Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ZHIYIN/OXRCP3Ml5OU2KgMgU-9qBmaIsPw.roa
File: OXRCP3Ml5OU2KgMgU-9qBmaIsPw.roa (raw, json)
Hash identifier: 50SSk7cNsxKzpVsmhErEY0OcoBWQUPtKJigAoMD5RRc=
Subject key identifier: 39:74:42:3F:73:25:E4:E5:36:2A:03:20:53:EF:6A:06:66:88:B0:FC
Certificate issuer: /CN=B56C9B2E3A040879CFD00FE74D697FB0465CF27A
Certificate serial: 0EAE
Authority key identifier: B5:6C:9B:2E:3A:04:08:79:CF:D0:0F:E7:4D:69:7F:B0:46:5C:F2:7A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/tWybLjoECHnP0A_nTWl_sEZc8no.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ZHIYIN/OXRCP3Ml5OU2KgMgU-9qBmaIsPw.roa
Signing time: Fri 01 Sep 2023 10:24:21 +0000
ROA not before: Fri 01 Sep 2023 10:24:21 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 138145
IP address blocks: 2404:7340::/32 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3758 (0xeae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=B56C9B2E3A040879CFD00FE74D697FB0465CF27A
Validity
Not Before: Sep 1 10:24:21 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=3974423F7325E4E5362A032053EF6A066688B0FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:1b:73:ae:64:d4:08:5c:db:1d:e8:8f:07:76:
86:b9:74:b2:5e:c2:5b:20:10:22:ca:10:89:08:6e:
c3:92:0d:80:56:6e:45:2f:46:d2:4f:38:42:59:13:
52:77:37:c5:af:ff:a3:25:3d:fb:64:11:d1:c7:c2:
f6:fc:8d:e7:35:60:39:55:d9:71:43:a9:40:48:6a:
2d:9c:d7:6b:0a:51:af:5c:11:33:14:3d:bf:2a:4b:
76:08:f4:3f:71:1b:2c:8a:1f:65:3a:b6:7d:40:a9:
12:bf:7d:b3:e0:d1:79:2f:d4:09:28:38:e1:05:c0:
38:1d:20:72:7c:39:2c:59:5d:12:49:42:92:5d:89:
01:dd:62:fa:b5:f9:21:9d:4d:ee:a7:6f:c7:b5:90:
44:40:0f:f0:6a:0b:42:91:5b:03:65:a9:7f:18:2a:
be:00:9c:bb:60:83:e2:a7:a3:3f:d1:ad:63:2d:a8:
5b:21:cf:43:3d:a4:7d:c9:5d:0f:0c:bc:49:08:53:
9b:bd:dd:8c:76:14:e6:6c:f7:63:f6:97:d0:5d:0b:
21:64:47:7a:95:f2:63:21:66:68:3f:44:cc:09:14:
41:80:bd:a7:dd:51:f4:0c:a1:18:a9:36:c4:e8:7b:
a5:de:87:72:8e:1f:ee:bb:f4:94:23:12:75:96:68:
d1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:74:42:3F:73:25:E4:E5:36:2A:03:20:53:EF:6A:06:66:88:B0:FC
X509v3 Authority Key Identifier:
keyid:B5:6C:9B:2E:3A:04:08:79:CF:D0:0F:E7:4D:69:7F:B0:46:5C:F2:7A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZHIYIN/tWybLjoECHnP0A_nTWl_sEZc8no.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/tWybLjoECHnP0A_nTWl_sEZc8no.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ZHIYIN/OXRCP3Ml5OU2KgMgU-9qBmaIsPw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2404:7340::/32
Signature Algorithm: sha256WithRSAEncryption
35:99:32:91:52:b1:bb:9c:d9:f1:fd:7a:a8:d2:a6:6b:f6:62:
1e:b1:1a:f4:7c:a0:06:81:d7:58:3c:73:dd:2f:a5:03:39:a7:
73:4c:cd:84:23:b3:22:a9:a6:5b:67:21:f6:a6:3a:d4:36:42:
6f:fd:93:9d:53:3f:c2:46:51:93:32:b4:1e:5f:c8:79:f3:81:
1f:0c:03:4e:1d:26:88:45:19:01:13:51:43:0a:d5:7f:31:ff:
e3:e6:73:ca:7c:8f:6b:92:46:e8:7f:bb:e9:97:5e:70:0d:70:
e2:0b:32:df:71:f8:af:74:6f:ea:3b:52:dd:14:93:b6:06:a6:
12:95:a0:4e:9e:8a:af:b7:a3:18:e4:aa:b8:0b:de:ef:2b:13:
90:b4:d9:d3:d7:4e:4d:39:6a:0a:89:a0:95:08:93:90:34:c9:
e5:0c:71:30:79:0d:67:bc:71:45:aa:63:f4:7a:d5:f8:c2:58:
13:c2:d1:9a:80:23:c4:50:b1:19:7c:fa:13:26:26:e3:09:18:
dd:63:1c:9d:4f:4f:96:42:83:ce:f5:dd:a2:f5:a2:bb:29:11:
dc:ad:36:18:89:36:94:21:7c:ec:c6:be:d5:2a:a4:85:71:19:
93:0f:a0:45:bd:84:a4:54:a3:cd:37:c4:4d:2c:a8:82:60:b2:
79:f4:8d:22
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgICDq4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjU2
QzlCMkUzQTA0MDg3OUNGRDAwRkU3NEQ2OTdGQjA0NjVDRjI3QTAeFw0yMzA5MDEx
MDI0MjFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDM5NzQ0MjNGNzMyNUU0
RTUzNjJBMDMyMDUzRUY2QTA2NjY4OEIwRkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNG3OuZNQIXNsd6I8Hdoa5dLJewlsgECLKEIkIbsOSDYBWbkUv
RtJPOEJZE1J3N8Wv/6MlPftkEdHHwvb8jec1YDlV2XFDqUBIai2c12sKUa9cETMU
Pb8qS3YI9D9xGyyKH2U6tn1AqRK/fbPg0Xkv1AkoOOEFwDgdIHJ8OSxZXRJJQpJd
iQHdYvq1+SGdTe6nb8e1kERAD/BqC0KRWwNlqX8YKr4AnLtgg+Knoz/RrWMtqFsh
z0M9pH3JXQ8MvEkIU5u93Yx2FOZs92P2l9BdCyFkR3qV8mMhZmg/RMwJFEGAvafd
UfQMoRipNsToe6Xeh3KOH+679JQjEnWWaNEXAgMBAAGjggHvMIIB6zAdBgNVHQ4E
FgQUOXRCP3Ml5OU2KgMgU+9qBmaIsPwwHwYDVR0jBBgwFoAUtWybLjoECHnP0A/n
TWl/sEZc8nowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvWkhJWUlO
L3RXeWJMam9FQ0huUDBBX25UV2xfc0VaYzhuby5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvdFd5Ykxqb0VDSG5QMEFfblRXbF9zRVpjOG5vLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvWkhJWUlOL09YUkNQM01sNU9VMktnTWdV
LTlxQm1hSXNQdy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAk
BHNAMA0GCSqGSIb3DQEBCwUAA4IBAQA1mTKRUrG7nNnx/Xqo0qZr9mIesRr0fKAG
gddYPHPdL6UDOadzTM2EI7MiqaZbZyH2pjrUNkJv/ZOdUz/CRlGTMrQeX8h584Ef
DANOHSaIRRkBE1FDCtV/Mf/j5nPKfI9rkkbof7vpl15wDXDiCzLfcfivdG/qO1Ld
FJO2BqYSlaBOnoqvt6MY5Kq4C97vKxOQtNnT105NOWoKiaCVCJOQNMnlDHEweQ1n
vHFFqmP0etX4wlgTwtGagCPEULEZfPoTJibjCRjdYxydT0+WQoPO9d2i9aK7KRHc
rTYYiTaUIXzsxr7VKqSFcRmTD6BFvYSkVKPNN8RNLKiCYLJ59I0i
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:07 2024 by rpki-client on console-fra.rpki-client.org