Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/IfgJcOw9qK6EdtsD1poK4agiF_I.roa
File: IfgJcOw9qK6EdtsD1poK4agiF_I.roa (raw, json)
Hash identifier: WE+vAg10sJzhXRbQz/mf/BINu1tJSG+RU/ohKBZTgbM=
Subject key identifier: 21:F8:09:70:EC:3D:A8:AE:84:76:DB:03:D6:9A:0A:E1:A8:22:17:F2
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 173D
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IfgJcOw9qK6EdtsD1poK4agiF_I.roa
Signing time: Wed 12 Feb 2025 01:36:31 +0000
ROA not before: Wed 12 Feb 2025 01:36:31 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 218.168.0.0/13 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5949 (0x173d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:36:31 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=21F80970EC3DA8AE8476DB03D69A0AE1A82217F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:49:c9:5f:26:df:07:be:6d:d5:7b:30:9c:56:
74:07:ff:a7:a7:5a:41:a6:df:39:d2:c3:cb:d6:18:
98:45:ce:ea:f8:9d:9a:db:6f:33:39:a9:d8:03:cb:
18:1c:a3:ef:25:3b:aa:0f:d3:45:8f:5b:50:5b:79:
a5:b4:1f:ac:41:60:d4:f3:14:06:db:4c:cc:4e:19:
f4:9b:3f:98:1e:ad:c0:c5:03:17:29:39:40:62:b2:
12:c5:cd:a2:d8:00:cd:d0:6d:25:a9:44:4b:11:dc:
16:a9:53:fb:9f:41:87:68:49:e2:8c:79:8a:dc:2e:
97:50:cf:35:36:12:55:15:52:c2:c1:65:90:06:da:
f2:c5:0f:28:31:ca:62:b3:64:66:05:87:9e:d1:b2:
de:a6:e3:c5:56:53:98:8e:5e:75:9e:ba:26:6f:c5:
e1:2e:eb:55:a2:5e:7f:e4:44:87:ba:27:6f:26:fb:
dc:1c:55:7c:ce:53:a4:f7:aa:f0:0e:6d:ad:74:65:
dd:19:75:39:11:71:a0:21:fc:75:ab:c8:89:c2:50:
d6:63:4b:34:96:92:4f:02:d9:67:01:26:48:17:87:
05:85:05:21:c5:99:cb:f5:32:4c:fc:98:a1:33:f1:
e5:a0:0e:8d:fd:7f:b4:3a:2a:2d:8e:80:00:7f:f7:
35:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:F8:09:70:EC:3D:A8:AE:84:76:DB:03:D6:9A:0A:E1:A8:22:17:F2
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/IfgJcOw9qK6EdtsD1poK4agiF_I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.168.0.0/13
Signature Algorithm: sha256WithRSAEncryption
5a:8a:99:25:8a:92:46:87:f1:42:df:7e:d0:67:7f:72:76:b5:
dd:21:ca:61:7a:5e:f4:d4:11:55:55:18:5e:ff:06:80:44:97:
b8:c2:38:9f:2d:f8:a3:96:0e:9d:3f:88:30:e7:92:dd:e4:4e:
29:11:9a:ee:bd:7e:e7:1f:eb:7c:b3:20:46:c3:18:d0:2f:d4:
0b:d2:13:4e:7b:f3:78:fe:62:eb:69:2b:db:6d:60:46:ca:f6:
3b:61:92:9d:6c:e4:e3:b5:72:18:26:fb:1e:b7:be:7a:3f:61:
bb:83:e3:56:90:15:b3:d9:6f:fc:9d:cf:58:9e:22:e5:68:e4:
69:2f:f8:ba:1d:71:d4:66:c1:f9:5a:16:12:f3:e8:38:52:bf:
5a:63:51:e9:03:ee:63:bb:2a:a9:0a:db:bd:35:88:6e:0c:fe:
aa:7c:72:1e:81:9e:cb:86:3f:53:17:8e:96:a4:76:c0:dc:b7:
66:25:35:22:0a:a7:1d:5e:ce:a3:85:91:54:fb:22:05:75:fc:
53:56:ce:da:5c:cf:b3:77:46:73:fe:1e:f4:f5:b5:77:50:fb:
e1:80:39:d2:f5:cd:84:87:55:42:3b:81:c7:93:70:da:dc:dd:
d6:9f:0e:15:a2:f3:97:30:07:77:20:de:a4:ab:73:1e:ad:cb:
50:8a:6b:3a
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFz0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM2MzFaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDIxRjgwOTcwRUMzREE4
QUU4NDc2REIwM0Q2OUEwQUUxQTgyMjE3RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMSclfJt8Hvm3VezCcVnQH/6enWkGm3znSw8vWGJhFzur4nZrb
bzM5qdgDyxgco+8lO6oP00WPW1BbeaW0H6xBYNTzFAbbTMxOGfSbP5gercDFAxcp
OUBishLFzaLYAM3QbSWpREsR3BapU/ufQYdoSeKMeYrcLpdQzzU2ElUVUsLBZZAG
2vLFDygxymKzZGYFh57Rst6m48VWU5iOXnWeuiZvxeEu61WiXn/kRIe6J28m+9wc
VXzOU6T3qvAOba10Zd0ZdTkRcaAh/HWryInCUNZjSzSWkk8C2WcBJkgXhwWFBSHF
mcv1Mkz8mKEz8eWgDo39f7Q6Ki2OgAB/9zVtAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUIfgJcOw9qK6EdtsD1poK4agiF/IwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9JZmdKY093OXFLNkVkdHNEMXBv
SzRhZ2lGX0kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD2qgw
DQYJKoZIhvcNAQELBQADggEBAFqKmSWKkkaH8ULfftBnf3J2td0hymF6XvTUEVVV
GF7/BoBEl7jCOJ8t+KOWDp0/iDDnkt3kTikRmu69fucf63yzIEbDGNAv1AvSE057
83j+YutpK9ttYEbK9jthkp1s5OO1chgm+x63vno/YbuD41aQFbPZb/ydz1ieIuVo
5Gkv+LodcdRmwflaFhLz6DhSv1pjUekD7mO7KqkK2701iG4M/qp8ch6BnsuGP1MX
jpakdsDct2YlNSIKpx1ezqOFkVT7IgV1/FNWztpcz7N3RnP+HvT1tXdQ++GAOdL1
zYSHVUI7gceTcNrc3dafDhWi85cwB3cg3qSrcx6ty1CKazo=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:02:52 2025 by rpki-client