Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/hjTYtjz8_xdDAehrAbTxqERTHPM.roa
File: hjTYtjz8_xdDAehrAbTxqERTHPM.roa (raw, json)
Hash identifier: NLrDBoD+QV7F4cOS8RiZssBz80rAJY+aLEEwugdH0XE=
Subject key identifier: 86:34:D8:B6:3C:FC:FF:17:43:01:E8:6B:01:B4:F1:A8:44:53:1C:F3
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 121E
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/hjTYtjz8_xdDAehrAbTxqERTHPM.roa
Signing time: Mon 10 Feb 2025 14:28:05 +0000
ROA not before: Mon 10 Feb 2025 14:28:05 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 7482
IP address blocks: 203.79.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4638 (0x121e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 10 14:28:05 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8634D8B63CFCFF174301E86B01B4F1A844531CF3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f6:35:e2:36:dc:06:d9:5c:8b:04:e6:e1:3c:
f2:a9:44:3c:b9:69:30:88:3e:10:3c:c0:b7:36:43:
3f:4e:52:62:30:b6:ba:78:b4:c3:a7:ac:29:07:57:
08:c3:04:66:bc:d1:95:9a:73:a1:a9:bd:b3:6b:32:
24:92:d6:96:2c:1d:ef:c1:07:ed:a9:50:05:fa:c3:
7c:58:7e:a9:3c:da:fe:da:25:40:81:9d:3f:f6:58:
f2:f8:33:cc:12:aa:45:8e:6c:1d:ac:15:82:d9:b7:
55:73:e9:ae:ac:13:e7:5d:7d:90:42:cd:f3:15:c3:
fb:9b:0c:01:ad:47:3c:de:14:4e:96:ee:53:70:e2:
1b:85:4f:7a:93:44:3c:53:56:db:cc:c7:ad:d6:bf:
e4:a2:f4:76:db:bd:33:22:06:86:53:f8:61:1b:2c:
27:88:db:ab:f3:1a:f6:7b:61:b2:44:9d:8b:f0:7a:
c6:8d:ef:09:e9:4b:7c:d7:d7:ce:ce:03:4b:7e:34:
07:1c:ff:39:8d:9d:c9:d6:af:0b:c8:79:c4:c0:17:
21:41:8d:24:20:49:79:2f:62:a2:89:3e:1d:3d:53:
ec:f4:04:84:7e:e8:9d:ec:9e:a7:98:ca:3a:88:4f:
12:65:fd:73:7d:58:17:11:71:22:e2:58:de:6c:39:
a3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:34:D8:B6:3C:FC:FF:17:43:01:E8:6B:01:B4:F1:A8:44:53:1C:F3
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/hjTYtjz8_xdDAehrAbTxqERTHPM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.79.192.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:68:3b:1b:cb:3e:77:dd:5a:7a:c8:c9:15:35:88:25:3b:d4:
14:c5:54:d7:7a:8e:0b:9a:7d:ce:9e:92:13:78:84:53:11:f5:
76:22:b3:f1:90:22:b2:e7:7f:28:68:06:d4:36:09:a9:bd:78:
d6:5b:fc:13:5f:61:0f:71:86:fb:87:2e:a9:2e:3e:60:bf:f5:
67:e5:2d:67:8d:d1:12:35:69:7d:54:1c:f6:58:b6:67:06:76:
9c:1f:bf:bc:92:88:5a:e9:53:4b:45:9e:93:94:e6:e0:0d:9c:
5e:76:2f:25:5b:54:05:ad:d9:1c:a3:63:97:f7:f8:0f:0e:4e:
a3:bd:0d:f3:f9:31:11:bc:44:e0:53:ed:72:5c:74:03:cc:01:
bc:18:07:90:87:dc:4d:89:11:7c:b3:3b:f6:29:97:c9:80:2e:
73:dd:73:ce:6f:90:1a:85:c3:ff:d1:1e:7b:df:56:08:fd:86:
60:77:65:ec:e8:cd:f5:d4:04:26:58:a8:1d:8b:63:b5:a5:15:
33:a1:8f:36:51:6d:f4:54:f8:f8:f6:8b:3d:69:cf:5d:94:91:
7e:11:2d:7e:df:7a:f7:15:f5:2d:8d:d5:b9:22:e6:c9:d0:b9:
65:88:6d:90:69:55:e3:e0:70:c0:8e:06:a4:69:cd:f7:30:07:
45:45:cb:9a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEh4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNTAyMTAx
NDI4MDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg2MzREOEI2M0NGQ0ZG
MTc0MzAxRTg2QjAxQjRGMUE4NDQ1MzFDRjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCx9jXiNtwG2VyLBObhPPKpRDy5aTCIPhA8wLc2Qz9OUmIwtrp4
tMOnrCkHVwjDBGa80ZWac6GpvbNrMiSS1pYsHe/BB+2pUAX6w3xYfqk82v7aJUCB
nT/2WPL4M8wSqkWObB2sFYLZt1Vz6a6sE+ddfZBCzfMVw/ubDAGtRzzeFE6W7lNw
4huFT3qTRDxTVtvMx63Wv+Si9HbbvTMiBoZT+GEbLCeI26vzGvZ7YbJEnYvwesaN
7wnpS3zX187OA0t+NAcc/zmNncnWrwvIecTAFyFBjSQgSXkvYqKJPh09U+z0BIR+
6J3snqeYyjqITxJl/XN9WBcRcSLiWN5sOaMDAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUhjTYtjz8/xdDAehrAbTxqERTHPMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL2hqVFl0ano4X3hkREFlaHJBYlR4cUVS
VEhQTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALLT8AwDQYJ
KoZIhvcNAQELBQADggEBAG9oOxvLPnfdWnrIyRU1iCU71BTFVNd6jguafc6ekhN4
hFMR9XYis/GQIrLnfyhoBtQ2Cam9eNZb/BNfYQ9xhvuHLqkuPmC/9WflLWeN0RI1
aX1UHPZYtmcGdpwfv7ySiFrpU0tFnpOU5uANnF52LyVbVAWt2RyjY5f3+A8OTqO9
DfP5MRG8ROBT7XJcdAPMAbwYB5CH3E2JEXyzO/Ypl8mALnPdc85vkBqFw//RHnvf
Vgj9hmB3ZezozfXUBCZYqB2LY7WlFTOhjzZRbfRU+Pj2iz1pz12UkX4RLX7fevcV
9S2N1bki5snQuWWIbZBpVePgcMCOBqRpzfcwB0VFy5o=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:49:20 2025 by rpki-client