Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/hfzQ6UAJJJ8FIsJKXJvJxB8_x1Y.roa
File: hfzQ6UAJJJ8FIsJKXJvJxB8_x1Y.roa (raw, json)
Hash identifier: Z/jNUSfHajhToMje5WHerrN/IMHB3CqmnJi/YUiNYts=
Subject key identifier: 85:FC:D0:E9:40:09:24:9F:05:22:C2:4A:5C:9B:C9:C4:1F:3F:C7:56
Certificate issuer: /CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647
Certificate serial: 05
Authority key identifier: BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/hfzQ6UAJJJ8FIsJKXJvJxB8_x1Y.roa
Signing time: Thu 28 Nov 2024 10:16:14 +0000
ROA not before: Thu 28 Nov 2024 10:16:14 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9678
IP address blocks: 2.58.241.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5 (0x5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BB88A91785A782C8EA3CDDED3E7C1F09DA79F647
Validity
Not Before: Nov 28 10:16:14 2024 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=85FCD0E94009249F0522C24A5C9BC9C41F3FC756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0a:f8:52:6b:5a:80:3e:d3:b3:43:bc:e0:bf:
c0:c6:99:b6:ae:97:d1:62:ab:12:e7:5b:fd:3c:88:
6b:67:85:06:c1:5b:1b:f8:2d:80:f6:f9:89:c6:ed:
2c:f0:f3:d0:60:e8:8d:60:52:5e:91:aa:89:ed:74:
ba:ae:ec:04:7a:98:00:4e:82:2d:9d:fa:a0:c7:2b:
37:7a:d3:6c:2e:43:d5:77:31:99:76:3a:2a:b8:1e:
57:f1:b0:11:2b:58:b6:87:e5:7d:2c:e6:73:42:21:
4c:87:9d:e5:18:d6:e5:23:11:e9:2f:21:77:37:34:
97:e8:21:93:69:17:58:d4:1e:35:17:d2:be:67:9d:
c5:f7:c2:2a:7e:fb:37:c3:ca:90:98:60:c5:db:f9:
6f:dc:15:d9:41:fa:49:cb:55:de:7a:23:7e:64:90:
2d:a1:be:8b:4c:ab:97:1a:fb:fb:8b:80:4b:20:28:
e8:5a:40:62:ec:00:f3:c4:8c:a5:56:e6:95:c5:fa:
be:1e:0e:b3:97:a3:84:cd:d8:e3:80:d9:90:60:e4:
9b:0c:ca:80:f3:e2:35:2c:09:33:a7:bd:a7:95:f9:
88:83:dd:f9:73:6b:68:92:6f:5d:02:46:d4:83:42:
0f:26:8b:58:b7:ee:79:a5:05:74:2d:bf:2b:cf:50:
4a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FC:D0:E9:40:09:24:9F:05:22:C2:4A:5C:9B:C9:C4:1F:3F:C7:56
X509v3 Authority Key Identifier:
keyid:BB:88:A9:17:85:A7:82:C8:EA:3C:DD:ED:3E:7C:1F:09:DA:79:F6:47
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/u4ipF4WngsjqPN3tPnwfCdp59kc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/u4ipF4WngsjqPN3tPnwfCdp59kc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HOSTIN/hfzQ6UAJJJ8FIsJKXJvJxB8_x1Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
2.58.241.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:2e:ca:66:91:0d:3c:a7:fb:22:b7:53:6c:aa:c6:50:3c:69:
42:f1:d9:a9:74:74:c0:48:92:2b:69:6b:4f:7a:9d:ca:67:a0:
a6:ff:4b:20:a3:f8:61:6d:a5:cc:d4:19:b7:73:da:22:37:ca:
8e:61:db:51:81:8b:a6:54:6e:d7:a6:f4:eb:fc:30:49:bd:88:
a3:01:76:74:ba:59:c9:bc:be:14:68:a9:a7:90:f1:c0:a7:26:
32:c3:1a:f8:be:c0:77:55:6d:0b:b5:9c:8b:92:ae:9a:71:4b:
48:28:98:aa:cf:5d:9a:20:e1:e1:53:b7:7d:31:b8:35:98:9b:
2c:f9:df:2e:e7:b7:91:82:15:02:61:20:75:7e:7c:43:8e:55:
74:1a:20:24:ce:c3:55:ba:9b:7a:e4:24:2c:f8:0f:91:79:00:
bc:81:cd:9c:01:86:cb:43:cc:74:e2:40:21:de:5a:53:e2:33:
09:4d:24:11:9e:63:3f:50:39:58:c7:7e:c3:f3:61:21:6f:62:
9d:9f:25:71:75:8f:7b:e6:a1:3e:36:7b:97:4c:c5:88:ce:e4:
e4:f7:b1:f1:49:a4:bc:92:46:35:12:74:da:d3:e5:03:5c:e3:
e8:07:aa:d4:3c:97:52:3d:2d:df:6b:a3:2d:b1:ec:3b:6a:ec:
46:8d:bb:d1
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIBBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCQjg4
QTkxNzg1QTc4MkM4RUEzQ0RERUQzRTdDMUYwOURBNzlGNjQ3MB4XDTI0MTEyODEw
MTYxNFoXDTI1MDgyNjAxNTcwM1owMzExMC8GA1UEAxMoODVGQ0QwRTk0MDA5MjQ5
RjA1MjJDMjRBNUM5QkM5QzQxRjNGQzc1NjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMYK+FJrWoA+07NDvOC/wMaZtq6X0WKrEudb/TyIa2eFBsFbG/gt
gPb5icbtLPDz0GDojWBSXpGqie10uq7sBHqYAE6CLZ36oMcrN3rTbC5D1XcxmXY6
KrgeV/GwEStYtoflfSzmc0IhTIed5RjW5SMR6S8hdzc0l+ghk2kXWNQeNRfSvmed
xffCKn77N8PKkJhgxdv5b9wV2UH6SctV3nojfmSQLaG+i0yrlxr7+4uASyAo6FpA
YuwA88SMpVbmlcX6vh4Os5ejhM3Y44DZkGDkmwzKgPPiNSwJM6e9p5X5iIPd+XNr
aJJvXQJG1INCDyaLWLfueaUFdC2/K89QSkUCAwEAAaOCAe4wggHqMB0GA1UdDgQW
BBSF/NDpQAkknwUiwkpcm8nEHz/HVjAfBgNVHSMEGDAWgBS7iKkXhaeCyOo83e0+
fB8J2nn2RzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IT1NUSU4v
dTRpcEY0V25nc2pxUE4zdFBud2ZDZHA1OWtjLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS91NGlwRjRXbmdzanFQTjN0UG53ZkNkcDU5a2MuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9IT1NUSU4vaGZ6UTZVQUpKSjhGSXNKS1hK
dkp4QjhfeDFZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI6
8TANBgkqhkiG9w0BAQsFAAOCAQEALC7KZpENPKf7IrdTbKrGUDxpQvHZqXR0wEiS
K2lrT3qdymegpv9LIKP4YW2lzNQZt3PaIjfKjmHbUYGLplRu16b06/wwSb2IowF2
dLpZyby+FGipp5DxwKcmMsMa+L7Ad1VtC7Wci5KumnFLSCiYqs9dmiDh4VO3fTG4
NZibLPnfLue3kYIVAmEgdX58Q45VdBogJM7DVbqbeuQkLPgPkXkAvIHNnAGGy0PM
dOJAId5aU+IzCU0kEZ5jP1A5WMd+w/NhIW9inZ8lcXWPe+ahPjZ7l0zFiM7k5Pex
8UmkvJJGNRJ02tPlA1zj6Aeq1DyXUj0t32ujLbHsO2rsRo270Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:59:32 2025 by rpki-client