Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/LzAxnNuke233B4SdDahLStEEueE.roa
File: LzAxnNuke233B4SdDahLStEEueE.roa (raw, json)
Hash identifier: ktn/HqHSfzlf96hxlfSldvYQ+kaa4+pTEXz/VO6xCGg=
Subject key identifier: 2F:30:31:9C:DB:A4:7B:6D:F7:07:84:9D:0D:A8:4B:4A:D1:04:B9:E1
Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Certificate serial: 0DDB
Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LzAxnNuke233B4SdDahLStEEueE.roa
Signing time: Wed 12 Feb 2025 01:36:23 +0000
ROA not before: Wed 12 Feb 2025 01:36:23 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 168.95.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3547 (0xddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Validity
Not Before: Feb 12 01:36:23 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=2F30319CDBA47B6DF707849D0DA84B4AD104B9E1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ce:a2:9b:69:bf:21:e3:fb:5d:e2:13:8b:86:
d9:76:67:93:6c:b9:f5:27:83:ee:4e:94:0a:1f:df:
bc:55:cc:f9:f2:99:c5:07:57:0d:b9:2f:0c:7e:be:
fe:ac:b8:1a:0c:16:fa:e6:87:2a:9a:25:1e:c0:36:
ec:8a:16:5b:f9:e6:70:cd:2a:13:dc:8c:41:e1:cc:
f4:e4:38:4e:f8:29:58:0d:c3:3e:7e:ba:35:f6:bc:
00:82:01:21:6d:a2:c8:fc:35:a8:f6:6c:03:ee:59:
49:dd:f6:3b:23:8c:5b:9c:fe:1d:ff:5e:f0:66:5b:
75:bc:5a:b4:80:01:a9:e4:6b:76:0f:42:67:29:ec:
da:18:88:d2:2c:ba:6b:a0:33:78:22:9e:0d:34:71:
59:36:9a:ab:0a:e9:de:b6:11:fc:d9:3b:31:7b:92:
bc:42:0c:39:cd:45:0e:56:37:32:e8:b3:88:16:f6:
f2:6b:71:5b:a6:0c:25:9b:4e:51:4f:4d:0b:37:99:
1d:68:3e:d9:9b:af:2c:ea:ad:d2:9b:7e:3f:40:92:
de:cd:d9:e1:34:ab:40:5c:d9:03:f9:71:0c:7b:41:
8d:ca:b8:26:d6:bf:c4:12:41:49:32:48:5a:17:18:
2d:8a:fd:25:3d:b3:b6:c0:74:62:93:97:bd:d4:b2:
10:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:30:31:9C:DB:A4:7B:6D:F7:07:84:9D:0D:A8:4B:4A:D1:04:B9:E1
X509v3 Authority Key Identifier:
keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LzAxnNuke233B4SdDahLStEEueE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
168.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:7e:52:b7:35:7e:cc:3d:b6:ce:dc:97:e1:da:90:22:c9:d4:
e4:22:e9:27:46:de:0e:71:0a:68:8d:1d:d7:c7:6c:dd:75:da:
e4:ec:16:90:0d:a4:1f:bb:4b:10:49:90:ca:31:ef:9d:69:bf:
a5:8e:9f:69:5d:c0:e6:ad:43:1a:02:b1:df:71:02:8e:a8:9b:
ec:b9:34:93:5c:21:db:d2:9a:da:27:0f:2f:1a:8b:7c:c5:c0:
d8:fc:19:53:c6:70:1a:70:3e:e2:d9:66:d5:4c:bc:e4:e7:02:
02:c3:ed:b1:84:25:4a:c8:03:03:48:a8:4f:e6:e1:e1:ac:1d:
1b:95:a3:b7:1e:a6:7f:87:aa:81:d7:e3:9f:f9:87:25:b6:c4:
9d:a4:09:c1:81:fd:21:30:be:62:34:a9:63:45:19:3a:4b:b1:
93:74:60:6d:8c:9e:0e:55:2f:6c:ba:4e:56:2f:87:bd:82:5b:
4d:5b:ec:8b:4e:5e:b3:99:5e:8c:70:89:5c:e0:f6:bd:27:60:
07:db:28:06:a4:b9:0a:14:40:6e:0a:a0:22:71:e8:97:1c:02:
4e:8c:96:3d:37:51:12:92:e4:04:df:a6:9d:21:bd:21:ba:27:
14:a2:6f:8c:b0:2d:e4:57:9f:c0:71:1f:1b:d7:cd:5e:d7:5b:
fa:78:45:10
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDdswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3
NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yNTAyMTIw
MTM2MjNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDJGMzAzMTlDREJBNDdC
NkRGNzA3ODQ5RDBEQTg0QjRBRDEwNEI5RTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+zqKbab8h4/td4hOLhtl2Z5NsufUng+5OlAof37xVzPnymcUH
Vw25Lwx+vv6suBoMFvrmhyqaJR7ANuyKFlv55nDNKhPcjEHhzPTkOE74KVgNwz5+
ujX2vACCASFtosj8Naj2bAPuWUnd9jsjjFuc/h3/XvBmW3W8WrSAAanka3YPQmcp
7NoYiNIsumugM3ging00cVk2mqsK6d62EfzZOzF7krxCDDnNRQ5WNzLos4gW9vJr
cVumDCWbTlFPTQs3mR1oPtmbryzqrdKbfj9Akt7N2eE0q0Bc2QP5cQx7QY3KuCbW
v8QSQUkySFoXGC2K/SU9s7bAdGKTl73UshArAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQULzAxnNuke233B4SdDahLStEEueEwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp
Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9MekF4bk51a2UyMzNCNFNkRGFo
TFN0RUV1ZUUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAqF8w
DQYJKoZIhvcNAQELBQADggEBAGt+Urc1fsw9ts7cl+HakCLJ1OQi6SdG3g5xCmiN
HdfHbN112uTsFpANpB+7SxBJkMox751pv6WOn2ldwOatQxoCsd9xAo6om+y5NJNc
IdvSmtonDy8ai3zFwNj8GVPGcBpwPuLZZtVMvOTnAgLD7bGEJUrIAwNIqE/m4eGs
HRuVo7cepn+HqoHX45/5hyW2xJ2kCcGB/SEwvmI0qWNFGTpLsZN0YG2Mng5VL2y6
TlYvh72CW01b7ItOXrOZXoxwiVzg9r0nYAfbKAakuQoUQG4KoCJx6JccAk6Mlj03
URKS5ATfpp0hvSG6JxSib4ywLeRXn8BxHxvXzV7XW/p4RRA=
-----END CERTIFICATE-----
Generated at Mon Apr 7 02:00:18 2025 by rpki-client