Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TBCOM/HLxDLhmdHKkZg38vs4lKIUO1uGw.roa
File: HLxDLhmdHKkZg38vs4lKIUO1uGw.roa (raw, json)
Hash identifier: ba0TYIxxAqvWYpSyUzPahMyOJjYKRcLdw/7fcGVerLk=
Subject key identifier: 1C:BC:43:2E:19:9D:1C:A9:19:83:7F:2F:B3:89:4A:21:43:B5:B8:6C
Certificate issuer: /CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Certificate serial: 0D61
Authority key identifier: 83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/HLxDLhmdHKkZg38vs4lKIUO1uGw.roa
Signing time: Mon 10 Feb 2025 14:13:15 +0000
ROA not before: Mon 10 Feb 2025 14:13:15 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17709
IP address blocks: 210.202.56.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3425 (0xd61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=832720EB0BEA005C3EDE574E31C0AB7563FA0CC7
Validity
Not Before: Feb 10 14:13:15 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1CBC432E199D1CA919837F2FB3894A2143B5B86C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:72:bd:1b:cb:e3:4d:e8:32:61:4b:65:8b:f5:
7f:44:63:91:3f:a5:e2:79:ed:44:47:0c:f9:2f:5e:
83:ef:9f:69:94:92:f9:fd:26:75:7c:bc:54:73:4a:
55:ae:40:68:cf:53:3d:c7:d6:ea:6a:3b:f9:5c:b2:
8f:89:ad:b4:34:2e:65:50:cc:b7:a8:ae:bd:32:b6:
ac:96:4a:23:a8:e6:08:b2:48:e7:50:77:e9:f4:32:
e7:b3:d6:a9:ff:28:0b:f0:97:a9:c9:a0:ee:9b:6e:
4e:34:98:c2:8f:3a:16:84:8e:3b:bf:09:7d:9b:d9:
fa:c7:af:1c:e2:e7:3b:78:4b:88:8b:47:03:12:90:
f3:43:bc:af:33:26:34:e0:cd:6d:23:ce:f3:c4:b0:
35:17:9c:48:44:f1:80:1a:6a:f3:1f:79:2c:72:55:
ac:38:5c:8d:44:9f:3b:42:40:45:7c:61:de:82:92:
1e:0c:b7:9e:1e:5d:45:86:24:13:7b:9b:7a:79:2a:
d8:4c:51:7b:d8:72:e4:82:d3:70:04:f4:95:a4:de:
e7:c4:a7:ab:16:1c:02:38:0f:7f:f2:f7:9b:a5:73:
51:9a:c1:76:9a:9d:94:55:4c:72:b8:c0:9c:be:66:
ec:5c:97:c6:3c:75:80:d8:2c:a2:1f:b7:70:af:a4:
6c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:BC:43:2E:19:9D:1C:A9:19:83:7F:2F:B3:89:4A:21:43:B5:B8:6C
X509v3 Authority Key Identifier:
keyid:83:27:20:EB:0B:EA:00:5C:3E:DE:57:4E:31:C0:AB:75:63:FA:0C:C7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/gycg6wvqAFw-3ldOMcCrdWP6DMc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/gycg6wvqAFw-3ldOMcCrdWP6DMc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TBCOM/HLxDLhmdHKkZg38vs4lKIUO1uGw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.202.56.0/21
Signature Algorithm: sha256WithRSAEncryption
62:08:e4:29:fe:31:12:2b:da:59:70:73:82:f4:7d:a9:47:c9:
7e:3b:73:f9:54:72:7a:31:b2:01:89:c8:25:4b:5c:79:04:9e:
0f:55:b3:ad:cc:cd:95:1b:73:cc:da:c6:e9:d3:82:f5:91:a6:
7e:55:b1:58:44:ec:1d:31:ee:7c:9d:d6:35:ae:17:7c:76:d9:
63:fd:58:d9:41:68:d7:4a:5e:9c:a5:55:1d:dc:cc:05:f5:51:
d9:7d:fd:a8:79:9f:d8:b6:c4:39:9d:71:60:29:19:0f:42:ef:
d4:75:76:9b:a4:a7:85:dd:03:80:48:f0:88:2b:b1:49:65:69:
57:60:30:5b:47:ff:55:c0:d4:7d:37:c4:e6:49:fc:4a:07:9f:
84:67:e9:ab:da:5f:44:49:a2:d9:9c:37:90:37:19:72:13:e3:
3c:c8:f8:73:e1:c0:c2:07:4e:2c:24:33:f0:45:a5:7b:70:f0:
54:10:ee:60:ad:fb:00:cc:8c:e7:61:ec:41:36:98:a1:3d:07:
b6:03:fc:ca:80:11:14:49:5e:27:dd:9b:4f:28:d9:9c:1f:c0:
29:76:22:fe:e2:45:4b:4e:aa:d8:e6:67:71:92:25:a3:ac:13:
5b:50:58:50:ab:da:8a:59:fe:56:7c:26:4e:59:47:bd:f1:69:
b0:5e:54:ba
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODMy
NzIwRUIwQkVBMDA1QzNFREU1NzRFMzFDMEFCNzU2M0ZBMENDNzAeFw0yNTAyMTAx
NDEzMTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFDQkM0MzJFMTk5RDFD
QTkxOTgzN0YyRkIzODk0QTIxNDNCNUI4NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmcr0by+NN6DJhS2WL9X9EY5E/peJ57URHDPkvXoPvn2mUkvn9
JnV8vFRzSlWuQGjPUz3H1upqO/lcso+JrbQ0LmVQzLeorr0ytqyWSiOo5giySOdQ
d+n0Muez1qn/KAvwl6nJoO6bbk40mMKPOhaEjju/CX2b2frHrxzi5zt4S4iLRwMS
kPNDvK8zJjTgzW0jzvPEsDUXnEhE8YAaavMfeSxyVaw4XI1EnztCQEV8Yd6Ckh4M
t54eXUWGJBN7m3p5KthMUXvYcuSC03AE9JWk3ufEp6sWHAI4D3/y95ulc1GawXaa
nZRVTHK4wJy+Zuxcl8Y8dYDYLKIft3CvpGz7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHLxDLhmdHKkZg38vs4lKIUO1uGwwHwYDVR0jBBgwFoAUgycg6wvqAFw+3ldO
McCrdWP6DMcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvVEJDT00v
Z3ljZzZ3dnFBRnctM2xkT01jQ3JkV1A2RE1jLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9neWNnNnd2cUFGdy0zbGRPTWNDcmRXUDZETWMuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UQkNPTS9ITHhETGhtZEhLa1pnMzh2czRs
S0lVTzF1R3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD0so4
MA0GCSqGSIb3DQEBCwUAA4IBAQBiCOQp/jESK9pZcHOC9H2pR8l+O3P5VHJ6MbIB
icglS1x5BJ4PVbOtzM2VG3PM2sbp04L1kaZ+VbFYROwdMe58ndY1rhd8dtlj/VjZ
QWjXSl6cpVUd3MwF9VHZff2oeZ/YtsQ5nXFgKRkPQu/UdXabpKeF3QOASPCIK7FJ
ZWlXYDBbR/9VwNR9N8TmSfxKB5+EZ+mr2l9ESaLZnDeQNxlyE+M8yPhz4cDCB04s
JDPwRaV7cPBUEO5grfsAzIznYexBNpihPQe2A/zKgBEUSV4n3ZtPKNmcH8ApdiL+
4kVLTqrY5mdxkiWjrBNbUFhQq9qKWf5WfCZOWUe98WmwXlS6
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:08:29 2025 by rpki-client