Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/HgMbQlb7zTreCTu4hjoYLQvG7FI.roa
File: HgMbQlb7zTreCTu4hjoYLQvG7FI.roa (raw, json)
Hash identifier: bTfN30IWAcTUTafSCAbuqhE6FlK/uOWhzOLe0U6z6KE=
Subject key identifier: 1E:03:1B:42:56:FB:CD:3A:DE:09:3B:B8:86:3A:18:2D:0B:C6:EC:52
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 1196
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/HgMbQlb7zTreCTu4hjoYLQvG7FI.roa
Signing time: Mon 10 Feb 2025 14:27:30 +0000
ROA not before: Mon 10 Feb 2025 14:27:30 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 203.79.248.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4502 (0x1196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:27:30 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1E031B4256FBCD3ADE093BB8863A182D0BC6EC52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:8b:71:5d:6c:b1:26:02:e7:16:6f:ae:48:42:
4d:22:86:a4:6c:aa:40:13:f1:17:57:f5:1e:34:ed:
2a:2d:de:87:c6:d4:4c:7f:18:33:a6:77:f0:a9:ad:
7b:25:c0:d4:22:82:29:8b:2d:4e:83:7e:8d:83:f4:
37:7e:f1:ee:a4:b2:53:fc:dd:fa:1a:6f:35:d4:3c:
40:35:29:f1:67:62:e8:5d:96:43:41:2e:b6:00:26:
04:d6:60:38:c5:1c:5d:3e:68:5d:28:7c:44:54:30:
d8:34:04:3b:fa:9c:95:67:24:9a:81:9a:06:9b:c7:
46:13:fe:18:8e:51:24:9d:99:3a:6b:ef:f8:8a:cb:
dd:5a:c3:60:31:35:45:d7:34:60:60:df:a3:f5:78:
42:a6:a6:2d:86:1d:a1:c4:ec:8d:76:2c:bd:2e:38:
9d:24:6a:30:ff:91:8d:ca:a9:86:1d:ca:58:8a:62:
da:c4:8a:d4:00:71:29:b1:47:8d:8f:5f:10:e1:2b:
88:9a:4a:3e:14:a9:86:a0:63:ff:cf:95:95:a7:cf:
8d:01:10:75:98:d5:fe:08:54:f2:83:ac:36:eb:6c:
70:e2:d3:50:0a:9a:a2:f6:63:82:62:54:d4:8d:b7:
26:fc:72:62:9a:95:8c:78:79:23:9f:02:0d:96:a3:
11:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:03:1B:42:56:FB:CD:3A:DE:09:3B:B8:86:3A:18:2D:0B:C6:EC:52
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/HgMbQlb7zTreCTu4hjoYLQvG7FI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.248.0/21
Signature Algorithm: sha256WithRSAEncryption
49:61:03:31:d2:73:71:fc:a0:8a:4b:e6:c7:7b:03:de:72:28:
af:c5:6b:60:fe:4d:ef:ba:60:21:46:16:c7:3a:14:fd:bd:fb:
86:8c:4e:0a:61:5a:54:6e:3c:49:32:b3:45:b2:a5:6a:86:a9:
6a:5b:6b:9f:68:72:e3:90:40:c9:4f:b6:3c:51:99:ca:13:ef:
46:13:10:b7:91:9a:c7:17:99:a3:fb:e4:a2:38:3e:cf:1f:09:
27:c1:72:02:60:9d:97:0b:59:e3:45:a2:3d:04:ec:5e:ee:f1:
9a:36:f9:21:a3:c3:cd:ec:1d:74:d6:9c:be:81:71:b5:37:c6:
7d:ae:da:29:49:bb:f7:29:57:eb:81:09:77:5c:3a:52:5e:d9:
e8:6e:ac:96:0c:94:f8:6f:4a:47:aa:91:ba:30:b9:5a:c1:6a:
e1:27:99:51:16:8c:63:92:37:ef:54:bb:89:3c:f5:9b:1f:98:
f7:7f:0a:d5:b9:63:d5:68:82:d3:da:20:58:3b:d5:25:ff:25:
21:0b:92:95:34:c0:75:dc:7c:24:05:c0:50:e3:e1:ed:fa:46:
13:81:4a:57:c8:ae:30:e5:b8:72:39:58:5b:ae:2e:19:53:9c:
1e:84:52:5c:06:f7:b9:08:8f:d5:86:ab:83:7a:d6:39:24:07:
e6:42:39:86
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEZYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI3MzBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFMDMxQjQyNTZGQkNE
M0FERTA5M0JCODg2M0ExODJEMEJDNkVDNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNi3FdbLEmAucWb65IQk0ihqRsqkAT8RdX9R407Sot3ofG1Ex/
GDOmd/CprXslwNQigimLLU6Dfo2D9Dd+8e6kslP83foabzXUPEA1KfFnYuhdlkNB
LrYAJgTWYDjFHF0+aF0ofERUMNg0BDv6nJVnJJqBmgabx0YT/hiOUSSdmTpr7/iK
y91aw2AxNUXXNGBg36P1eEKmpi2GHaHE7I12LL0uOJ0kajD/kY3KqYYdyliKYtrE
itQAcSmxR42PXxDhK4iaSj4UqYagY//PlZWnz40BEHWY1f4IVPKDrDbrbHDi01AK
mqL2Y4JiVNSNtyb8cmKalYx4eSOfAg2WoxHFAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUHgMbQlb7zTreCTu4hjoYLQvG7FIwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0hnTWJRbGI3elRyZUNUdTRoam9ZTFF2
RzdGSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPLT/gwDQYJ
KoZIhvcNAQELBQADggEBAElhAzHSc3H8oIpL5sd7A95yKK/Fa2D+Te+6YCFGFsc6
FP29+4aMTgphWlRuPEkys0WypWqGqWpba59ocuOQQMlPtjxRmcoT70YTELeRmscX
maP75KI4Ps8fCSfBcgJgnZcLWeNFoj0E7F7u8Zo2+SGjw83sHXTWnL6BcbU3xn2u
2ilJu/cpV+uBCXdcOlJe2ehurJYMlPhvSkeqkbowuVrBauEnmVEWjGOSN+9Uu4k8
9ZsfmPd/CtW5Y9VogtPaIFg71SX/JSELkpU0wHXcfCQFwFDj4e36RhOBSlfIrjDl
uHI5WFuuLhlTnB6EUlwG97kIj9WGq4N61jkkB+ZCOYY=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:48:49 2025 by rpki-client