Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/9Yi6U9fI-8tq9pwOHyW1w_8xwGc.roa
File: 9Yi6U9fI-8tq9pwOHyW1w_8xwGc.roa (raw, json)
Hash identifier: hTqMNfalRdsBwBXmXOz5tNPG1/opmtr9iBpBdx0Pkh8=
Subject key identifier: F5:88:BA:53:D7:C8:FB:CB:6A:F6:9C:0E:1F:25:B5:C3:FF:31:C0:67
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1749
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/9Yi6U9fI-8tq9pwOHyW1w_8xwGc.roa
Signing time: Wed 12 Feb 2025 01:36:33 +0000
ROA not before: Wed 12 Feb 2025 01:36:33 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.72.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5961 (0x1749)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:36:33 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=F588BA53D7C8FBCB6AF69C0E1F25B5C3FF31C067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:21:02:ad:8a:a6:27:7a:94:64:aa:8a:db:a6:
d4:2f:17:a0:3d:05:8b:77:0a:91:6d:22:b0:c7:18:
5f:54:48:d3:35:10:c2:a7:5e:ad:0a:36:bb:ba:b0:
ba:fe:0a:fd:49:35:9e:88:9c:30:31:55:84:ca:78:
61:82:ae:e7:3a:8f:d0:1e:18:7a:aa:42:00:f4:d7:
37:c8:8b:8a:26:8d:d8:8b:a6:7c:0d:fb:2d:e0:49:
97:b4:70:76:fc:3d:cd:c1:92:b8:96:ad:a4:f2:3d:
41:59:7c:25:7b:f4:fa:4f:3f:04:20:ea:17:59:c4:
78:e5:4d:86:d7:e8:50:ed:b2:f5:04:6a:73:70:b9:
66:7a:e3:d0:a2:44:26:25:0a:d0:a9:99:b9:b0:68:
ed:4f:a5:63:c1:a3:a0:9f:1c:d8:d9:6b:e5:ff:5c:
1a:a7:8e:9c:2c:b0:a5:ea:d4:33:cc:26:11:aa:b7:
ff:af:e3:5f:03:6e:32:2e:3f:c1:f3:44:88:1b:03:
b2:08:5e:29:36:d2:05:89:65:32:f5:12:0e:56:bd:
9c:63:0d:47:4b:3e:ea:75:5b:59:cd:f2:4a:80:a1:
44:8d:c5:7f:c4:da:d5:55:25:c1:65:27:c9:7c:37:
5d:ee:bd:6d:88:ce:7b:ee:b9:99:3e:57:95:fd:57:
9b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:88:BA:53:D7:C8:FB:CB:6A:F6:9C:0E:1F:25:B5:C3:FF:31:C0:67
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/9Yi6U9fI-8tq9pwOHyW1w_8xwGc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.72.0/24
Signature Algorithm: sha256WithRSAEncryption
07:43:1d:af:9c:06:f2:b6:a5:36:b3:53:c0:28:a0:cc:e4:72:
0d:2c:ec:78:ef:2c:68:f4:88:51:57:0c:a8:d7:29:15:f7:b1:
27:a1:bc:2f:2c:21:60:93:71:a7:2d:f5:36:48:8d:90:c9:ab:
93:35:e9:5d:da:4b:0b:47:30:57:0c:47:f1:8e:21:0d:be:3e:
e6:65:b0:64:8b:b2:c0:8b:d2:f4:e9:52:ff:4f:87:99:ff:57:
76:98:e4:a4:c0:af:f4:5d:f8:ac:87:0a:e9:18:70:f2:16:12:
12:0e:70:f6:4f:f3:6e:29:72:7f:cc:8d:f1:9c:8e:dd:eb:e5:
d3:b9:9e:4a:a5:85:e1:fb:49:ad:5a:ee:e2:58:d4:f6:16:db:
2d:3f:84:ed:10:c3:3c:91:13:a0:cc:0d:0b:a6:05:49:a0:da:
8d:fe:ad:66:e5:02:da:a2:7a:ca:60:6b:cc:54:17:c7:ae:4e:
64:43:88:f3:5a:d5:ea:33:1c:c2:97:b9:48:26:dc:db:f3:96:
bc:f7:74:33:c2:c2:ef:42:e0:0b:e6:f4:d4:9f:d6:83:a6:2c:
f0:ae:8d:71:b7:4b:e2:bc:63:50:5f:63:d0:28:58:ea:36:d3:
fa:f5:aa:2c:0b:41:90:6e:65:39:fa:7e:6d:6d:28:6f:2b:57:
3a:83:9e:a4
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICF0kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM2MzNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKEY1ODhCQTUzRDdDOEZC
Q0I2QUY2OUMwRTFGMjVCNUMzRkYzMUMwNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeIQKtiqYnepRkqorbptQvF6A9BYt3CpFtIrDHGF9USNM1EMKn
Xq0KNru6sLr+Cv1JNZ6InDAxVYTKeGGCruc6j9AeGHqqQgD01zfIi4omjdiLpnwN
+y3gSZe0cHb8Pc3BkriWraTyPUFZfCV79PpPPwQg6hdZxHjlTYbX6FDtsvUEanNw
uWZ649CiRCYlCtCpmbmwaO1PpWPBo6CfHNjZa+X/XBqnjpwssKXq1DPMJhGqt/+v
418DbjIuP8HzRIgbA7IIXik20gWJZTL1Eg5WvZxjDUdLPup1W1nN8kqAoUSNxX/E
2tVVJcFlJ8l8N13uvW2IznvuuZk+V5X9V5srAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU9Yi6U9fI+8tq9pwOHyW1w/8xwGcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC85WWk2VTlmSS04dHE5cHdPSHlX
MXdfOHh3R2Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBI
MA0GCSqGSIb3DQEBCwUAA4IBAQAHQx2vnAbytqU2s1PAKKDM5HINLOx47yxo9IhR
Vwyo1ykV97EnobwvLCFgk3GnLfU2SI2QyauTNeld2ksLRzBXDEfxjiENvj7mZbBk
i7LAi9L06VL/T4eZ/1d2mOSkwK/0XfishwrpGHDyFhISDnD2T/NuKXJ/zI3xnI7d
6+XTuZ5KpYXh+0mtWu7iWNT2FtstP4TtEMM8kROgzA0LpgVJoNqN/q1m5QLaonrK
YGvMVBfHrk5kQ4jzWtXqMxzCl7lIJtzb85a893QzwsLvQuAL5vTUn9aDpizwro1x
t0vivGNQX2PQKFjqNtP69aosC0GQbmU5+n5tbShvK1c6g56k
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:00:07 2025 by rpki-client