Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/3_Y7FxvIsq2h3cW3tQkSfRAChIQ.roa
File: 3_Y7FxvIsq2h3cW3tQkSfRAChIQ.roa (raw, json)
Hash identifier: LOVqbDzjg97nLzpgi6+KgQ6A1+sFfKwWKebTkpbyIvs=
Subject key identifier: DF:F6:3B:17:1B:C8:B2:AD:A1:DD:C5:B7:B5:09:12:7D:10:02:84:84
Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Certificate serial: 0DDE
Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/3_Y7FxvIsq2h3cW3tQkSfRAChIQ.roa
Signing time: Wed 12 Feb 2025 01:37:00 +0000
ROA not before: Wed 12 Feb 2025 01:37:00 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131660
IP address blocks: 168.95.245.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3550 (0xdde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Validity
Not Before: Feb 12 01:37:00 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=DFF63B171BC8B2ADA1DDC5B7B509127D10028484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:58:53:b8:f1:f1:d1:9b:5a:f1:e2:14:7b:01:
09:42:4a:48:01:7f:65:8e:42:e8:0c:7c:99:dc:32:
9d:59:9e:e8:3e:c6:be:e8:76:99:84:fc:fa:6e:89:
f0:11:ab:f7:91:3c:a4:e2:86:7a:34:94:c9:14:42:
94:ed:11:93:75:54:41:41:80:70:1f:05:05:c1:1f:
c1:05:74:82:5a:5e:24:b9:b0:19:6f:09:8f:c6:9f:
61:df:1e:c8:0d:b1:a3:43:4a:4d:e6:dd:ee:20:07:
88:c7:9f:2d:a4:23:d5:e0:e5:20:64:90:7a:54:4a:
1b:e2:5b:fd:68:14:3d:62:4e:6a:14:95:26:64:ba:
dc:5e:dd:e4:e9:fb:80:f6:a1:f0:f3:17:8c:77:9d:
da:bd:b2:17:12:67:11:df:e3:ad:86:eb:14:55:82:
e6:e8:5a:43:1c:91:78:8f:54:3f:9a:9c:12:27:1b:
1f:ca:21:90:b0:00:5f:1c:76:a3:27:81:f3:76:3b:
69:cd:9b:f1:2c:12:e8:10:ca:7f:67:3e:a5:ac:6d:
9a:48:7c:ba:6e:a3:9f:91:20:a5:e3:4b:f8:21:b9:
58:7d:57:c8:2d:27:a5:7f:75:55:24:f5:b6:9e:9d:
7f:e2:81:9a:c2:15:ee:c6:d3:df:c7:82:f3:b4:e1:
20:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:F6:3B:17:1B:C8:B2:AD:A1:DD:C5:B7:B5:09:12:7D:10:02:84:84
X509v3 Authority Key Identifier:
keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/3_Y7FxvIsq2h3cW3tQkSfRAChIQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
168.95.245.0/24
Signature Algorithm: sha256WithRSAEncryption
19:db:6a:c8:ee:5f:6c:42:10:9a:74:08:e3:e9:95:90:78:54:
9e:6e:e1:ad:d0:41:4d:6e:58:f7:b0:25:f9:9a:29:8c:8f:00:
f8:c1:09:3d:6e:2f:3a:82:17:b5:fe:eb:47:ab:fe:7a:35:c2:
54:ca:ca:39:d9:a0:90:ba:75:23:42:ee:06:5f:79:3e:bc:37:
3c:95:94:96:d4:16:b1:63:47:71:3f:51:d3:c0:03:03:5d:f2:
89:af:dd:ef:12:3d:f5:9b:53:28:07:3d:4b:37:95:34:32:e6:
86:6c:65:24:90:e9:43:b9:73:91:6f:b1:45:ea:8f:fc:b2:57:
bc:e1:cb:e3:2e:8d:06:38:c9:87:99:bd:d7:1e:d0:7e:e1:e7:
69:88:0e:83:e5:e3:5a:83:14:99:48:d5:37:c8:af:8f:e1:d3:
88:ba:13:5e:94:e5:a2:fd:ab:c8:53:67:73:fb:25:c9:c7:1a:
f5:68:c7:58:8c:ca:2f:26:70:87:2d:10:6e:74:01:f2:43:ef:
fd:12:08:99:14:20:01:07:b2:00:85:a3:73:f7:4a:55:4b:09:
ac:71:c7:78:aa:79:70:86:6c:bb:76:bf:ac:c2:08:44:19:6b:
a4:8b:46:7e:57:f9:80:fb:2a:b4:e8:96:33:04:dc:26:b5:71:
54:5b:94:4e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDd4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3
NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yNTAyMTIw
MTM3MDBaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKERGRjYzQjE3MUJDOEIy
QURBMUREQzVCN0I1MDkxMjdEMTAwMjg0ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9WFO48fHRm1rx4hR7AQlCSkgBf2WOQugMfJncMp1Znug+xr7o
dpmE/PpuifARq/eRPKTihno0lMkUQpTtEZN1VEFBgHAfBQXBH8EFdIJaXiS5sBlv
CY/Gn2HfHsgNsaNDSk3m3e4gB4jHny2kI9Xg5SBkkHpUShviW/1oFD1iTmoUlSZk
utxe3eTp+4D2ofDzF4x3ndq9shcSZxHf462G6xRVguboWkMckXiPVD+anBInGx/K
IZCwAF8cdqMngfN2O2nNm/EsEugQyn9nPqWsbZpIfLpuo5+RIKXjS/ghuVh9V8gt
J6V/dVUk9baenX/igZrCFe7G09/HgvO04SCPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3/Y7FxvIsq2h3cW3tQkSfRAChIQwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp
Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8zX1k3Rnh2SXNxMmgzY1czdFFr
U2ZSQUNoSVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqF/1
MA0GCSqGSIb3DQEBCwUAA4IBAQAZ22rI7l9sQhCadAjj6ZWQeFSebuGt0EFNblj3
sCX5mimMjwD4wQk9bi86ghe1/utHq/56NcJUyso52aCQunUjQu4GX3k+vDc8lZSW
1BaxY0dxP1HTwAMDXfKJr93vEj31m1MoBz1LN5U0MuaGbGUkkOlDuXORb7FF6o/8
sle84cvjLo0GOMmHmb3XHtB+4edpiA6D5eNagxSZSNU3yK+P4dOIuhNelOWi/avI
U2dz+yXJxxr1aMdYjMovJnCHLRBudAHyQ+/9EgiZFCABB7IAhaNz90pVSwmsccd4
qnlwhmy7dr+swghEGWuki0Z+V/mA+yq06JYzBNwmtXFUW5RO
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:14:10 2025 by rpki-client