Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HYA/KPXOcgSb1A8x_McR8M_39Q45E3s.roa
File: KPXOcgSb1A8x_McR8M_39Q45E3s.roa (raw, json)
Hash identifier: R/oNRrgAfS676Kx8i4u+Z9MhX98ryHZ2FgZJpx8wpXg=
Subject key identifier: 28:F5:CE:72:04:9B:D4:0F:31:FC:C7:11:F0:CF:F7:F5:0E:39:13:7B
Certificate issuer: /CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Certificate serial: 0CA3
Authority key identifier: 0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/KPXOcgSb1A8x_McR8M_39Q45E3s.roa
Signing time: Mon 10 Feb 2025 14:06:25 +0000
ROA not before: Mon 10 Feb 2025 14:06:25 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 131602
IP address blocks: 114.29.240.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3235 (0xca3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0EAE2D331F2C4280C16AA8BAFE16FDDCCE3715B4
Validity
Not Before: Feb 10 14:06:25 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=28F5CE72049BD40F31FCC711F0CFF7F50E39137B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2e:93:7a:da:a6:06:20:26:17:51:6e:27:b8:
ef:f5:11:0f:ad:88:79:83:ec:87:d3:21:b6:ca:a4:
31:93:ec:e1:95:90:41:66:b2:20:a5:6a:d8:23:ad:
8b:59:9a:c8:54:32:64:ea:df:e9:62:4d:3a:56:d6:
1d:1a:b6:aa:75:81:dd:31:be:bf:39:ac:e8:64:ac:
b3:11:04:f5:72:67:e3:01:98:e6:00:ae:a1:24:b8:
ec:25:ea:b6:71:22:7a:f6:bc:e7:4c:f5:a3:8b:93:
64:12:3b:a0:81:7d:29:d2:8c:7c:86:b4:d4:de:03:
39:02:d6:ec:b7:f9:cc:06:72:da:32:f4:d7:52:d5:
3c:44:84:29:57:0a:79:a8:ae:e2:08:69:2d:e7:16:
57:f1:d9:db:5e:1f:26:45:c7:56:e2:2b:dd:ab:19:
92:43:e2:c2:d9:95:35:45:41:64:32:f4:03:1a:1d:
0e:63:fd:db:97:75:fd:37:e6:52:21:a7:89:c5:1a:
80:1b:3b:bc:41:b8:41:b1:1b:16:49:00:18:45:c9:
c6:55:f9:94:3e:68:4f:31:a0:66:7e:ba:a2:91:2a:
0f:f2:97:91:c2:b1:f3:f0:98:e2:9b:54:8f:4b:46:
30:42:d5:a8:7f:2e:e2:14:c6:d1:46:5a:c0:dc:f8:
f2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F5:CE:72:04:9B:D4:0F:31:FC:C7:11:F0:CF:F7:F5:0E:39:13:7B
X509v3 Authority Key Identifier:
keyid:0E:AE:2D:33:1F:2C:42:80:C1:6A:A8:BA:FE:16:FD:DC:CE:37:15:B4
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Dq4tMx8sQoDBaqi6_hb93M43FbQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HYA/KPXOcgSb1A8x_McR8M_39Q45E3s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.29.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:82:10:0b:bc:c7:9b:dd:ac:71:03:a2:02:e7:cd:56:37:76:
49:56:08:29:8b:97:4f:e2:37:bd:6d:7f:d0:0c:38:70:f9:45:
4c:34:ad:14:8e:84:03:92:50:3f:66:53:e9:13:0e:0e:a7:4a:
fb:07:b2:50:ca:b0:79:00:3c:bb:6b:81:f7:49:67:52:29:b0:
2a:55:e1:07:25:ff:6a:35:a6:11:e4:1c:b7:5b:f0:5b:99:be:
90:8a:6a:4e:8e:99:80:af:11:44:26:c9:7e:a8:20:4f:78:4d:
b9:dc:40:3d:44:db:f5:d2:93:64:9b:10:96:5a:ab:ba:e4:29:
03:85:66:65:b5:b3:80:63:05:3c:4e:ac:98:8c:27:3e:0f:f2:
d0:b0:b1:8a:2f:18:31:90:e5:08:bb:95:ca:c0:cd:3b:bd:ca:
50:c6:ab:98:35:57:cf:17:85:cb:de:25:fa:83:4d:43:16:81:
ee:cb:8d:d8:b9:ae:37:d4:e9:cc:fd:99:57:2c:c2:68:94:2f:
d3:a8:50:6a:16:bf:d7:db:e3:5f:47:d5:a6:73:f9:2e:5c:8d:
e5:11:33:e7:d7:4b:cb:27:b7:2e:f0:81:da:03:53:d4:42:6d:
47:8a:5c:b8:69:03:59:c8:09:29:8d:d1:05:8a:77:7b:db:33:
ed:24:d5:3e
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDKMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEVB
RTJEMzMxRjJDNDI4MEMxNkFBOEJBRkUxNkZERENDRTM3MTVCNDAeFw0yNTAyMTAx
NDA2MjVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDI4RjVDRTcyMDQ5QkQ0
MEYzMUZDQzcxMUYwQ0ZGN0Y1MEUzOTEzN0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJLpN62qYGICYXUW4nuO/1EQ+tiHmD7IfTIbbKpDGT7OGVkEFm
siClatgjrYtZmshUMmTq3+liTTpW1h0atqp1gd0xvr85rOhkrLMRBPVyZ+MBmOYA
rqEkuOwl6rZxInr2vOdM9aOLk2QSO6CBfSnSjHyGtNTeAzkC1uy3+cwGctoy9NdS
1TxEhClXCnmoruIIaS3nFlfx2dteHyZFx1biK92rGZJD4sLZlTVFQWQy9AMaHQ5j
/duXdf035lIhp4nFGoAbO7xBuEGxGxZJABhFycZV+ZQ+aE8xoGZ+uqKRKg/yl5HC
sfPwmOKbVI9LRjBC1ah/LuIUxtFGWsDc+PLRAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUKPXOcgSb1A8x/McR8M/39Q45E3swHwYDVR0jBBgwFoAUDq4tMx8sQoDBaqi6
/hb93M43FbQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0Rx
NHRNeDhzUW9EQmFxaTZfaGI5M000M0ZiUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
RHE0dE14OHNRb0RCYXFpNl9oYjkzTTQzRmJRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvSFlBL0tQWE9jZ1NiMUE4eF9NY1I4TV8zOVE0
NUUzcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfAwDQYJ
KoZIhvcNAQELBQADggEBAKCCEAu8x5vdrHEDogLnzVY3dklWCCmLl0/iN71tf9AM
OHD5RUw0rRSOhAOSUD9mU+kTDg6nSvsHslDKsHkAPLtrgfdJZ1IpsCpV4Qcl/2o1
phHkHLdb8FuZvpCKak6OmYCvEUQmyX6oIE94TbncQD1E2/XSk2SbEJZaq7rkKQOF
ZmW1s4BjBTxOrJiMJz4P8tCwsYovGDGQ5Qi7lcrAzTu9ylDGq5g1V88XhcveJfqD
TUMWge7Ljdi5rjfU6cz9mVcswmiUL9OoUGoWv9fb419H1aZz+S5cjeURM+fXS8sn
ty7wgdoDU9RCbUeKXLhpA1nICSmN0QWKd3vbM+0k1T4=
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:48:31 2025 by rpki-client