Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WHgtsbSmwMRey2H8k2fn3sTMpT0.roa
File: WHgtsbSmwMRey2H8k2fn3sTMpT0.roa (raw, json)
Hash identifier: Fxb7DKip9BbOn3XKJu6ylgpfK+YCHoPGV3yn+rxQdi8=
Subject key identifier: 58:78:2D:B1:B4:A6:C0:C4:5E:CB:61:FC:93:67:E7:DE:C4:CC:A5:3D
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 12B4
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WHgtsbSmwMRey2H8k2fn3sTMpT0.roa
Signing time: Mon 10 Feb 2025 14:15:09 +0000
ROA not before: Mon 10 Feb 2025 14:15:09 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 18419
IP address blocks: 118.150.240.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4788 (0x12b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 10 14:15:09 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=58782DB1B4A6C0C45ECB61FC9367E7DEC4CCA53D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0e:c1:7a:2a:63:e0:51:18:c9:d3:77:48:c8:
72:0b:67:0b:3a:4a:54:e4:40:4e:34:d1:cd:29:48:
25:a5:3a:63:16:6b:cc:ec:f2:f8:d2:67:b7:23:a2:
67:1e:7b:1f:e3:5a:07:a9:d3:58:3c:29:8f:38:f2:
29:c2:03:09:41:83:4c:50:1d:50:33:69:e0:3e:34:
6e:13:6c:7e:63:71:50:52:6e:06:22:1e:df:e5:57:
4b:32:a7:db:e9:56:e2:75:26:32:67:46:6d:5d:0d:
c0:7f:fe:8d:c8:ca:64:14:e5:15:58:64:be:0d:a4:
7f:19:87:9a:0e:41:f5:8c:f0:9d:2d:7a:bc:f5:72:
e0:cd:47:58:5b:63:96:90:be:eb:76:c1:72:f2:a2:
66:50:60:52:60:bb:34:fd:43:96:df:1b:7b:40:b7:
df:ea:25:35:dd:ad:20:54:fe:7e:67:dd:c5:e4:94:
4e:0e:9c:86:4c:37:9b:df:60:71:41:a2:45:b2:cc:
19:13:74:1d:55:cb:d1:9f:e9:42:66:81:60:fd:b5:
98:fe:fc:39:71:db:eb:af:a2:02:3f:8e:97:02:6d:
d8:72:b3:76:c1:eb:28:4a:10:09:c1:fa:d5:b8:95:
f7:b9:41:31:93:8c:95:e7:fc:0d:03:e2:35:65:0a:
41:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:78:2D:B1:B4:A6:C0:C4:5E:CB:61:FC:93:67:E7:DE:C4:CC:A5:3D
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/WHgtsbSmwMRey2H8k2fn3sTMpT0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.150.240.0/21
Signature Algorithm: sha256WithRSAEncryption
6f:30:5c:02:d0:83:13:67:79:9c:7f:0e:0e:87:de:0e:14:7f:
e1:36:d1:da:b1:d6:96:43:46:39:22:36:57:3b:f6:8b:85:32:
43:f5:9b:29:14:53:19:5b:52:8c:af:bb:8e:4d:2f:b6:f2:7d:
36:ff:30:a2:70:a8:72:6b:77:5a:74:af:40:cf:bc:0d:37:3f:
7a:6b:15:6e:79:a2:b8:b3:97:e4:6a:c7:ff:dc:7a:81:cc:04:
21:8e:64:40:da:c6:a1:7c:d8:ce:39:12:ae:b6:91:03:71:82:
7a:b5:0a:9d:00:83:e3:1f:c5:f4:51:00:ff:00:16:7f:01:fe:
e3:b2:c3:bc:c3:b2:90:45:e0:6c:01:e7:b8:d1:9b:4c:41:70:
08:50:76:6a:9d:e6:9c:9b:eb:73:93:20:a4:87:46:e8:87:aa:
05:a3:d7:67:22:da:c0:3f:e0:14:a3:42:2b:8c:73:e7:3d:b1:
29:52:3c:9d:70:67:b7:83:77:8a:ca:1f:fe:7f:38:77:d6:6c:
c7:5e:53:29:8f:d1:6d:09:5b:55:6a:8d:c1:35:fa:71:d3:cc:
f8:d0:74:0e:44:55:cc:f7:10:73:af:c5:7e:5f:9e:d1:b0:71:
c9:96:04:fb:f6:df:1e:1a:cd:59:92:2b:f9:28:ab:24:24:5d:
90:33:86:a2
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICErQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yNTAyMTAx
NDE1MDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDU4NzgyREIxQjRBNkMw
QzQ1RUNCNjFGQzkzNjdFN0RFQzRDQ0E1M0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyDsF6KmPgURjJ03dIyHILZws6SlTkQE400c0pSCWlOmMWa8zs
8vjSZ7cjomceex/jWgep01g8KY848inCAwlBg0xQHVAzaeA+NG4TbH5jcVBSbgYi
Ht/lV0syp9vpVuJ1JjJnRm1dDcB//o3IymQU5RVYZL4NpH8Zh5oOQfWM8J0terz1
cuDNR1hbY5aQvut2wXLyomZQYFJguzT9Q5bfG3tAt9/qJTXdrSBU/n5n3cXklE4O
nIZMN5vfYHFBokWyzBkTdB1Vy9Gf6UJmgWD9tZj+/Dlx2+uvogI/jpcCbdhys3bB
6yhKEAnB+tW4lfe5QTGTjJXn/A0D4jVlCkHJAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUWHgtsbSmwMRey2H8k2fn3sTMpT0wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9XSGd0c2JTbXdNUmV5
Mkg4azJmbjNzVE1wVDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDdpbwMA0GCSqGSIb3DQEBCwUAA4IBAQBvMFwC0IMTZ3mcfw4Oh94OFH/hNtHa
sdaWQ0Y5IjZXO/aLhTJD9ZspFFMZW1KMr7uOTS+28n02/zCicKhya3dadK9Az7wN
Nz96axVueaK4s5fkasf/3HqBzAQhjmRA2sahfNjOORKutpEDcYJ6tQqdAIPjH8X0
UQD/ABZ/Af7jssO8w7KQReBsAee40ZtMQXAIUHZqneacm+tzkyCkh0boh6oFo9dn
ItrAP+AUo0IrjHPnPbEpUjydcGe3g3eKyh/+fzh31mzHXlMpj9FtCVtVao3BNfpx
08z40HQORFXM9xBzr8V+X57RsHHJlgT79t8eGs1Zkiv5KKskJF2QM4ai
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:01:56 2025 by rpki-client