Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/hFj3zzIC3kJVQ5N8ECiNQ0KaFhU.roa
File: hFj3zzIC3kJVQ5N8ECiNQ0KaFhU.roa (raw, json)
Hash identifier: Zdqik8lYgN2KJrGSPs1RrO0ZghcN5Rr6smOM033pffc=
Subject key identifier: 84:58:F7:CF:32:02:DE:42:55:43:93:7C:10:28:8D:43:42:9A:16:15
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14AA
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hFj3zzIC3kJVQ5N8ECiNQ0KaFhU.roa
Signing time: Mon 10 Feb 2025 14:35:09 +0000
ROA not before: Mon 10 Feb 2025 14:35:09 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 3462
IP address blocks: 118.168.0.0/14 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5290 (0x14aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:09 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=8458F7CF3202DE425543937C10288D43429A1615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:c0:27:4c:d5:34:81:ca:70:5c:97:ee:36:fd:
64:72:33:56:7d:30:e5:e5:aa:10:d2:53:a2:70:74:
c5:d5:8a:9e:36:c2:42:69:90:7a:a5:4f:d0:f7:b1:
f8:78:49:87:80:bd:e5:f6:50:34:c2:4d:ae:56:8d:
c1:80:d4:c4:57:23:23:b2:ce:1c:23:1f:88:b2:ce:
f4:ea:47:47:f7:af:e9:ba:fa:e0:f6:0a:4f:50:e5:
7d:5a:dc:fb:06:0a:23:3f:06:f4:3f:3b:c3:b3:b4:
60:d1:67:c3:49:20:5e:77:2a:df:19:77:3f:73:02:
1a:2a:cf:79:ad:e1:7a:a5:34:c1:eb:10:4b:20:55:
97:db:ef:ff:66:14:67:41:37:18:16:6b:bb:9b:a0:
f2:44:8e:68:fb:19:b2:b9:50:84:63:cb:6e:59:bc:
55:f1:63:91:2d:60:90:b5:95:40:77:b0:62:96:47:
06:79:0d:8b:73:dd:b6:c9:10:64:37:5a:81:0c:b8:
aa:0c:c8:40:fd:61:8d:c2:3d:9c:a4:94:eb:7c:6b:
a7:67:2b:b9:ec:a9:5e:8c:c7:92:6a:84:37:72:7b:
21:8c:4e:85:08:46:fb:bc:2f:65:20:eb:b5:47:38:
13:fe:9e:12:e6:eb:ed:b0:21:ce:8f:e7:0d:d1:5d:
f3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:58:F7:CF:32:02:DE:42:55:43:93:7C:10:28:8D:43:42:9A:16:15
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/hFj3zzIC3kJVQ5N8ECiNQ0KaFhU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.168.0.0/14
Signature Algorithm: sha256WithRSAEncryption
89:1a:75:43:c7:a5:c4:58:f6:03:86:82:a6:8c:c0:6a:a6:72:
89:cd:e0:a4:10:23:e0:38:40:6b:25:a8:88:00:79:23:c2:62:
51:93:c8:5d:bf:83:96:fc:17:15:d6:59:ca:05:89:9e:63:35:
5d:1f:23:8f:f2:dc:eb:fc:e1:e3:05:f1:42:ca:b2:4f:b7:4e:
a0:00:e6:6d:51:a0:6b:2c:cd:b7:16:a6:73:d8:d4:ce:fa:db:
5c:c9:a2:2e:97:63:bc:a9:2f:e0:91:00:c9:50:eb:85:36:c2:
03:f9:52:72:97:0e:50:88:35:07:15:13:b6:02:6d:bc:25:03:
6b:4b:f2:14:e5:9c:98:58:66:e0:7f:86:9f:87:fb:db:cd:bd:
f6:69:14:fc:c0:0d:9a:ac:da:8a:4a:5d:23:51:70:01:b6:9b:
14:d1:de:9d:a6:f8:a6:68:e4:35:c6:24:8e:5e:f5:6a:ae:5c:
66:e7:69:11:19:5a:1a:55:2e:a4:39:01:6d:67:8f:e9:9e:88:
59:e2:aa:87:59:de:d7:9d:fe:05:6d:b8:84:20:28:a4:29:7b:
ea:1a:73:3c:e5:0c:a7:f5:83:87:e5:fb:46:4b:c7:4d:d3:2a:
6a:73:44:24:7f:80:85:f6:0c:27:e3:bf:f7:60:44:f1:79:a2:
81:ad:e3:b4
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICFKowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MDlaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDg0NThGN0NGMzIwMkRF
NDI1NTQzOTM3QzEwMjg4RDQzNDI5QTE2MTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDswCdM1TSBynBcl+42/WRyM1Z9MOXlqhDSU6JwdMXVip42wkJp
kHqlT9D3sfh4SYeAveX2UDTCTa5WjcGA1MRXIyOyzhwjH4iyzvTqR0f3r+m6+uD2
Ck9Q5X1a3PsGCiM/BvQ/O8OztGDRZ8NJIF53Kt8Zdz9zAhoqz3mt4XqlNMHrEEsg
VZfb7/9mFGdBNxgWa7uboPJEjmj7GbK5UIRjy25ZvFXxY5EtYJC1lUB3sGKWRwZ5
DYtz3bbJEGQ3WoEMuKoMyED9YY3CPZyklOt8a6dnK7nsqV6Mx5JqhDdyeyGMToUI
Rvu8L2Ug67VHOBP+nhLm6+2wIc6P5w3RXfPXAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUhFj3zzIC3kJVQ5N8ECiNQ0KaFhUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9oRmozenpJQzNrSlZRNU44RUNp
TlEwS2FGaFUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCdqgw
DQYJKoZIhvcNAQELBQADggEBAIkadUPHpcRY9gOGgqaMwGqmconN4KQQI+A4QGsl
qIgAeSPCYlGTyF2/g5b8FxXWWcoFiZ5jNV0fI4/y3Ov84eMF8ULKsk+3TqAA5m1R
oGsszbcWpnPY1M7621zJoi6XY7ypL+CRAMlQ64U2wgP5UnKXDlCINQcVE7YCbbwl
A2tL8hTlnJhYZuB/hp+H+9vNvfZpFPzADZqs2opKXSNRcAG2mxTR3p2m+KZo5DXG
JI5e9WquXGbnaREZWhpVLqQ5AW1nj+meiFniqodZ3ted/gVtuIQgKKQpe+oaczzl
DKf1g4fl+0ZLx03TKmpzRCR/gIX2DCfjv/dgRPF5ooGt47Q=
-----END CERTIFICATE-----
Generated at Wed Feb 12 03:38:01 2025 by rpki-client on console.sobornost.net