Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/coTD0YX306KBAicyD5Q8nLy0f-k.roa
File: coTD0YX306KBAicyD5Q8nLy0f-k.roa (raw, json)
Hash identifier: b1IYN1ShyCwJhS2cu0unK2BmokjqWIZcQUYfFKtX+Fo=
Subject key identifier: 72:84:C3:D1:85:F7:D3:A2:81:02:27:32:0F:94:3C:9C:BC:B4:7F:E9
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1491
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/coTD0YX306KBAicyD5Q8nLy0f-k.roa
Signing time: Mon 10 Feb 2025 14:35:03 +0000
ROA not before: Mon 10 Feb 2025 14:35:03 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 61.220.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5265 (0x1491)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:03 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=7284C3D185F7D3A2810227320F943C9CBCB47FE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:cd:60:40:2b:31:66:31:7c:59:14:91:3a:0e:
ae:01:b9:e5:d6:aa:49:cd:30:11:64:22:cf:71:53:
77:d4:db:ca:11:d1:eb:65:de:74:87:58:04:5a:28:
2f:7c:bf:ff:96:b1:83:46:c1:f6:7f:e1:c4:9f:cc:
d4:bb:c6:45:32:0d:1c:cf:6a:ef:ef:34:d4:ce:14:
30:18:97:34:09:1e:ce:a8:2d:8c:68:3d:74:45:05:
a2:81:b8:e3:17:30:fe:ee:c2:7f:42:a4:a2:22:17:
6a:97:61:94:61:c1:81:41:0b:59:39:db:2d:08:02:
03:59:ff:77:41:c8:62:a3:d6:cd:75:92:92:61:e2:
26:45:06:f2:8f:67:a2:b9:30:b1:0f:b6:3c:20:22:
6e:1a:c2:4e:ec:0a:de:55:fb:3d:49:7e:af:17:6c:
04:21:d0:a1:e4:d6:ad:6c:f4:f7:c1:95:84:33:e9:
5b:fc:72:a2:21:36:61:80:d2:bb:43:3b:c7:c7:48:
f7:a1:d7:69:7e:38:71:f4:65:d1:f9:d7:fd:61:31:
3d:f7:2c:16:3a:59:95:d2:cb:d8:e6:bc:7a:cc:6e:
1f:de:57:41:96:2f:d5:34:7b:b2:88:17:a9:9d:20:
2d:31:8c:54:f6:b1:b1:fe:fb:f8:19:f3:e4:eb:5d:
09:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:84:C3:D1:85:F7:D3:A2:81:02:27:32:0F:94:3C:9C:BC:B4:7F:E9
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/coTD0YX306KBAicyD5Q8nLy0f-k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.220.0.0/14
Signature Algorithm: sha256WithRSAEncryption
17:8f:e2:a5:11:ff:2c:5e:e6:1f:c8:67:82:32:e8:09:4c:ae:
0a:be:b7:d5:33:ab:a1:21:d4:56:44:e3:92:44:10:ff:e9:8c:
60:bb:4e:43:d4:0b:8b:84:ea:15:ed:f0:52:c4:06:a1:f4:35:
86:ab:4b:81:78:ad:a5:e1:27:d5:6e:5e:dc:18:f5:d7:44:9c:
8e:f1:f3:63:0c:12:3f:41:fc:00:06:85:f3:12:43:1a:5e:63:
c0:25:03:5e:61:ba:42:72:be:97:1a:c2:d2:17:45:e1:f9:5f:
fc:93:f7:f4:ad:e1:19:03:a1:15:83:04:73:da:cc:80:d2:f5:
6a:36:2b:49:73:74:d6:42:c3:d1:8e:5f:0f:be:da:4b:26:66:
42:64:b3:f7:2e:14:eb:86:0d:10:b7:e6:22:39:e9:bd:4a:4a:
c8:69:c7:d8:e4:f6:b8:11:56:c8:05:0a:1b:04:2f:84:4b:4b:
26:1f:df:8b:6d:94:91:1a:9b:b8:89:1f:45:f7:11:8e:db:41:
a1:9c:9d:32:1e:ba:ec:75:79:82:52:a4:73:a1:13:97:9d:ea:
96:bc:5c:65:89:89:fb:7e:00:5f:11:ed:1e:76:b8:f7:13:7e:
2f:d2:f6:25:f9:f6:4e:01:e2:2f:2b:e3:9d:06:e0:0c:9c:26:
f3:be:a3:e6
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFJEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MDNaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDcyODRDM0QxODVGN0Qz
QTI4MTAyMjczMjBGOTQzQzlDQkNCNDdGRTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuzWBAKzFmMXxZFJE6Dq4BueXWqknNMBFkIs9xU3fU28oR0etl
3nSHWARaKC98v/+WsYNGwfZ/4cSfzNS7xkUyDRzPau/vNNTOFDAYlzQJHs6oLYxo
PXRFBaKBuOMXMP7uwn9CpKIiF2qXYZRhwYFBC1k52y0IAgNZ/3dByGKj1s11kpJh
4iZFBvKPZ6K5MLEPtjwgIm4awk7sCt5V+z1Jfq8XbAQh0KHk1q1s9PfBlYQz6Vv8
cqIhNmGA0rtDO8fHSPeh12l+OHH0ZdH51/1hMT33LBY6WZXSy9jmvHrMbh/eV0GW
L9U0e7KIF6mdIC0xjFT2sbH++/gZ8+TrXQkfAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUcoTD0YX306KBAicyD5Q8nLy0f+kwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9jb1REMFlYMzA2S0JBaWN5RDVR
OG5MeTBmLWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCPdww
DQYJKoZIhvcNAQELBQADggEBABeP4qUR/yxe5h/IZ4Iy6AlMrgq+t9Uzq6Eh1FZE
45JEEP/pjGC7TkPUC4uE6hXt8FLEBqH0NYarS4F4raXhJ9VuXtwY9ddEnI7x82MM
Ej9B/AAGhfMSQxpeY8AlA15hukJyvpcawtIXReH5X/yT9/St4RkDoRWDBHPazIDS
9Wo2K0lzdNZCw9GOXw++2ksmZkJks/cuFOuGDRC35iI56b1KSshpx9jk9rgRVsgF
ChsEL4RLSyYf34ttlJEam7iJH0X3EY7bQaGcnTIeuux1eYJSpHOhE5ed6pa8XGWJ
ift+AF8R7R52uPcTfi/S9iX59k4B4i8r450G4AycJvO+o+Y=
-----END CERTIFICATE-----
Generated at Wed Feb 12 03:38:01 2025 by rpki-client on console.sobornost.net