Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/mSfzMdxI1BkvGtLqsZ5M3voU8wg.roa
File: mSfzMdxI1BkvGtLqsZ5M3voU8wg.roa (raw, json)
Hash identifier: UTrCCcGlJBymt6kI2LXih70yb2g7gWmORWyJKN1qWcI=
Subject key identifier: 99:27:F3:31:DC:48:D4:19:2F:1A:D2:EA:B1:9E:4C:DE:FA:14:F3:08
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 1472
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/mSfzMdxI1BkvGtLqsZ5M3voU8wg.roa
Signing time: Mon 10 Feb 2025 14:34:55 +0000
ROA not before: Mon 10 Feb 2025 14:34:55 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 9505
IP address blocks: 220.128.48.0/21 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5234 (0x1472)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:34:55 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9927F331DC48D4192F1AD2EAB19E4CDEFA14F308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7c:d2:c6:d8:a1:e6:65:2a:88:45:26:f8:82:
8c:e1:df:49:9b:0b:2a:6b:0f:b1:34:69:26:b9:d2:
1f:d9:67:cb:c7:9b:36:ca:7c:c7:c3:25:7a:e7:1f:
5b:af:f0:b6:3d:2b:a7:27:bb:28:36:8e:b3:67:7e:
6a:5f:82:be:81:f1:a6:8d:1b:bf:22:5a:bd:2d:70:
7f:7c:bd:11:8d:9d:6c:14:03:c7:d6:ea:01:d1:fd:
29:7f:69:43:88:cc:09:d6:80:dd:f9:ca:40:52:2a:
8e:76:d7:e9:27:b2:ce:b7:0c:b0:c8:1e:90:97:ec:
6f:4e:02:db:1b:8c:1d:b2:46:92:de:d5:79:ff:ab:
b8:8b:43:a3:d7:a6:1a:19:de:37:83:5b:d1:3f:a7:
61:04:39:89:7c:f5:32:26:5f:bd:9d:bf:c1:e2:ec:
c5:03:23:d6:d1:94:b4:c5:30:1b:c3:ab:cc:cc:cc:
eb:8c:32:41:99:29:55:5e:8b:a3:f8:7b:2b:13:c5:
40:fc:16:de:56:46:a7:fc:8c:58:78:89:b0:50:b6:
20:6a:34:a8:8c:3d:05:6b:7f:f7:46:4b:b5:01:92:
c1:0d:71:da:21:81:ae:56:8b:f2:76:c4:41:3c:1e:
b3:f3:46:74:af:3c:a6:07:a7:c6:35:4e:ab:e7:28:
c3:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:27:F3:31:DC:48:D4:19:2F:1A:D2:EA:B1:9E:4C:DE:FA:14:F3:08
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/mSfzMdxI1BkvGtLqsZ5M3voU8wg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.48.0/21
Signature Algorithm: sha256WithRSAEncryption
1a:97:a2:48:f9:da:c8:53:2e:e8:97:a1:06:d9:c1:cb:4b:7d:
83:a1:82:2a:1d:5e:d8:16:bd:f4:6b:15:97:02:11:8e:1e:1d:
71:6d:17:7c:83:a3:a5:f6:e9:5a:49:7a:a1:5f:14:6a:2e:94:
75:18:b0:a7:c1:ce:b4:9a:b3:20:94:7b:d8:9c:52:51:db:ea:
07:d0:f5:a6:b5:f2:84:0d:7f:f3:e0:6b:d1:43:8d:bd:93:ba:
02:79:f3:9a:c2:5c:8d:a0:e7:81:23:cc:66:c5:3d:d8:59:02:
09:1c:eb:62:00:66:e3:a2:89:59:1f:18:0e:0a:23:ff:6b:93:
ec:d9:c7:13:de:31:2c:be:83:98:52:eb:fb:9f:4e:55:7b:11:
cf:8d:96:5a:b5:24:a4:36:f7:31:1c:57:4a:9a:dd:f7:88:c3:
d2:98:b6:9a:af:86:68:c3:3b:05:80:15:f6:fb:7b:5a:3e:db:
a2:e6:f4:be:9b:84:a5:04:8c:a1:05:a1:54:33:e7:b6:8f:0b:
d3:a4:c4:8d:99:80:06:15:95:b6:56:8a:0c:56:63:40:51:21:
28:71:9f:40:df:43:18:6b:78:f4:ac:da:ca:69:37:4c:9b:a4:
84:af:c3:1b:25:02:53:9b:03:c3:f1:81:7f:c5:00:1c:a4:43:
d0:58:a0:0c
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICFHIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM0NTVaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDk5MjdGMzMxREM0OEQ0
MTkyRjFBRDJFQUIxOUU0Q0RFRkExNEYzMDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUfNLG2KHmZSqIRSb4gozh30mbCyprD7E0aSa50h/ZZ8vHmzbK
fMfDJXrnH1uv8LY9K6cnuyg2jrNnfmpfgr6B8aaNG78iWr0tcH98vRGNnWwUA8fW
6gHR/Sl/aUOIzAnWgN35ykBSKo521+knss63DLDIHpCX7G9OAtsbjB2yRpLe1Xn/
q7iLQ6PXphoZ3jeDW9E/p2EEOYl89TImX72dv8Hi7MUDI9bRlLTFMBvDq8zMzOuM
MkGZKVVei6P4eysTxUD8Ft5WRqf8jFh4ibBQtiBqNKiMPQVrf/dGS7UBksENcdoh
ga5Wi/J2xEE8HrPzRnSvPKYHp8Y1TqvnKMPvAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUmSfzMdxI1BkvGtLqsZ5M3voU8wgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9tU2Z6TWR4STFCa3ZHdExxc1o1
TTN2b1U4d2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD3IAw
MA0GCSqGSIb3DQEBCwUAA4IBAQAal6JI+drIUy7ol6EG2cHLS32DoYIqHV7YFr30
axWXAhGOHh1xbRd8g6Ol9ulaSXqhXxRqLpR1GLCnwc60mrMglHvYnFJR2+oH0PWm
tfKEDX/z4GvRQ429k7oCefOawlyNoOeBI8xmxT3YWQIJHOtiAGbjoolZHxgOCiP/
a5Ps2ccT3jEsvoOYUuv7n05VexHPjZZatSSkNvcxHFdKmt33iMPSmLaar4ZowzsF
gBX2+3taPtui5vS+m4SlBIyhBaFUM+e2jwvTpMSNmYAGFZW2VooMVmNAUSEocZ9A
30MYa3j0rNrKaTdMm6SEr8MbJQJTmwPD8YF/xQAcpEPQWKAM
-----END CERTIFICATE-----
Generated at Wed Feb 12 03:38:01 2025 by rpki-client on console.sobornost.net