Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/XINYUN/icXo4bXKGT5MZdLgsHoPJVQXwkU.roa
File: icXo4bXKGT5MZdLgsHoPJVQXwkU.roa (raw, json)
Hash identifier: osVfFkOCCyT2YeiuD42bqaQ4nK0gnI/Z7QsogQpTZ6I=
Subject key identifier: 89:C5:E8:E1:B5:CA:19:3E:4C:65:D2:E0:B0:7A:0F:25:54:17:C2:45
Certificate issuer: /CN=84F850C0651B699E190DC9D97CD1DE326C164EC5
Certificate serial: 0E9C
Authority key identifier: 84:F8:50:C0:65:1B:69:9E:19:0D:C9:D9:7C:D1:DE:32:6C:16:4E:C5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/icXo4bXKGT5MZdLgsHoPJVQXwkU.roa
Signing time: Fri 01 Sep 2023 10:21:34 +0000
ROA not before: Fri 01 Sep 2023 10:21:34 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38047
IP address blocks: 103.133.152.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3740 (0xe9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84F850C0651B699E190DC9D97CD1DE326C164EC5
Validity
Not Before: Sep 1 10:21:34 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=89C5E8E1B5CA193E4C65D2E0B07A0F255417C245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fb:02:1c:b9:f1:e4:40:06:76:4a:41:89:84:
d1:aa:f6:0a:1c:1a:ce:1e:19:39:ab:c6:fa:48:2b:
c4:63:2d:0c:e1:cc:cf:4d:d6:8c:60:4f:13:f4:77:
8f:b2:72:11:7f:d6:85:d5:52:db:23:47:d6:80:3a:
0d:ba:59:28:77:19:7c:e9:e2:91:aa:43:aa:97:60:
ed:82:f5:4b:34:09:d7:d5:92:ef:09:b3:f8:1f:a7:
59:6b:c4:14:94:f1:74:1c:54:c5:62:69:df:9d:94:
b2:9c:9f:7e:9c:6e:b1:e6:36:22:e3:fc:9b:5e:ff:
23:35:c6:04:74:d7:50:46:43:da:3e:b9:1b:0d:d4:
74:eb:fc:e8:79:54:5f:d6:30:3b:c8:ec:bc:f0:78:
ae:4f:7f:f7:64:f3:77:b5:fb:96:53:f7:9c:9f:34:
54:26:02:87:99:18:38:85:79:07:a6:52:c0:9a:91:
ac:c8:57:ae:69:d0:57:07:17:64:f1:81:91:28:1b:
a5:f9:be:f4:8c:f5:b6:da:59:5e:f5:e2:ea:41:d9:
d0:6a:aa:4d:52:47:f1:ff:4c:fb:32:30:62:a0:a5:
cd:c2:7b:c8:72:56:7e:53:03:97:6d:ea:88:48:f1:
e7:bd:8c:fc:21:77:6a:ac:ab:4f:62:6d:1c:74:48:
79:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:C5:E8:E1:B5:CA:19:3E:4C:65:D2:E0:B0:7A:0F:25:54:17:C2:45
X509v3 Authority Key Identifier:
keyid:84:F8:50:C0:65:1B:69:9E:19:0D:C9:D9:7C:D1:DE:32:6C:16:4E:C5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/hPhQwGUbaZ4ZDcnZfNHeMmwWTsU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XINYUN/icXo4bXKGT5MZdLgsHoPJVQXwkU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.133.152.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:bf:3a:1e:79:62:57:f9:91:0a:29:93:5c:4d:f7:01:dd:fd:
c7:28:5a:75:c9:c5:e7:8f:d7:e3:8a:52:05:06:07:f3:b2:0e:
8d:87:9b:74:af:ae:61:53:e3:6c:f6:95:9c:dc:80:16:0c:de:
2d:96:1b:e3:18:2a:13:24:4e:ce:95:0b:28:60:07:09:06:22:
4e:16:7e:1f:4d:d9:5c:ca:02:5d:8c:d4:07:aa:f5:7a:5e:76:
d3:94:3f:2f:56:14:23:c3:fb:cd:e0:47:13:dc:8c:5d:54:7a:
2e:50:b7:f6:5d:84:af:cb:2b:b7:71:7e:51:88:8b:5d:09:01:
6a:22:2c:e6:2a:69:18:a2:ee:66:66:a5:36:06:f4:ff:2b:d2:
6e:1d:bc:fc:fe:11:a8:91:ee:d8:99:df:e7:17:fb:ff:58:fc:
1a:2e:92:41:fd:44:02:ad:bb:0b:5a:9f:56:02:e3:e5:4f:5a:
8d:c5:02:0a:61:57:22:1d:fc:11:5e:6d:1f:ad:d0:ef:45:11:
ae:89:3d:03:d3:a7:5d:34:cc:f2:16:17:99:b9:04:98:fe:f6:
9e:ff:66:95:ca:8e:c6:a8:60:76:63:d2:3e:8c:af:bc:eb:d5:
8e:dc:90:78:84:d7:5f:d1:d4:da:06:75:ec:cb:2e:31:8d:76:
eb:a0:d5:dc
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDpwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODRG
ODUwQzA2NTFCNjk5RTE5MERDOUQ5N0NEMURFMzI2QzE2NEVDNTAeFw0yMzA5MDEx
MDIxMzRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDg5QzVFOEUxQjVDQTE5
M0U0QzY1RDJFMEIwN0EwRjI1NTQxN0MyNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDT+wIcufHkQAZ2SkGJhNGq9gocGs4eGTmrxvpIK8RjLQzhzM9N
1oxgTxP0d4+ychF/1oXVUtsjR9aAOg26WSh3GXzp4pGqQ6qXYO2C9Us0CdfVku8J
s/gfp1lrxBSU8XQcVMViad+dlLKcn36cbrHmNiLj/Jte/yM1xgR011BGQ9o+uRsN
1HTr/Oh5VF/WMDvI7LzweK5Pf/dk83e1+5ZT95yfNFQmAoeZGDiFeQemUsCakazI
V65p0FcHF2TxgZEoG6X5vvSM9bbaWV714upB2dBqqk1SR/H/TPsyMGKgpc3Ce8hy
Vn5TA5dt6ohI8ee9jPwhd2qsq09ibRx0SHmNAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUicXo4bXKGT5MZdLgsHoPJVQXwkUwHwYDVR0jBBgwFoAUhPhQwGUbaZ4ZDcnZ
fNHeMmwWTsUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOWVVO
L2hQaFF3R1ViYVo0WkRjblpmTkhlTW13V1RzVS5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvaFBoUXdHVWJhWjRaRGNuWmZOSGVNbXdXVHNVLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvWElOWVVOL2ljWG80YlhLR1Q1TVpkTGdz
SG9QSlZRWHdrVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
hZgwDQYJKoZIhvcNAQELBQADggEBAIy/Oh55Ylf5kQopk1xN9wHd/ccoWnXJxeeP
1+OKUgUGB/OyDo2Hm3SvrmFT42z2lZzcgBYM3i2WG+MYKhMkTs6VCyhgBwkGIk4W
fh9N2VzKAl2M1Aeq9XpedtOUPy9WFCPD+83gRxPcjF1Uei5Qt/ZdhK/LK7dxflGI
i10JAWoiLOYqaRii7mZmpTYG9P8r0m4dvPz+EaiR7tiZ3+cX+/9Y/BoukkH9RAKt
uwtan1YC4+VPWo3FAgphVyId/BFebR+t0O9FEa6JPQPTp100zPIWF5m5BJj+9p7/
ZpXKjsaoYHZj0j6Mr7zr1Y7ckHiE11/R1NoGdezLLjGNduug1dw=
-----END CERTIFICATE-----
Generated at Wed Mar 20 04:23:28 2024 by rpki-client on console-fra.rpki-client.org