Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/Hl6hGPRaL0pe61IMQ_nAGVfhRMU.roa
File: Hl6hGPRaL0pe61IMQ_nAGVfhRMU.roa (raw, json)
Hash identifier: NVIRzL71UVNo7abnEO4Mncia6Xlu9bPWr+FJDUx0/Uc=
Subject key identifier: 1E:5E:A1:18:F4:5A:2F:4A:5E:EB:52:0C:43:F9:C0:19:57:E1:44:C5
Certificate issuer: /CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Certificate serial: DE
Authority key identifier: D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/Hl6hGPRaL0pe61IMQ_nAGVfhRMU.roa
Signing time: Mon 10 Feb 2025 14:19:45 +0000
ROA not before: Mon 10 Feb 2025 14:19:45 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 150766
IP address blocks: 157.66.166.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 222 (0xde)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Validity
Not Before: Feb 10 14:19:45 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=1E5EA118F45A2F4A5EEB520C43F9C01957E144C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f5:da:bb:67:15:ff:a9:67:2c:18:90:e4:d7:
6d:e1:84:0a:25:eb:98:92:9c:56:8b:54:84:d7:5e:
f6:cb:3c:46:8f:a9:da:df:2e:c5:36:d0:de:d3:a7:
b1:80:c7:b5:23:da:54:06:25:cb:27:7d:00:c3:d1:
c1:af:8d:73:e6:6f:30:61:20:ec:ac:77:58:94:ee:
a0:04:b9:0a:45:51:cb:36:ee:8d:94:14:ce:e8:4a:
b0:8c:e5:bf:eb:78:9b:3c:1e:b6:aa:9d:f1:ee:8a:
23:71:3a:e5:8f:17:d9:16:fd:94:ff:b0:10:fc:29:
bf:af:4a:28:32:f7:d6:90:01:b6:49:24:41:e4:e3:
c3:14:08:ef:96:90:78:7b:f3:50:18:e6:a0:22:a6:
67:18:62:de:5b:30:1d:a2:3b:e9:8c:25:70:72:66:
2a:0d:0f:6f:52:37:7c:57:73:53:fc:13:52:e4:60:
c9:80:53:d0:7d:e3:65:ec:bb:39:00:70:3a:81:e5:
9a:1a:c4:7c:f1:3b:b5:71:3f:96:1c:ac:98:4c:34:
4f:df:95:5c:34:db:23:ee:d6:48:27:80:ae:61:e1:
93:c1:6f:51:5b:e7:02:df:c6:06:a1:26:9b:05:ec:
24:ec:3c:16:3f:17:4d:ba:e1:f0:57:0f:6d:50:8b:
b6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:5E:A1:18:F4:5A:2F:4A:5E:EB:52:0C:43:F9:C0:19:57:E1:44:C5
X509v3 Authority Key Identifier:
keyid:D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/Hl6hGPRaL0pe61IMQ_nAGVfhRMU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.166.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:e3:13:cb:17:70:a9:73:bd:db:93:53:24:c4:aa:11:6b:db:
e8:e5:8a:b7:93:22:f3:c9:82:e5:4a:f2:21:26:46:64:8b:a2:
89:82:17:21:53:0b:21:f8:9b:42:19:af:65:d2:61:b5:f1:1c:
fb:3a:4d:f8:c3:24:7b:97:10:f2:1a:0e:99:57:54:5d:db:4b:
55:17:0e:df:76:23:57:2c:e0:11:a7:9f:55:ee:db:33:5d:58:
73:df:40:84:30:db:74:41:4b:ae:9e:65:97:6b:57:c3:a6:3b:
1b:98:b8:8b:16:cd:73:58:29:e7:4a:aa:d0:38:8b:86:ae:4d:
35:66:74:81:84:ac:50:de:d1:ef:3c:56:eb:71:f8:18:f0:fe:
aa:55:4d:11:a8:3f:f7:f8:e7:c9:6a:e0:eb:e0:f7:a3:59:2f:
bd:f6:a6:ed:bc:81:10:f8:cf:dd:ab:cc:17:c4:bc:61:35:47:
3f:15:e0:82:df:fb:99:1a:72:b0:33:37:07:4b:5a:b0:3e:4c:
bd:5c:df:bf:d2:68:a3:d1:19:24:a0:46:17:f7:8f:7f:5a:15:
4a:eb:8c:d2:5e:17:cd:ec:51:93:df:ad:9e:06:04:35:de:ea:
19:e2:12:8c:7a:26:af:7f:5c:d4:d9:3c:37:f9:4b:57:fc:83:
79:c7:e1:52
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICAN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDk2
NkI1NTkwOTMyNDE4MEE4OEE0NUUxRjY4M0NGNEQyRUQ5QkNBNTAeFw0yNTAyMTAx
NDE5NDVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDFFNUVBMTE4RjQ1QTJG
NEE1RUVCNTIwQzQzRjlDMDE5NTdFMTQ0QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC99dq7ZxX/qWcsGJDk123hhAol65iSnFaLVITXXvbLPEaPqdrf
LsU20N7Tp7GAx7Uj2lQGJcsnfQDD0cGvjXPmbzBhIOysd1iU7qAEuQpFUcs27o2U
FM7oSrCM5b/reJs8HraqnfHuiiNxOuWPF9kW/ZT/sBD8Kb+vSigy99aQAbZJJEHk
48MUCO+WkHh781AY5qAipmcYYt5bMB2iO+mMJXByZioND29SN3xXc1P8E1LkYMmA
U9B942XsuzkAcDqB5ZoaxHzxO7VxP5YcrJhMNE/flVw02yPu1kgngK5h4ZPBb1Fb
5wLfxgahJpsF7CTsPBY/F0264fBXD21Qi7ZVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUHl6hGPRaL0pe61IMQ/nAGVfhRMUwHwYDVR0jBBgwFoAU2Wa1WQkyQYCoikXh
9oPPTS7ZvKUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTElSVU4v
MldhMVdRa3lRWUNvaWtYaDlvUFBUUzdadktVLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS8yV2ExV1FreVFZQ29pa1hoOW9QUFRTN1p2S1UuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi9IbDZoR1BSYUwwcGU2MUlNUV9u
QUdWZmhSTVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnUKm
MA0GCSqGSIb3DQEBCwUAA4IBAQCl4xPLF3Cpc73bk1MkxKoRa9vo5Yq3kyLzyYLl
SvIhJkZki6KJghchUwsh+JtCGa9l0mG18Rz7Ok34wyR7lxDyGg6ZV1Rd20tVFw7f
diNXLOARp59V7tszXVhz30CEMNt0QUuunmWXa1fDpjsbmLiLFs1zWCnnSqrQOIuG
rk01ZnSBhKxQ3tHvPFbrcfgY8P6qVU0RqD/3+OfJauDr4PejWS+99qbtvIEQ+M/d
q8wXxLxhNUc/FeCC3/uZGnKwMzcHS1qwPky9XN+/0mij0RkkoEYX949/WhVK64zS
XhfN7FGT362eBgQ13uoZ4hKMeiavf1zU2Tw3+UtX/IN5x+FS
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:09:54 2025 by rpki-client