Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/-JE-NhUSFnebxqwuwdkkbbz0OiI.roa
File: -JE-NhUSFnebxqwuwdkkbbz0OiI.roa (raw, json)
Hash identifier: L/NYhw1qPYkNEyfmd71kDsblrBtrAlygUUvWlqgkGOU=
Subject key identifier: F8:91:3E:36:15:12:16:77:9B:C6:AC:2E:C1:D9:24:6D:BC:F4:3A:22
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0F98
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/-JE-NhUSFnebxqwuwdkkbbz0OiI.roa
Signing time: Fri 01 Sep 2023 08:57:16 +0000
ROA not before: Fri 01 Sep 2023 08:57:16 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 3462
IP address blocks: 220.129.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3992 (0xf98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 1 08:57:16 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=F8913E36151216779BC6AC2EC1D9246DBCF43A22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:7d:14:0c:34:65:26:7d:c4:6f:01:7a:31:9f:
9b:3a:a1:71:a3:64:a8:6d:cc:59:e9:de:47:3a:47:
83:8e:22:dd:10:76:54:3d:ad:04:16:86:ff:ea:52:
22:0d:4b:fd:5a:18:ff:2a:de:07:30:0e:d9:f0:42:
f2:b4:b5:a7:30:a5:4e:64:4d:7b:9a:55:74:5d:8d:
de:f0:2b:69:c8:fd:96:0c:04:83:cd:64:d7:c8:16:
33:43:19:ea:3c:ae:2a:f2:1b:4e:80:33:3d:4d:36:
5c:a6:8c:7a:ee:8d:e9:47:07:3c:d8:92:03:0b:0d:
cb:2b:6d:91:e0:05:79:8b:c0:02:4e:81:36:64:74:
9d:bd:33:85:5c:08:59:99:37:bf:a9:7a:dd:91:fe:
cf:b4:41:59:19:1d:c6:56:94:15:93:6d:d4:73:94:
10:ad:6b:2d:1d:6d:1f:da:f4:bc:09:93:5e:1e:4f:
03:ef:a0:c5:3c:00:8d:cf:89:3a:ad:dd:b5:70:20:
9f:5e:89:48:b4:90:6d:d6:71:cb:61:2f:4c:97:08:
f3:9c:d5:96:e0:26:f4:7d:0a:32:d1:a4:8f:5f:15:
21:92:ad:df:de:2f:a9:3f:34:6f:bf:15:9a:95:aa:
cc:ee:18:9c:e2:f4:6f:61:c9:be:cb:5f:ef:61:a1:
8f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:91:3E:36:15:12:16:77:9B:C6:AC:2E:C1:D9:24:6D:BC:F4:3A:22
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/-JE-NhUSFnebxqwuwdkkbbz0OiI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b9:dc:36:d4:a9:f5:c5:29:81:71:92:b9:10:24:b8:ad:66:64:
86:03:c8:bd:f5:79:3c:bc:ac:39:25:6e:17:74:4a:cd:3b:4c:
51:76:10:bc:56:0a:12:df:93:de:7c:74:f3:37:e5:c4:1b:30:
52:14:f4:d5:6e:bf:02:39:54:af:13:b2:6e:4a:ce:cd:f4:2d:
d9:08:75:2b:55:94:ba:6e:3b:91:ab:7f:1b:a3:5a:18:30:23:
19:04:dc:30:cd:53:cf:70:90:fc:43:c9:5d:05:4e:9e:7a:2a:
7e:6b:be:ee:2b:1f:fb:a9:2f:6c:c1:c6:b9:ec:0c:1b:ae:73:
a4:1c:c1:a3:0a:70:33:b2:69:f1:20:a4:b0:6e:38:96:98:d8:
bb:4a:c1:75:f3:d4:ea:15:6e:00:d1:42:e5:65:26:c2:c9:a8:
c1:ab:82:37:be:f7:47:0a:54:7e:60:fc:58:ec:7e:e1:93:a2:
84:e8:40:1d:ff:90:7c:85:87:bb:ec:ad:c9:c9:8d:28:9a:f3:
fb:73:54:55:6a:bb:fc:03:13:ac:83:68:f9:35:bc:e0:b9:85:
5e:b6:42:a2:f1:9f:48:21:b8:48:e7:98:22:3f:17:6d:1c:32:
0a:33:a4:76:39:eb:41:38:e4:c9:a8:1c:44:fd:5a:1a:b9:ba:
61:0d:df:64
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICD5gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA5MDEw
ODU3MTZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEY4OTEzRTM2MTUxMjE2
Nzc5QkM2QUMyRUMxRDkyNDZEQkNGNDNBMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmfRQMNGUmfcRvAXoxn5s6oXGjZKhtzFnp3kc6R4OOIt0QdlQ9
rQQWhv/qUiINS/1aGP8q3gcwDtnwQvK0tacwpU5kTXuaVXRdjd7wK2nI/ZYMBIPN
ZNfIFjNDGeo8riryG06AMz1NNlymjHrujelHBzzYkgMLDcsrbZHgBXmLwAJOgTZk
dJ29M4VcCFmZN7+pet2R/s+0QVkZHcZWlBWTbdRzlBCtay0dbR/a9LwJk14eTwPv
oMU8AI3PiTqt3bVwIJ9eiUi0kG3WccthL0yXCPOc1ZbgJvR9CjLRpI9fFSGSrd/e
L6k/NG+/FZqVqszuGJzi9G9hyb7LX+9hoY/BAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU+JE+NhUSFnebxqwuwdkkbbz0OiIwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8tSkUtTmhVU0ZuZWJ4cXd1d2Rr
a2JiejBPaUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA3IEw
DQYJKoZIhvcNAQELBQADggEBALncNtSp9cUpgXGSuRAkuK1mZIYDyL31eTy8rDkl
bhd0Ss07TFF2ELxWChLfk958dPM35cQbMFIU9NVuvwI5VK8Tsm5Kzs30LdkIdStV
lLpuO5GrfxujWhgwIxkE3DDNU89wkPxDyV0FTp56Kn5rvu4rH/upL2zBxrnsDBuu
c6QcwaMKcDOyafEgpLBuOJaY2LtKwXXz1OoVbgDRQuVlJsLJqMGrgje+90cKVH5g
/FjsfuGTooToQB3/kHyFh7vsrcnJjSia8/tzVFVqu/wDE6yDaPk1vOC5hV62QqLx
n0ghuEjnmCI/F20cMgozpHY560E45MmoHET9Whq5umEN32Q=
-----END CERTIFICATE-----
Generated at Mon Aug 26 10:35:13 2024 by rpki-client on console-ams.rpki-client.org