Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/KQAzQZ0QyZeztutkjdGYfgO7E0w.roa
File: KQAzQZ0QyZeztutkjdGYfgO7E0w.roa (raw, json)
Hash identifier: iDy+nv5i1+hcYgoCfCRBVdmAaZLmjpFMlMEsc2EvVPk=
Subject key identifier: 29:00:33:41:9D:10:C9:97:B3:B6:EB:64:8D:D1:98:7E:03:BB:13:4C
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 17C4
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/KQAzQZ0QyZeztutkjdGYfgO7E0w.roa
Signing time: Wed 12 Feb 2025 01:37:02 +0000
ROA not before: Wed 12 Feb 2025 01:37:02 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 220.128.71.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6084 (0x17c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 12 01:37:02 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=290033419D10C997B3B6EB648DD1987E03BB134C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:12:af:3b:ba:77:b8:37:1a:03:d4:5b:8d:7e:
69:a0:10:db:77:4a:7c:2a:80:3b:48:dc:eb:3d:19:
a9:e3:44:21:22:18:f2:36:ed:dc:c4:78:06:51:f6:
fa:33:83:b7:ba:01:98:52:a7:11:09:1d:b6:17:52:
0c:f5:a9:ad:3f:09:dc:e3:f2:82:dc:80:66:12:54:
46:52:f9:3c:a8:93:30:22:66:41:5f:b4:bf:76:28:
78:1c:d3:ed:1f:50:19:02:e7:7a:33:2d:79:76:21:
b0:a1:76:db:9e:a1:5f:ac:af:b4:94:13:bc:1f:aa:
da:6f:a7:15:a2:b9:19:24:0b:ba:43:df:c8:e9:5a:
f9:54:c8:15:01:71:6d:ce:76:bd:65:48:49:82:fa:
fc:ba:59:3d:08:1d:ea:2f:05:39:02:a2:79:17:a0:
32:82:e6:29:73:22:ff:6b:36:23:61:25:2a:c1:3c:
43:20:28:7a:65:25:20:05:70:81:a5:b3:67:7f:18:
38:03:af:64:3f:08:0f:9d:b6:1e:e3:55:66:06:dd:
97:78:8c:d3:4c:97:9f:5e:82:f5:85:69:93:d0:64:
3a:3b:9e:55:ec:88:2b:4e:9a:58:df:fb:eb:e4:d4:
6a:34:28:35:a1:59:c7:ca:89:c3:97:54:05:99:9b:
21:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:00:33:41:9D:10:C9:97:B3:B6:EB:64:8D:D1:98:7E:03:BB:13:4C
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/KQAzQZ0QyZeztutkjdGYfgO7E0w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.71.0/24
Signature Algorithm: sha256WithRSAEncryption
02:02:c5:2e:9b:b0:64:d2:d5:27:87:c0:06:2b:d3:a9:cf:c7:
f7:18:8c:b6:13:b5:31:72:ed:b0:f9:68:5e:7e:63:2b:a6:44:
5c:51:5b:6d:12:ac:33:02:d3:3f:ed:ad:7a:ba:31:5e:ee:db:
c1:76:a4:cf:c4:73:24:1b:81:d7:0e:94:91:80:87:8d:78:e9:
31:52:89:23:01:e9:9e:18:a1:2e:28:5f:a1:09:29:78:97:9c:
b6:c5:14:9a:9a:86:2f:79:0d:05:6a:66:af:d2:7d:52:b2:cf:
c2:5e:1f:16:f1:f5:de:c1:2c:36:e4:72:02:48:82:a3:ea:ef:
4b:b1:74:d8:cc:8a:e5:ef:60:1d:d8:c8:ed:ea:e1:61:db:2d:
a1:ed:a7:3c:c4:fa:68:79:c5:30:d9:58:c3:7b:e3:d6:c1:76:
ce:e0:69:84:1f:f4:6f:6c:14:85:03:94:9a:6d:e2:cc:80:7e:
e2:15:fe:4d:35:d4:57:5a:31:c2:f1:dd:a2:2f:50:a5:ec:46:
84:9f:09:73:c4:5e:5f:70:74:9a:31:f6:8a:89:ba:b3:99:bb:
72:a1:62:1e:d9:7f:d7:7d:32:f6:fd:98:89:3d:bb:38:77:ae:
15:fe:44:40:30:4a:98:b8:d3:51:85:03:dd:08:e8:68:96:3d:
56:31:22:7d
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICF8QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTIw
MTM3MDJaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI5MDAzMzQxOUQxMEM5
OTdCM0I2RUI2NDhERDE5ODdFMDNCQjEzNEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDWEq87une4NxoD1FuNfmmgENt3SnwqgDtI3Os9GanjRCEiGPI2
7dzEeAZR9vozg7e6AZhSpxEJHbYXUgz1qa0/Cdzj8oLcgGYSVEZS+TyokzAiZkFf
tL92KHgc0+0fUBkC53ozLXl2IbChdtueoV+sr7SUE7wfqtpvpxWiuRkkC7pD38jp
WvlUyBUBcW3Odr1lSEmC+vy6WT0IHeovBTkConkXoDKC5ilzIv9rNiNhJSrBPEMg
KHplJSAFcIGls2d/GDgDr2Q/CA+dth7jVWYG3Zd4jNNMl59egvWFaZPQZDo7nlXs
iCtOmljf++vk1Go0KDWhWcfKicOXVAWZmyGZAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKQAzQZ0QyZeztutkjdGYfgO7E0wwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9LUUF6UVowUXlaZXp0dXRramRH
WWZnTzdFMHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBH
MA0GCSqGSIb3DQEBCwUAA4IBAQACAsUum7Bk0tUnh8AGK9Opz8f3GIy2E7Uxcu2w
+WhefmMrpkRcUVttEqwzAtM/7a16ujFe7tvBdqTPxHMkG4HXDpSRgIeNeOkxUokj
AemeGKEuKF+hCSl4l5y2xRSamoYveQ0Famav0n1Sss/CXh8W8fXewSw25HICSIKj
6u9LsXTYzIrl72Ad2Mjt6uFh2y2h7ac8xPpoecUw2VjDe+PWwXbO4GmEH/RvbBSF
A5SabeLMgH7iFf5NNdRXWjHC8d2iL1Cl7EaEnwlzxF5fcHSaMfaKibqzmbtyoWIe
2X/XfTL2/ZiJPbs4d64V/kRAMEqYuNNRhQPdCOholj1WMSJ9
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:02:52 2025 by rpki-client