Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2cPdyUcsyR1ZxMgfUHwsPHUcy5Y.roa
File: 2cPdyUcsyR1ZxMgfUHwsPHUcy5Y.roa (raw, json)
Hash identifier: 8WRbTw+hORtBnaOue+pcczsM6X9Ww7HfQPxGhd4R65M=
Subject key identifier: D9:C3:DD:C9:47:2C:C9:1D:59:C4:C8:1F:50:7C:2C:3C:75:1C:CB:96
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1768
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2cPdyUcsyR1ZxMgfUHwsPHUcy5Y.roa
Signing time: Wed 12 Feb 2025 01:36:40 +0000
ROA not before: Wed 12 Feb 2025 01:36:40 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17421
IP address blocks: 211.79.32.0/20 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5992 (0x1768)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:36:40 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=D9C3DDC9472CC91D59C4C81F507C2C3C751CCB96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c9:90:91:39:ed:64:79:0c:1f:ad:71:43:28:
74:b8:c9:d4:6f:ce:77:23:d0:ba:49:c1:20:32:66:
fc:56:f9:81:b1:26:d7:3a:34:5d:a8:41:4a:e0:ff:
85:6d:dc:c7:62:0d:17:f7:93:11:08:0b:98:f7:8d:
d2:12:7a:9f:79:57:ec:0f:b7:e9:df:a0:ad:7e:7c:
26:38:ea:5e:89:67:c3:43:b4:5a:3e:00:8a:41:ba:
9a:f6:f0:0e:99:34:66:3d:3a:78:2e:ea:22:83:16:
aa:d5:fd:72:19:29:ee:15:3d:78:9e:aa:73:d1:6a:
5c:e1:2c:5e:1d:77:97:90:de:e1:72:30:e2:a5:e9:
d8:c9:78:55:31:85:6b:ca:ce:e7:16:08:24:f0:4b:
85:bd:e6:6f:f3:76:e5:ac:e4:d5:3c:1c:6c:73:13:
ef:a7:26:05:c2:ab:d5:3c:9e:c9:fd:31:e0:ff:a1:
e3:d1:2b:6d:13:2c:06:7b:c2:20:ec:86:48:64:59:
20:fd:6d:e6:f5:42:41:8f:c8:1e:56:a4:7f:29:7f:
d5:72:ad:8a:98:e5:85:f3:d9:48:79:e6:62:91:90:
47:12:ae:8f:c3:a6:92:98:d6:5d:75:b4:fd:34:7a:
95:89:5c:9f:a8:6b:94:45:fe:4d:a7:3c:23:75:9e:
d7:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C3:DD:C9:47:2C:C9:1D:59:C4:C8:1F:50:7C:2C:3C:75:1C:CB:96
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2cPdyUcsyR1ZxMgfUHwsPHUcy5Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.79.32.0/20
Signature Algorithm: sha256WithRSAEncryption
a9:bc:6b:e0:78:4d:71:0e:5b:21:b9:1c:6f:53:b1:01:78:1a:
cd:3c:00:ff:be:c5:06:2b:65:1a:e8:47:f8:24:67:fb:ca:90:
95:17:7e:bb:8d:51:ee:18:fa:2b:d9:0a:82:e2:09:4b:2a:73:
03:18:60:46:48:fa:51:b4:ef:66:77:92:2f:69:55:bc:d1:1c:
3c:b7:2e:93:38:71:ca:46:30:ee:fe:60:be:cb:fd:a5:c5:85:
3c:cb:bd:ea:0e:8e:7e:11:45:63:18:14:1f:19:e7:e2:37:ce:
0c:93:f8:03:52:6e:c1:c8:16:a5:47:a4:a3:2e:b8:19:e0:00:
ca:9f:06:f1:1b:51:b6:4d:85:0f:24:21:f6:b0:a2:56:5f:1f:
21:b6:0b:a3:70:72:5e:ee:66:5b:b5:c4:6e:be:2a:42:1c:79:
61:4d:c7:15:85:30:f8:4c:eb:c6:b3:20:b8:d2:f8:fd:f7:bd:
3b:d7:f8:c1:3e:3a:7b:5d:32:27:b4:c0:a3:00:d2:7a:ae:aa:
25:89:09:8b:0d:97:f6:67:64:37:b5:0e:e7:a5:78:c4:30:a4:
d4:6b:eb:21:e3:4c:69:c2:6e:76:80:27:f9:c1:1e:3d:e7:87:
9e:3c:c4:5d:b3:15:16:56:5e:8a:f9:54:26:c8:be:90:68:06:
78:0e:92:fc
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICF2gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM2NDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEQ5QzNEREM5NDcyQ0M5
MUQ1OUM0QzgxRjUwN0MyQzNDNzUxQ0NCOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC4yZCROe1keQwfrXFDKHS4ydRvzncj0LpJwSAyZvxW+YGxJtc6
NF2oQUrg/4Vt3MdiDRf3kxEIC5j3jdISep95V+wPt+nfoK1+fCY46l6JZ8NDtFo+
AIpBupr28A6ZNGY9Ongu6iKDFqrV/XIZKe4VPXieqnPRalzhLF4dd5eQ3uFyMOKl
6djJeFUxhWvKzucWCCTwS4W95m/zduWs5NU8HGxzE++nJgXCq9U8nsn9MeD/oePR
K20TLAZ7wiDshkhkWSD9beb1QkGPyB5WpH8pf9VyrYqY5YXz2Uh55mKRkEcSro/D
ppKY1l11tP00epWJXJ+oa5RF/k2nPCN1nte7AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2cPdyUcsyR1ZxMgfUHwsPHUcy5YwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8yY1BkeVVjc3lSMVp4TWdmVUh3
c1BIVWN5NVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE008g
MA0GCSqGSIb3DQEBCwUAA4IBAQCpvGvgeE1xDlshuRxvU7EBeBrNPAD/vsUGK2Ua
6Ef4JGf7ypCVF367jVHuGPor2QqC4glLKnMDGGBGSPpRtO9md5IvaVW80Rw8ty6T
OHHKRjDu/mC+y/2lxYU8y73qDo5+EUVjGBQfGefiN84Mk/gDUm7ByBalR6SjLrgZ
4ADKnwbxG1G2TYUPJCH2sKJWXx8htgujcHJe7mZbtcRuvipCHHlhTccVhTD4TOvG
syC40vj997071/jBPjp7XTIntMCjANJ6rqoliQmLDZf2Z2Q3tQ7npXjEMKTUa+sh
40xpwm52gCf5wR4954eePMRdsxUWVl6K+VQmyL6QaAZ4DpL8
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:03 2025 by rpki-client