Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/7hytK3xqwKhVtxNs0L12_PMIJz4.roa
File: 7hytK3xqwKhVtxNs0L12_PMIJz4.roa (raw, json)
Hash identifier: BgLzxxdNV8U+k3lclvQUaZ3/azNo9IrFPIm1anj7Oek=
Subject key identifier: EE:1C:AD:2B:7C:6A:C0:A8:55:B7:13:6C:D0:BD:76:FC:F3:08:27:3E
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1744
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/7hytK3xqwKhVtxNs0L12_PMIJz4.roa
Signing time: Wed 12 Feb 2025 01:36:32 +0000
ROA not before: Wed 12 Feb 2025 01:36:32 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17421
IP address blocks: 111.70.0.0/15 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5956 (0x1744)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:36:32 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=EE1CAD2B7C6AC0A855B7136CD0BD76FCF308273E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:74:0f:c7:47:3f:33:8f:ec:6f:e7:d8:5f:25:
f7:e4:79:c3:20:34:1b:2b:ff:25:0f:0e:d9:e7:ba:
67:5d:74:aa:91:b7:e8:ad:c8:a7:99:99:21:26:8d:
3e:6a:be:86:bc:4b:29:9e:46:71:aa:57:46:c4:69:
b8:79:6e:9c:bd:11:7e:05:d2:04:65:f9:dd:89:c5:
b8:25:c7:bb:ee:49:42:61:1e:92:7a:7a:8f:ce:81:
cb:04:60:4e:7e:94:62:15:5b:79:07:86:7b:67:f1:
23:1a:75:e6:d7:33:d3:ad:64:2a:a0:8a:91:aa:6b:
7c:bf:2e:a8:41:ea:5d:75:c3:7c:27:f5:ae:b6:77:
08:89:cc:a0:c2:31:f4:c3:31:0c:d0:96:13:17:1f:
3a:b7:31:6f:f0:2b:cc:87:de:af:76:fc:27:33:67:
47:0d:b9:82:c6:94:6b:71:26:1c:96:05:2d:d3:3f:
fb:c6:0f:51:86:5c:06:db:ef:e9:8d:ae:07:16:2b:
d1:b0:d4:a1:8b:5a:dc:ea:9b:c5:70:42:42:e4:ae:
b7:0a:0c:38:e7:5d:f6:a1:60:53:f6:c0:f5:49:68:
50:cd:9b:e8:f9:2f:43:fb:e6:6d:0c:28:6b:55:35:
2a:58:ce:ec:a5:c5:0c:e1:01:cd:ce:0b:eb:91:cc:
77:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:1C:AD:2B:7C:6A:C0:A8:55:B7:13:6C:D0:BD:76:FC:F3:08:27:3E
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/7hytK3xqwKhVtxNs0L12_PMIJz4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
111.70.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a8:94:46:48:fa:af:79:a6:34:ce:b8:0d:ff:b5:58:4e:7f:92:
81:7c:45:0e:c7:a2:e5:cc:39:09:e7:08:73:ef:4a:ef:72:e0:
c7:ef:f1:b4:36:2d:7e:83:6f:61:7d:9a:73:fd:bd:fd:25:ea:
2e:9b:d0:36:2d:86:6e:32:f6:6b:88:39:5b:5c:d2:77:be:8c:
ca:b9:8b:31:42:d9:b2:f0:81:b7:7a:d0:4d:da:f3:be:7c:0e:
10:56:03:5c:f1:5c:aa:02:9b:dd:06:cb:c7:6d:8d:d2:63:c2:
bf:9d:31:aa:82:0b:71:27:64:d3:14:4e:eb:b4:f5:aa:68:3f:
a6:a1:c6:a2:8b:62:e3:71:57:ba:0d:64:04:1a:33:22:cf:81:
27:c0:91:52:ea:1f:60:05:3a:36:cb:96:eb:f1:e2:d0:0c:2e:
c0:60:bf:08:5b:f8:d8:66:7c:49:6c:41:5d:07:3c:9d:19:6e:
1c:0a:8f:77:9e:24:d7:35:3e:55:29:17:c9:fa:69:8d:16:e5:
28:5c:24:44:f4:24:ff:fe:f1:d1:7c:81:88:5e:fe:28:11:01:
a0:8c:9b:25:c0:9b:4a:97:dc:0f:dd:4b:10:c0:b5:61:35:af:
5c:a1:d5:9c:e5:24:db:af:4d:cc:4a:94:cd:94:fe:43:f7:ed:
14:94:fa:c1
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICF0QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM2MzJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEVFMUNBRDJCN0M2QUMw
QTg1NUI3MTM2Q0QwQkQ3NkZDRjMwODI3M0UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkdA/HRz8zj+xv59hfJffkecMgNBsr/yUPDtnnumdddKqRt+it
yKeZmSEmjT5qvoa8SymeRnGqV0bEabh5bpy9EX4F0gRl+d2Jxbglx7vuSUJhHpJ6
eo/OgcsEYE5+lGIVW3kHhntn8SMadebXM9OtZCqgipGqa3y/LqhB6l11w3wn9a62
dwiJzKDCMfTDMQzQlhMXHzq3MW/wK8yH3q92/CczZ0cNuYLGlGtxJhyWBS3TP/vG
D1GGXAbb7+mNrgcWK9Gw1KGLWtzqm8VwQkLkrrcKDDjnXfahYFP2wPVJaFDNm+j5
L0P75m0MKGtVNSpYzuylxQzhAc3OC+uRzHePAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU7hytK3xqwKhVtxNs0L12/PMIJz4wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC83aHl0SzN4cXdLaFZ0eE5zMEwx
Ml9QTUlKejQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBb0Yw
DQYJKoZIhvcNAQELBQADggEBAKiURkj6r3mmNM64Df+1WE5/koF8RQ7HouXMOQnn
CHPvSu9y4Mfv8bQ2LX6Db2F9mnP9vf0l6i6b0DYthm4y9muIOVtc0ne+jMq5izFC
2bLwgbd60E3a8758DhBWA1zxXKoCm90Gy8dtjdJjwr+dMaqCC3EnZNMUTuu09apo
P6ahxqKLYuNxV7oNZAQaMyLPgSfAkVLqH2AFOjbLluvx4tAMLsBgvwhb+NhmfEls
QV0HPJ0ZbhwKj3eeJNc1PlUpF8n6aY0W5ShcJET0JP/+8dF8gYhe/igRAaCMmyXA
m0qX3A/dSxDAtWE1r1yh1ZzlJNuvTcxKlM2U/kP37RSU+sE=
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:47:47 2025 by rpki-client