Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/DBxJOiCnY6SMYGYKaRBVJNRd2PY.roa
File: DBxJOiCnY6SMYGYKaRBVJNRd2PY.roa (raw, json)
Hash identifier: 3z0CBAlBKFT6oEn9TABNcc+gS33CnTgMWl1fqwjFQJw=
Subject key identifier: 0C:1C:49:3A:20:A7:63:A4:8C:60:66:0A:69:10:55:24:D4:5D:D8:F6
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 178D
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/DBxJOiCnY6SMYGYKaRBVJNRd2PY.roa
Signing time: Wed 12 Feb 2025 01:36:49 +0000
ROA not before: Wed 12 Feb 2025 01:36:49 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 221.120.25.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6029 (0x178d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:36:49 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=0C1C493A20A763A48C60660A69105524D45DD8F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6a:04:0e:df:d4:ec:98:bd:a4:e6:26:35:4f:
ef:5b:69:66:30:f1:91:a3:64:07:9f:e3:be:58:e6:
14:11:49:d0:d6:43:05:05:e1:c8:be:14:6a:f4:c6:
fb:8b:6d:87:ff:0e:27:9d:21:af:bc:29:41:92:b9:
cd:91:f3:0f:3f:c7:65:9d:7d:69:9a:b9:60:38:c5:
37:50:78:53:92:ad:19:19:85:e6:87:9e:68:e5:4e:
a8:28:d6:a3:54:be:5e:f4:2f:0f:5a:84:0d:d2:f6:
9a:ea:a9:4b:ee:c9:ff:41:21:7c:a4:84:4f:8d:c7:
a8:ea:c5:b0:24:f4:6a:36:e6:9f:06:b5:3d:cd:87:
21:f7:a1:aa:43:43:82:b3:9c:fd:ea:92:ee:52:87:
6c:0e:13:af:92:36:74:0c:36:c9:9e:6d:45:fc:7a:
f6:69:d2:7e:b5:14:9f:b3:48:fb:b4:a8:46:5c:12:
3e:72:2f:ec:17:04:eb:1d:00:27:58:3c:75:18:ee:
41:9f:82:8f:91:d3:51:3b:68:90:df:21:95:98:a1:
86:6d:02:30:62:65:20:69:4d:d9:d2:95:f0:8d:aa:
6a:15:0e:1b:b0:41:c9:b3:15:6f:d5:3b:a7:7b:83:
7a:55:e7:4e:72:5f:d9:60:a7:be:a1:65:39:1c:82:
2b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1C:49:3A:20:A7:63:A4:8C:60:66:0A:69:10:55:24:D4:5D:D8:F6
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/DBxJOiCnY6SMYGYKaRBVJNRd2PY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.120.25.0/24
Signature Algorithm: sha256WithRSAEncryption
79:04:09:fc:41:f7:88:ce:51:f4:03:21:2d:f6:8a:28:54:52:
08:d1:45:5a:79:e9:2c:7d:2c:7f:7a:d6:b4:69:06:87:b3:b4:
ed:d1:d6:1d:63:2e:b6:a7:81:cd:cb:cc:6c:82:e7:0b:4f:09:
24:82:9d:01:30:fe:1f:b1:fd:5f:cb:37:d9:e2:48:0d:e5:17:
dc:52:f9:9f:e5:17:47:71:3c:77:b2:08:af:b9:10:65:f3:7e:
b0:6f:1e:55:75:b5:c0:ef:ab:14:1f:80:0c:ec:d4:f2:e0:05:
b8:9a:d2:db:ee:42:b6:52:f7:b9:15:cc:92:6f:cc:54:a6:b2:
d3:d2:bf:ba:b9:0e:26:6a:1c:a1:3d:9f:5b:c5:4a:ea:18:e8:
cd:cc:e5:d4:f3:52:32:e2:51:9a:66:69:e3:1c:27:21:cb:12:
24:33:ce:3b:c9:0b:a7:7f:67:10:68:c7:75:86:d7:fd:67:a9:
17:c7:f3:36:fe:c7:24:0d:80:26:f5:c5:79:45:3c:04:53:03:
dc:55:46:34:39:27:b7:bf:f0:b8:15:a1:d1:63:dd:4c:c6:16:
21:8a:8c:72:3a:fb:8a:5b:21:82:60:c0:6f:9b:1d:7f:ad:f2:
ae:16:aa:8e:2c:55:57:9a:82:14:29:58:80:3e:2f:b7:54:00:
1b:c7:ad:f6
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICF40wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM2NDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDBDMUM0OTNBMjBBNzYz
QTQ4QzYwNjYwQTY5MTA1NTI0RDQ1REQ4RjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDKagQO39TsmL2k5iY1T+9baWYw8ZGjZAef475Y5hQRSdDWQwUF
4ci+FGr0xvuLbYf/DiedIa+8KUGSuc2R8w8/x2WdfWmauWA4xTdQeFOSrRkZheaH
nmjlTqgo1qNUvl70Lw9ahA3S9prqqUvuyf9BIXykhE+Nx6jqxbAk9Go25p8GtT3N
hyH3oapDQ4KznP3qku5Sh2wOE6+SNnQMNsmebUX8evZp0n61FJ+zSPu0qEZcEj5y
L+wXBOsdACdYPHUY7kGfgo+R01E7aJDfIZWYoYZtAjBiZSBpTdnSlfCNqmoVDhuw
QcmzFW/VO6d7g3pV505yX9lgp76hZTkcgit5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUDBxJOiCnY6SMYGYKaRBVJNRd2PYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9EQnhKT2lDblk2U01ZR1lLYVJC
VkpOUmQyUFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3XgZ
MA0GCSqGSIb3DQEBCwUAA4IBAQB5BAn8QfeIzlH0AyEt9oooVFII0UVaeeksfSx/
eta0aQaHs7Tt0dYdYy62p4HNy8xsgucLTwkkgp0BMP4fsf1fyzfZ4kgN5RfcUvmf
5RdHcTx3sgivuRBl836wbx5VdbXA76sUH4AM7NTy4AW4mtLb7kK2Uve5FcySb8xU
prLT0r+6uQ4mahyhPZ9bxUrqGOjNzOXU81Iy4lGaZmnjHCchyxIkM847yQunf2cQ
aMd1htf9Z6kXx/M2/sckDYAm9cV5RTwEUwPcVUY0OSe3v/C4FaHRY91MxhYhioxy
OvuKWyGCYMBvmx1/rfKuFqqOLFVXmoIUKViAPi+3VAAbx632
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:00:15 2025 by rpki-client