:b8:3d:d3:69:9c:e6:f0:ec:06:ae:82:54:07:a0:
9d:41:16:af:f4:e7:83:67:ff:9e:d3:4d:16:d0:d3:b9:d7:46:
66:3f:32:22:58:2f:40:da:4c:2e:36:1b:de:98:79:ce:c3:a8:
4d:70:15:59:d3:b2:e7:56:b2:de:eb:3c:c9:26:ea:d5:24:5d:
7e:e1:27:a4:7a:1d:04:5b:bd:e4:4a:1c:82:ea:be:49:1e:b3:
ae:ab:9a:33:4e:ea:54:62:81:fa:76:86:2b:b9:f5:26:89:87:
60:52:89:1b:4a:97:bc:a9:73:bd:41:83:50:d9:f0:bd:6f:53:
f8:8a:77:46:0f:32:76:42:63:01:79:55:75:54:60:a9:76:52:
ca:ca:f0:2c
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgICC4UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTJB
M0YwMTk4MDA5ODAzQjUxNjVERTVFQ0I2MUZENDUxMjQ2Q0ZBQjAeFw0yMzA5MDEx
MDE5MTVaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI5QTk0N0Q5ODUyRTU1
OURGN0YyMjEwMTk2NUVCM0VCOUQ5RjAxQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0hhU4rILaRy10y5vmhcy/5GfAZKZgtxDQjxJhauGy2jmoRK+i
6gFJMJTgjhx5ovBDheRQAgEcPnQ15h8j9GlX5oo3sQ7C2lhIYdz9360oUcIZhuTE
jU+SRJtXNBADdyptqqZYn0OPKMCGd7W3gfaLXxAtAlIMhLCnzysFrpDZ/ZEbNXBD
bOqC8BW0GmdWoldy8KHv0x5aiXlHOX/dd98xAlx2jeMreT3rsqAUvDkeOiBSL4Qf
hUL4UEuKi4RvOrnFoBZpCgVvaSqNaYw/5oth4WuPjLLMIxg3qjq59/eyfft/TwzG
wPghLrQ/u1Rwg+WgVzjB8bfl5xrFYr66vMIFAgMBAAGjggHpMIIB5TAdBgNVHQ4E
FgQUKalH2YUuVZ338iEBll6z652fAcEwHwYDVR0jBBgwFoAUUqPwGYAJgDtRZd5e
y2H9RRJGz6swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVklCTy9V
cVB3R1lBSmdEdFJaZDVleTJIOVJSSkd6NnMuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L1VxUHdHWUFKZ0R0UlpkNWV5Mkg5UlJKR3o2cy5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1ZJQk8vS2FsSDJZVXVWWjMzOGlFQmxsNno2
NTJmQWNFLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAAHIMA0G
CSqGSIb3DQEBCwUAA4IBAQCKvp+xDWj7H/jqUrfYiXnhzA153tXiYyF0ntFt/2Fz
+Lj7NPsKCxs0hevWy8XFL1pnfsBDkll/wj4b8i4+1nqxu4hm5bzHkp7e+d74G5Gf
uVVQoaEzTc/6jbTP+0zWlEFiCtXTnctrpyORZwde/17+uD3TaZzm8OwGroJUB6Cd
QRav9OeDZ/+e000W0NO510ZmPzIiWC9A2kwuNhvemHnOw6hNcBVZ07LnVrLe6zzJ
JurVJF1+4Sekeh0EW73kShyC6r5JHrOuq5ozTupUYoH6doYrufUmiYdgUokbSpe8
qXO9QYNQ2fC9b1P4indGDzJ2QmMBeVV1VGCpdlLKyvAs
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:51 2024 by rpki-client on console-ams.rpki-client.org