Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/MOhXtKfXxLbJWrTnMsyPRPLxdq4.roa
File: MOhXtKfXxLbJWrTnMsyPRPLxdq4.roa (raw, json)
Hash identifier: uMXEU59BTP04xwjfFIf6Qoior4ceD/28PZ4lxDy4+7w=
Subject key identifier: 30:E8:57:B4:A7:D7:C4:B6:C9:5A:B4:E7:32:CC:8F:44:F2:F1:76:AE
Certificate issuer: /CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Certificate serial: 06F8
Authority key identifier: AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/MOhXtKfXxLbJWrTnMsyPRPLxdq4.roa
Signing time: Mon 10 Feb 2025 14:22:48 +0000
ROA not before: Mon 10 Feb 2025 14:22:48 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 2401:95c0:101::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1784 (0x6f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ABED28FFCC040E36032C42615495562BCC6EF45C
Validity
Not Before: Feb 10 14:22:48 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=30E857B4A7D7C4B6C95AB4E732CC8F44F2F176AE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:25:f7:0e:2d:2c:81:c5:2c:d9:3e:ce:5d:41:
5c:23:72:06:0f:10:c9:81:a0:eb:a6:2b:51:13:d3:
e8:c6:1e:36:96:ce:31:86:5f:bf:c1:aa:df:d9:5a:
00:2c:2f:56:5e:5a:0f:65:6b:72:87:dc:10:2c:51:
ee:48:09:f0:b2:0c:3e:96:c8:56:97:81:06:1a:b3:
19:48:09:0d:c6:d6:43:4a:ac:dd:c6:b1:e8:2c:df:
15:65:4f:e3:3d:7c:5a:38:bb:85:a6:df:9b:db:b1:
90:53:35:27:70:7d:36:a2:d7:4c:05:32:8d:14:6c:
cf:5a:a8:a1:0f:bb:0b:83:49:f8:44:a4:90:8a:c1:
ba:32:f1:74:62:6b:56:46:7d:35:30:0d:eb:aa:3b:
9f:de:56:c0:87:d6:6c:e2:0b:f7:c0:41:46:dd:dd:
ae:60:19:b2:c6:ba:bc:2b:28:89:91:e4:23:32:9b:
41:b8:02:ed:3d:f2:6b:de:3d:38:6a:1c:c1:f1:c4:
f6:a3:6c:51:83:e7:ab:dc:72:f8:3a:17:00:6b:12:
71:91:df:33:ed:7b:0b:21:16:91:d6:eb:d2:1f:9a:
75:e8:f5:bb:aa:28:e1:a4:60:da:3a:32:ab:24:c4:
1b:68:86:7f:26:6f:c6:96:2f:71:cd:32:67:be:82:
cd:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E8:57:B4:A7:D7:C4:B6:C9:5A:B4:E7:32:CC:8F:44:F2:F1:76:AE
X509v3 Authority Key Identifier:
keyid:AB:ED:28:FF:CC:04:0E:36:03:2C:42:61:54:95:56:2B:CC:6E:F4:5C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/q-0o_8wEDjYDLEJhVJVWK8xu9Fw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/MOhXtKfXxLbJWrTnMsyPRPLxdq4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2401:95c0:101::/48
Signature Algorithm: sha256WithRSAEncryption
69:44:13:a2:c2:eb:01:70:c9:6a:8b:4f:0c:cd:c7:e5:0e:f2:
ec:22:f4:6e:2b:e1:dc:f0:24:97:9d:7a:3d:1c:f5:b5:27:c6:
76:cf:82:1c:e7:1c:f6:d3:d9:89:9b:64:e3:a4:90:db:9f:b3:
d2:57:70:fa:49:96:7a:60:eb:b3:70:a8:02:b9:b4:e7:e0:0b:
24:81:87:4e:22:f2:f3:a2:6f:89:24:9c:da:18:aa:f4:27:3b:
a4:ed:1d:fa:36:8e:9b:f0:d1:1f:a7:fe:a6:68:3a:4d:62:b5:
41:32:f2:c9:5e:2d:57:48:8a:11:11:2d:ed:17:11:5f:53:97:
80:b6:ab:82:5b:3e:e2:0b:9c:80:49:07:cd:01:05:40:18:15:
04:af:6c:cb:fc:7f:56:9c:fa:ba:43:91:b9:07:ff:52:fd:7f:
cc:31:6a:66:91:2c:52:33:00:2b:21:8f:c8:a4:8d:3f:21:b1:
6f:2d:d1:39:a9:b3:51:50:68:62:50:9e:05:73:5d:3a:dc:c9:
1c:e0:ea:1c:ea:99:8c:f4:22:89:09:f3:76:09:70:79:fe:c0:
93:bc:85:8d:0e:47:d6:b3:4b:04:14:93:ac:33:54:4e:1e:d8:
e1:9a:ba:d8:54:67:54:7d:30:55:eb:b0:f6:90:84:c4:a8:9f:
95:d9:8f:51
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICBvgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQUJF
RDI4RkZDQzA0MEUzNjAzMkM0MjYxNTQ5NTU2MkJDQzZFRjQ1QzAeFw0yNTAyMTAx
NDIyNDhaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDMwRTg1N0I0QTdEN0M0
QjZDOTVBQjRFNzMyQ0M4RjQ0RjJGMTc2QUUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDJfcOLSyBxSzZPs5dQVwjcgYPEMmBoOumK1ET0+jGHjaWzjGG
X7/Bqt/ZWgAsL1ZeWg9la3KH3BAsUe5ICfCyDD6WyFaXgQYasxlICQ3G1kNKrN3G
segs3xVlT+M9fFo4u4Wm35vbsZBTNSdwfTai10wFMo0UbM9aqKEPuwuDSfhEpJCK
wboy8XRia1ZGfTUwDeuqO5/eVsCH1mziC/fAQUbd3a5gGbLGurwrKImR5CMym0G4
Au098mvePThqHMHxxPajbFGD56vccvg6FwBrEnGR3zPtewshFpHW69IfmnXo9buq
KOGkYNo6MqskxBtohn8mb8aWL3HNMme+gs1bAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUMOhXtKfXxLbJWrTnMsyPRPLxdq4wHwYDVR0jBBgwFoAUq+0o/8wEDjYDLEJh
VJVWK8xu9FwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElO
L3EtMG9fOHdFRGpZRExFSmhWSlZXSzh4dTlGdy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvcS0wb184d0VEallETEVKaFZKVldLOHh1OUZ3LmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSE9TVElOL01PaFh0S2ZYeExiSldyVG5N
c3lQUlBMeGRxNC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
AZXAAQEwDQYJKoZIhvcNAQELBQADggEBAGlEE6LC6wFwyWqLTwzNx+UO8uwi9G4r
4dzwJJedej0c9bUnxnbPghznHPbT2YmbZOOkkNufs9JXcPpJlnpg67NwqAK5tOfg
CySBh04i8vOib4kknNoYqvQnO6TtHfo2jpvw0R+n/qZoOk1itUEy8sleLVdIihER
Le0XEV9Tl4C2q4JbPuILnIBJB80BBUAYFQSvbMv8f1ac+rpDkbkH/1L9f8wxamaR
LFIzACshj8ikjT8hsW8t0Tmps1FQaGJQngVzXTrcyRzg6hzqmYz0IokJ83YJcHn+
wJO8hY0OR9azSwQUk6wzVE4e2OGauthUZ1R9MFXrsPaQhMSon5XZj1E=
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:13:06 2025 by rpki-client