Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2F5bGJiEYIeCgBVqwYQveRxqSGY.roa
File: 2F5bGJiEYIeCgBVqwYQveRxqSGY.roa (raw, json)
Hash identifier: gY2Q4b7GyNLbFBAk0PZ0Brk/H5G+UwzDnkPYTBm2jPM=
Subject key identifier: D8:5E:5B:18:98:84:60:87:82:80:15:6A:C1:84:2F:79:1C:6A:48:66
Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Certificate serial: 0DDC
Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2F5bGJiEYIeCgBVqwYQveRxqSGY.roa
Signing time: Wed 12 Feb 2025 01:36:43 +0000
ROA not before: Wed 12 Feb 2025 01:36:43 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9680
IP address blocks: 168.95.246.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3548 (0xddc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Validity
Not Before: Feb 12 01:36:43 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D85E5B18988460878280156AC1842F791C6A4866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b4:ad:50:06:bc:2b:3b:1b:82:3b:ed:96:12:
4b:12:76:70:0c:d6:8f:78:ca:3e:f4:0a:cc:2d:50:
47:e7:66:b4:3e:e5:1f:c0:c5:30:8e:6f:81:ba:ea:
c2:61:a4:a2:ad:5f:36:44:01:13:9a:b8:58:3f:62:
85:a1:54:2d:b1:f2:cc:b1:df:9d:29:f0:11:d1:e5:
16:18:b4:a1:7c:ed:b3:ef:9c:02:12:ca:37:e1:fd:
51:a5:dc:7b:72:22:48:bf:14:ed:7f:de:b7:e5:40:
d1:19:03:21:04:b8:2d:7f:99:4e:1d:5c:5b:87:2d:
0a:77:1a:41:f1:6a:4a:e4:0a:e3:c4:9b:13:79:72:
60:fa:91:8f:96:8c:1c:24:44:ba:c9:ba:ea:6c:04:
57:58:06:b3:1b:d1:9e:11:cd:c2:b1:c6:5a:54:5e:
cd:d4:81:f7:85:e2:ee:eb:61:f7:2a:05:71:b1:b0:
0c:a6:55:9e:cc:52:1b:0c:f4:fe:3c:7d:ee:b3:82:
6f:3c:62:fb:f2:3e:93:23:e6:48:42:25:65:60:06:
83:0f:79:2d:f7:05:f2:fa:84:17:46:27:8f:c2:0d:
8d:3e:a1:b8:a8:fb:54:18:43:aa:66:04:aa:1e:08:
6b:66:da:f2:b7:8a:b5:56:75:ad:f9:67:ea:c8:6e:
d6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:5E:5B:18:98:84:60:87:82:80:15:6A:C1:84:2F:79:1C:6A:48:66
X509v3 Authority Key Identifier:
keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2F5bGJiEYIeCgBVqwYQveRxqSGY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
168.95.246.0/24
Signature Algorithm: sha256WithRSAEncryption
98:9e:99:78:35:a4:01:4f:7c:f9:27:a2:d6:f2:37:ce:e2:3d:
5d:2d:21:56:8a:64:2b:f7:2d:58:83:df:8a:30:67:4c:30:5e:
31:05:40:a8:e0:04:3d:53:02:58:b2:d7:32:b4:5e:bb:61:3e:
50:fd:83:55:62:b2:04:27:ac:7b:e2:78:9d:83:15:7f:72:67:
bb:ea:77:a6:f1:7f:7d:81:11:84:b5:09:cb:0e:1c:3c:3e:63:
6f:a3:56:3f:cc:61:46:6d:86:49:f2:75:ee:4e:ae:e0:e9:5e:
b4:6a:f8:81:9e:f6:0e:3f:db:d4:5e:08:54:41:a8:bc:77:0c:
61:48:e0:3e:73:d5:e7:62:11:a5:52:8c:3f:aa:ad:9c:12:d1:
f1:3a:45:16:9e:63:f5:93:f1:eb:a8:77:55:59:18:78:f3:71:
88:cf:bb:f2:0b:3e:40:b8:a1:7d:03:eb:57:46:c6:2f:28:9c:
f0:a6:62:71:68:3c:fd:55:bf:1d:3c:fb:68:bc:d2:60:cd:4a:
c9:77:2b:6f:5c:a1:50:be:ca:09:e3:e6:fa:93:e1:bc:42:77:
a9:47:ca:68:5c:9a:61:ac:2f:af:2f:e4:28:ec:7e:b8:25:f7:
46:e2:68:5c:ba:70:d0:4a:21:13:02:0d:91:50:22:8c:4e:a5:
c7:6f:01:18
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDdwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3
NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yNTAyMTIw
MTM2NDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ4NUU1QjE4OTg4NDYw
ODc4MjgwMTU2QUMxODQyRjc5MUM2QTQ4NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+tK1QBrwrOxuCO+2WEksSdnAM1o94yj70CswtUEfnZrQ+5R/A
xTCOb4G66sJhpKKtXzZEAROauFg/YoWhVC2x8syx350p8BHR5RYYtKF87bPvnAIS
yjfh/VGl3HtyIki/FO1/3rflQNEZAyEEuC1/mU4dXFuHLQp3GkHxakrkCuPEmxN5
cmD6kY+WjBwkRLrJuupsBFdYBrMb0Z4RzcKxxlpUXs3UgfeF4u7rYfcqBXGxsAym
VZ7MUhsM9P48fe6zgm88YvvyPpMj5khCJWVgBoMPeS33BfL6hBdGJ4/CDY0+obio
+1QYQ6pmBKoeCGtm2vK3irVWda35Z+rIbtalAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2F5bGJiEYIeCgBVqwYQveRxqSGYwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp
Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8yRjViR0ppRVlJZUNnQlZxd1lR
dmVSeHFTR1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqF/2
MA0GCSqGSIb3DQEBCwUAA4IBAQCYnpl4NaQBT3z5J6LW8jfO4j1dLSFWimQr9y1Y
g9+KMGdMMF4xBUCo4AQ9UwJYstcytF67YT5Q/YNVYrIEJ6x74nidgxV/cme76nem
8X99gRGEtQnLDhw8PmNvo1Y/zGFGbYZJ8nXuTq7g6V60aviBnvYOP9vUXghUQai8
dwxhSOA+c9XnYhGlUow/qq2cEtHxOkUWnmP1k/HrqHdVWRh483GIz7vyCz5AuKF9
A+tXRsYvKJzwpmJxaDz9Vb8dPPtovNJgzUrJdytvXKFQvsoJ4+b6k+G8QnepR8po
XJphrC+vL+Qo7H64JfdG4mhcunDQSiETAg2RUCKMTqXHbwEY
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:08:59 2025 by rpki-client