Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/nTtVPWXvLQa0lqdmhXkumt-tHpo.roa
File: nTtVPWXvLQa0lqdmhXkumt-tHpo.roa (raw, json)
Hash identifier: ZTK1TpwR4d5CThHuWaSsvty5OwM3FOyxkr/rIIr4Xd4=
Subject key identifier: 9D:3B:55:3D:65:EF:2D:06:B4:96:A7:66:85:79:2E:9A:DF:AD:1E:9A
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 14A0
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nTtVPWXvLQa0lqdmhXkumt-tHpo.roa
Signing time: Mon 10 Feb 2025 14:35:07 +0000
ROA not before: Mon 10 Feb 2025 14:35:07 +0000
ROA not after: Tue 26 Aug 2025 01:57:03 +0000
asID: 54994
IP address blocks: 61.221.181.128/25 maxlen: 25
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5280 (0x14a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 10 14:35:07 2025 GMT
Not After : Aug 26 01:57:03 2025 GMT
Subject: CN=9D3B553D65EF2D06B496A76685792E9ADFAD1E9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8f:3f:c9:a0:6a:3c:0b:3a:04:d6:d3:c3:82:
7e:e5:fe:4a:47:a3:2d:d2:fd:7f:84:42:fe:3f:94:
ee:6d:bb:fb:c7:80:2e:83:c9:0a:b9:e0:e6:84:52:
6b:fa:bb:93:aa:3a:3b:c5:3f:d1:f4:20:71:6f:29:
72:1b:58:97:53:7c:f4:96:09:3f:f9:a8:f6:69:93:
d7:6d:4d:40:01:e8:61:1c:85:26:f0:54:55:0c:63:
74:8d:23:da:7b:1d:17:e0:99:d9:40:bf:e7:cb:53:
f0:89:89:57:ca:c9:94:c0:6a:0e:09:4b:9e:c4:68:
2f:78:62:23:e3:78:ec:29:29:81:58:49:53:60:f3:
c1:b2:3e:2f:f9:8f:ab:01:a4:6d:2f:eb:e0:6c:65:
8f:07:25:45:42:95:1f:94:23:cf:60:55:9b:c1:8f:
c9:6a:86:2b:73:af:96:11:36:73:54:cd:b9:39:d4:
36:0d:fd:b0:e7:a9:47:80:df:e0:e1:2c:96:61:03:
ae:2f:ed:50:08:9d:ab:58:1c:cd:5a:f7:cf:cf:89:
4a:6f:05:7d:08:e2:eb:31:79:41:3d:27:6b:51:6d:
21:43:51:6c:e7:bf:c7:9b:9b:de:3d:e5:b2:9c:52:
08:2d:14:db:09:04:62:c3:2e:71:03:0b:8e:49:df:
92:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3B:55:3D:65:EF:2D:06:B4:96:A7:66:85:79:2E:9A:DF:AD:1E:9A
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nTtVPWXvLQa0lqdmhXkumt-tHpo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.221.181.128/25
Signature Algorithm: sha256WithRSAEncryption
7c:c9:ad:00:39:7b:3e:4a:b1:7f:b5:94:f3:b2:82:db:0e:29:
96:07:b5:49:85:e4:89:52:e3:22:d7:b9:41:26:c0:44:93:de:
d1:97:77:5c:3c:a0:5d:02:0f:f2:d1:da:bd:82:9d:9e:99:6e:
24:14:43:75:71:06:5d:41:d5:bf:c0:84:54:57:d9:83:9b:4e:
72:b8:d7:5e:b0:70:bb:97:49:d0:b2:9c:7e:fb:f1:f6:83:13:
7b:ce:13:ce:a5:d3:ab:c8:3c:62:1a:f0:04:5b:c7:17:55:4a:
0c:a5:03:32:5b:ec:71:37:4a:31:ed:57:3c:bc:51:d3:dd:ce:
57:f1:02:1b:26:45:df:e0:7c:27:de:10:19:8a:45:e3:37:35:
54:11:06:0f:0c:4c:5c:91:dd:e6:55:c8:9d:b8:68:ee:93:7b:
9b:e9:c6:5c:70:dc:10:6f:ca:6d:89:77:30:85:36:36:d3:8d:
32:bb:6d:88:87:50:fe:bc:be:7e:bd:4e:d3:9c:17:c9:20:15:
91:c2:16:c5:e5:48:f7:db:cb:ce:1a:9b:08:61:6b:ef:c5:ff:
ef:59:ea:cf:5e:36:dc:a1:73:c1:62:91:3f:61:d8:13:10:a0:
41:dd:32:63:9c:34:6b:37:f5:31:75:81:8e:d9:16:21:d0:9c:
48:45:2c:94
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICFKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yNTAyMTAx
NDM1MDdaFw0yNTA4MjYwMTU3MDNaMDMxMTAvBgNVBAMTKDlEM0I1NTNENjVFRjJE
MDZCNDk2QTc2Njg1NzkyRTlBREZBRDFFOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2jz/JoGo8CzoE1tPDgn7l/kpHoy3S/X+EQv4/lO5tu/vHgC6D
yQq54OaEUmv6u5OqOjvFP9H0IHFvKXIbWJdTfPSWCT/5qPZpk9dtTUAB6GEchSbw
VFUMY3SNI9p7HRfgmdlAv+fLU/CJiVfKyZTAag4JS57EaC94YiPjeOwpKYFYSVNg
88GyPi/5j6sBpG0v6+BsZY8HJUVClR+UI89gVZvBj8lqhitzr5YRNnNUzbk51DYN
/bDnqUeA3+DhLJZhA64v7VAInatYHM1a98/PiUpvBX0I4usxeUE9J2tRbSFDUWzn
v8ebm9495bKcUggtFNsJBGLDLnEDC45J35IBAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQUnTtVPWXvLQa0lqdmhXkumt+tHpowHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9uVHRWUFdYdkxRYTBscWRtaFhr
dW10LXRIcG8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHPd21
gDANBgkqhkiG9w0BAQsFAAOCAQEAfMmtADl7Pkqxf7WU87KC2w4plge1SYXkiVLj
Ite5QSbARJPe0Zd3XDygXQIP8tHavYKdnpluJBRDdXEGXUHVv8CEVFfZg5tOcrjX
XrBwu5dJ0LKcfvvx9oMTe84TzqXTq8g8YhrwBFvHF1VKDKUDMlvscTdKMe1XPLxR
093OV/ECGyZF3+B8J94QGYpF4zc1VBEGDwxMXJHd5lXInbho7pN7m+nGXHDcEG/K
bYl3MIU2NtONMrttiIdQ/ry+fr1O05wXySAVkcIWxeVI99vLzhqbCGFr78X/71nq
z1423KFzwWKRP2HYExCgQd0yY5w0azf1MXWBjtkWIdCcSEUslA==
-----END CERTIFICATE-----
Generated at Wed Feb 12 03:38:01 2025 by rpki-client on console.sobornost.net