Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Fdi9xdQ-qxQKYDZp7zUPXpGI6sg.roa
File: Fdi9xdQ-qxQKYDZp7zUPXpGI6sg.roa (raw, json)
Hash identifier: PWuJBk/dYdo3WyNZ2Ia3HircWYM+iR8KlpOfG63nTgM=
Subject key identifier: 15:D8:BD:C5:D4:3E:AB:14:0A:60:36:69:EF:35:0F:5E:91:88:EA:C8
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 17BE
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Fdi9xdQ-qxQKYDZp7zUPXpGI6sg.roa
Signing time: Wed 12 Feb 2025 01:37:01 +0000
ROA not before: Wed 12 Feb 2025 01:37:01 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 17421
IP address blocks: 221.120.0.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6078 (0x17be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:37:01 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=15D8BDC5D43EAB140A603669EF350F5E9188EAC8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:ff:95:ba:97:38:5a:82:8f:55:27:e1:d9:
6b:6a:bb:f6:d0:a3:e4:dd:8b:56:f4:12:97:a9:7f:
ce:0c:2e:e7:79:a2:43:2f:38:10:9d:0f:c2:e5:87:
b5:10:0b:6c:b6:1a:93:cc:1e:e8:ec:f4:ca:fa:53:
06:9d:69:7d:e2:a9:13:df:47:63:c6:36:75:78:d6:
d5:d0:7e:a3:a8:86:27:6e:a5:89:7c:d7:96:2b:ab:
47:6f:2e:1c:21:83:19:e1:62:5a:17:10:c9:f1:ed:
7c:9b:ce:9d:ee:a5:77:d8:a2:50:04:54:60:21:38:
66:5b:4c:ef:03:f8:1b:8e:d8:83:04:a3:c7:53:b6:
0d:8c:0b:b9:48:ce:f4:3a:9d:40:46:66:8e:68:52:
43:26:63:3f:0f:9d:5b:85:7d:38:c3:de:40:09:33:
76:63:08:c5:66:af:d6:fa:54:6f:fe:2b:ed:de:17:
54:35:a1:23:4c:1e:5c:b0:61:fb:2f:16:42:03:24:
48:94:30:4e:6f:17:b6:63:39:2f:15:24:7a:fd:bf:
be:27:9b:25:d8:45:34:61:26:8e:5f:41:c6:86:1b:
c4:a1:2e:77:70:e9:40:30:19:68:9a:33:00:86:36:
09:7d:c7:4c:a1:ef:1c:27:ba:ee:87:0d:8f:d5:75:
82:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:D8:BD:C5:D4:3E:AB:14:0A:60:36:69:EF:35:0F:5E:91:88:EA:C8
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Fdi9xdQ-qxQKYDZp7zUPXpGI6sg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.120.0.0/18
Signature Algorithm: sha256WithRSAEncryption
23:98:49:7a:30:07:68:b8:94:52:a5:cb:73:09:ea:a4:7e:ee:
ef:2f:26:bf:e1:8c:69:85:97:9f:ca:b3:77:74:f0:2f:12:3f:
29:63:07:fa:9c:63:7f:dd:dc:d0:83:3f:44:fa:75:70:b0:2b:
83:73:6f:e0:86:4e:f7:80:85:35:76:f3:1e:8a:7e:89:ce:e0:
cf:93:fb:57:14:cf:bb:5d:68:6d:77:38:34:d7:fa:75:53:a1:
aa:65:fd:d0:8d:6a:08:eb:fc:79:5e:fe:a1:34:f8:6e:01:84:
65:61:56:93:5f:2f:7b:42:a4:40:0b:f2:69:63:09:39:5f:54:
64:81:fa:18:5c:e1:29:23:c1:b5:36:6c:21:51:fb:e7:ae:42:
f5:8b:e6:f7:37:14:9c:df:85:40:77:cf:93:2d:68:b9:a9:ad:
ed:85:5f:ab:f7:a6:ec:01:77:75:b1:51:ac:35:0a:3e:3a:ec:
8b:3d:ed:fc:9a:9e:f4:bd:10:f0:a7:e7:a3:90:d5:0b:32:09:
70:ec:20:1a:a6:92:8e:b6:19:66:a1:c1:83:c1:53:24:86:b5:
fb:1e:e5:c9:3e:b2:b2:94:96:7c:ab:76:6c:d4:28:94:3d:50:
87:54:25:04:1a:c7:34:bb:89:19:92:2a:84:72:2d:fa:bf:cd:
b0:ff:17:64
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICF74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM3MDFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDE1RDhCREM1RDQzRUFC
MTQwQTYwMzY2OUVGMzUwRjVFOTE4OEVBQzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBlP+Vupc4WoKPVSfh2Wtqu/bQo+Tdi1b0Epepf84MLud5okMv
OBCdD8Llh7UQC2y2GpPMHujs9Mr6UwadaX3iqRPfR2PGNnV41tXQfqOohidupYl8
15Yrq0dvLhwhgxnhYloXEMnx7Xybzp3upXfYolAEVGAhOGZbTO8D+BuO2IMEo8dT
tg2MC7lIzvQ6nUBGZo5oUkMmYz8PnVuFfTjD3kAJM3ZjCMVmr9b6VG/+K+3eF1Q1
oSNMHlywYfsvFkIDJEiUME5vF7ZjOS8VJHr9v74nmyXYRTRhJo5fQcaGG8ShLndw
6UAwGWiaMwCGNgl9x0yh7xwnuu6HDY/VdYKZAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUFdi9xdQ+qxQKYDZp7zUPXpGI6sgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9GZGk5eGRRLXF4UUtZRFpwN3pV
UFhwR0k2c2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG3XgA
MA0GCSqGSIb3DQEBCwUAA4IBAQAjmEl6MAdouJRSpctzCeqkfu7vLya/4YxphZef
yrN3dPAvEj8pYwf6nGN/3dzQgz9E+nVwsCuDc2/ghk73gIU1dvMein6JzuDPk/tX
FM+7XWhtdzg01/p1U6GqZf3QjWoI6/x5Xv6hNPhuAYRlYVaTXy97QqRAC/JpYwk5
X1RkgfoYXOEpI8G1NmwhUfvnrkL1i+b3NxSc34VAd8+TLWi5qa3thV+r96bsAXd1
sVGsNQo+OuyLPe38mp70vRDwp+ejkNULMglw7CAappKOthlmocGDwVMkhrX7HuXJ
PrKylJZ8q3Zs1CiUPVCHVCUEGsc0u4kZkiqEci36v82w/xdk
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:48:11 2025 by rpki-client