Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/WNCL/CJl79NAAby0hwrOGBgzhx4rCZRs.roa
File: CJl79NAAby0hwrOGBgzhx4rCZRs.roa (raw, json)
Hash identifier: wuC001/b4d9UcpoJkPm8EUTCjhXl4RS34WiP8B0ZV2Q=
Subject key identifier: 08:99:7B:F4:D0:00:6F:2D:21:C2:B3:86:06:0C:E1:C7:8A:C2:65:1B
Certificate issuer: /CN=9D441AADD239AD926010AFC4DB20454EF2C4B0C1
Certificate serial: 0C25
Authority key identifier: 9D:44:1A:AD:D2:39:AD:92:60:10:AF:C4:DB:20:45:4E:F2:C4:B0:C1
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/nUQardI5rZJgEK_E2yBFTvLEsME.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WNCL/CJl79NAAby0hwrOGBgzhx4rCZRs.roa
Signing time: Mon 26 Aug 2024 05:35:10 +0000
ROA not before: Mon 26 Aug 2024 05:35:10 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 134823
IP address blocks: 103.123.132.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3109 (0xc25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9D441AADD239AD926010AFC4DB20454EF2C4B0C1
Validity
Not Before: Aug 26 05:35:10 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=08997BF4D0006F2D21C2B386060CE1C78AC2651B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:0e:9a:7c:3a:71:87:a0:32:ac:1c:bb:c4:57:
f1:ed:c8:31:43:c4:97:72:02:f9:5e:c3:f9:3e:92:
d8:ec:92:be:88:89:b4:6c:ac:7f:73:13:bf:03:c0:
11:9c:3a:88:2f:75:1d:c8:fd:1c:2f:4f:0c:9c:ca:
15:14:db:ba:00:8c:26:a8:8d:5c:02:65:09:a7:2a:
05:ee:9a:c2:af:95:a0:70:16:e5:b0:3a:a6:3d:9e:
a1:95:e8:1e:1d:93:51:ab:ed:9d:52:c1:33:d8:b6:
50:e3:6b:8d:98:68:51:8b:68:f2:03:98:46:d6:57:
0f:f1:b0:4a:a1:37:c6:df:e6:74:55:a4:f6:a5:96:
dd:49:5a:8e:50:9c:64:80:ef:21:64:80:c8:ac:ff:
ab:b0:51:d6:0a:7a:a0:26:56:8c:9c:b1:66:10:7e:
ed:7d:39:51:50:56:d7:02:71:8b:6d:58:ef:0a:a2:
d6:4f:3e:6e:4a:a2:47:5f:c4:5a:0f:99:ba:32:8a:
f0:ab:aa:94:b3:77:83:99:4e:ac:90:e7:2c:13:bf:
f3:6b:7c:ef:4c:c5:1f:35:a4:5e:0c:48:a8:2f:3b:
bf:98:fa:fb:f2:30:76:c4:26:01:99:5f:56:60:d1:
71:08:4c:d2:89:3a:81:d4:4f:f4:8e:96:57:56:5a:
2b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:99:7B:F4:D0:00:6F:2D:21:C2:B3:86:06:0C:E1:C7:8A:C2:65:1B
X509v3 Authority Key Identifier:
keyid:9D:44:1A:AD:D2:39:AD:92:60:10:AF:C4:DB:20:45:4E:F2:C4:B0:C1
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WNCL/nUQardI5rZJgEK_E2yBFTvLEsME.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/nUQardI5rZJgEK_E2yBFTvLEsME.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WNCL/CJl79NAAby0hwrOGBgzhx4rCZRs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.132.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:cb:9c:67:bc:47:3b:38:22:13:da:ca:99:8a:3a:6b:b3:25:
2e:34:2f:8e:59:c6:1e:2f:96:bf:f0:35:1c:74:29:5f:81:1f:
3c:fe:cd:ed:50:c6:c3:cc:f2:eb:b0:b8:4a:88:dd:cf:97:0e:
0e:4f:9d:ca:05:2f:0e:51:6c:dd:93:eb:bd:ab:2a:b9:e2:80:
19:73:1a:d7:01:bb:cd:19:db:93:66:ff:6c:15:25:34:6f:be:
82:98:26:08:98:d4:38:28:c3:6f:74:3f:c2:4f:0b:c5:68:1a:
05:dc:40:b1:92:20:02:28:aa:e6:c8:12:16:8f:02:7f:b6:0f:
49:11:a9:4d:4f:14:94:f9:74:c8:81:c2:86:58:80:9b:3f:84:
6d:2e:e1:10:6b:50:23:ab:31:d1:5c:0f:dd:ec:ba:55:d8:23:
04:7b:42:bd:4c:5f:9f:2f:8a:28:64:ce:7e:af:5a:b3:5a:3c:
09:97:92:3a:49:66:1e:b7:77:3a:ff:e9:c1:e7:5d:44:a4:b2:
be:f5:b9:3b:4b:06:8c:8c:97:6a:3b:7c:bc:e1:d4:ed:01:eb:
b5:64:7b:8f:5a:de:5d:ea:68:a2:6d:d9:2d:95:37:40:f9:56:
2f:76:48:17:88:aa:50:23:e6:c0:40:23:18:ea:1c:e7:df:0f:
97:ba:e0:79
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUQ0
NDFBQUREMjM5QUQ5MjYwMTBBRkM0REIyMDQ1NEVGMkM0QjBDMTAeFw0yNDA4MjYw
NTM1MTBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDA4OTk3QkY0RDAwMDZG
MkQyMUMyQjM4NjA2MENFMUM3OEFDMjY1MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyDpp8OnGHoDKsHLvEV/HtyDFDxJdyAvlew/k+ktjskr6IibRs
rH9zE78DwBGcOogvdR3I/RwvTwycyhUU27oAjCaojVwCZQmnKgXumsKvlaBwFuWw
OqY9nqGV6B4dk1Gr7Z1SwTPYtlDja42YaFGLaPIDmEbWVw/xsEqhN8bf5nRVpPal
lt1JWo5QnGSA7yFkgMis/6uwUdYKeqAmVoycsWYQfu19OVFQVtcCcYttWO8KotZP
Pm5KokdfxFoPmboyivCrqpSzd4OZTqyQ5ywTv/NrfO9MxR81pF4MSKgvO7+Y+vvy
MHbEJgGZX1Zg0XEITNKJOoHUT/SOlldWWitdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUCJl79NAAby0hwrOGBgzhx4rCZRswHwYDVR0jBBgwFoAUnUQardI5rZJgEK/E
2yBFTvLEsMEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvV05DTC9u
VVFhcmRJNXJaSmdFS19FMnlCRlR2TEVzTUUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L25VUWFyZEk1clpKZ0VLX0UyeUJGVHZMRXNNRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL1dOQ0wvQ0psNzlOQUFieTBod3JPR0Jnemh4
NHJDWlJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmd7hDAN
BgkqhkiG9w0BAQsFAAOCAQEAL8ucZ7xHOzgiE9rKmYo6a7MlLjQvjlnGHi+Wv/A1
HHQpX4EfPP7N7VDGw8zy67C4Sojdz5cODk+dygUvDlFs3ZPrvasqueKAGXMa1wG7
zRnbk2b/bBUlNG++gpgmCJjUOCjDb3Q/wk8LxWgaBdxAsZIgAiiq5sgSFo8Cf7YP
SRGpTU8UlPl0yIHChliAmz+EbS7hEGtQI6sx0VwP3ey6VdgjBHtCvUxfny+KKGTO
fq9as1o8CZeSOklmHrd3Ov/pweddRKSyvvW5O0sGjIyXajt8vOHU7QHrtWR7j1re
Xepoom3ZLZU3QPlWL3ZIF4iqUCPmwEAjGOoc598Pl7rgeQ==
-----END CERTIFICATE-----
Generated at Fri Sep 13 09:47:09 2024 by rpki-client on console-ams.rpki-client.org