Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/HOSTIN/1/322e35382e3234302e302f32342d3234203d3e2039363738.roa
File: 322e35382e3234302e302f32342d3234203d3e2039363738.roa (raw, json)
Hash identifier: 8WByk8O4kwdnsBSn9Y+LA4Eu51CWVBIY6jyU3fmAQP4=
Subject key identifier: 4A:E1:EA:B1:F9:75:9D:8B:78:3C:10:AE:38:E2:1A:9A:F0:76:51:2E
Certificate issuer: /CN=BDC7715D29F4E43198D59315B71674EE9F648F6D
Certificate serial: 54B07B3B82FAB5D2B7B19BE2D13A26DF169BA458
Authority key identifier: BD:C7:71:5D:29:F4:E4:31:98:D5:93:15:B7:16:74:EE:9F:64:8F:6D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/3/BDC7715D29F4E43198D59315B71674EE9F648F6D.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/HOSTIN/1/322e35382e3234302e302f32342d3234203d3e2039363738.roa
Signing time: Mon 11 May 2026 17:39:05 +0000
ROA not before: Mon 11 May 2026 17:34:05 +0000
ROA not after: Mon 10 May 2027 17:39:05 +0000
asID: 9678
IP address blocks: 2.58.240.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:b0:7b:3b:82:fa:b5:d2:b7:b1:9b:e2:d1:3a:26:df:16:9b:a4:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDC7715D29F4E43198D59315B71674EE9F648F6D
Validity
Not Before: May 11 17:34:05 2026 GMT
Not After : May 10 17:39:05 2027 GMT
Subject: CN=4AE1EAB1F9759D8B783C10AE38E21A9AF076512E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:5b:b6:b7:6c:8d:d6:f9:9e:df:cf:d5:c5:dc:
fb:1a:a2:aa:4a:af:a4:fc:ea:3a:5c:76:97:eb:b6:
61:87:e2:96:3f:15:9f:8c:1c:77:33:45:c4:2a:1b:
ac:cf:52:88:3a:2a:e7:23:54:5b:7c:ad:6d:77:aa:
41:d0:55:9e:97:b0:e9:bd:24:32:c7:04:7b:53:96:
a2:65:f6:32:5e:5f:7f:e4:70:0a:af:4f:3c:56:89:
c4:2b:6e:5a:73:33:87:db:47:00:12:c5:72:4c:8b:
c8:76:0a:3a:6e:1f:74:b6:0d:a3:d9:3e:a1:09:62:
03:5d:aa:3b:7e:22:19:9c:d0:72:1f:6f:17:43:fb:
84:12:dd:ee:26:93:18:91:13:35:b2:ba:b7:33:7b:
9b:70:44:34:6c:6d:42:dc:e1:fd:32:fd:13:e4:70:
2c:d5:6c:8f:01:d3:62:17:c2:f2:40:e8:89:95:10:
06:a4:ab:c7:68:a7:6b:0e:09:c5:ee:0e:2f:47:b5:
4d:12:f4:f4:ac:21:77:7d:ca:f6:23:0c:90:16:4f:
0f:20:cb:53:c1:98:be:3e:dc:ce:6e:32:5e:72:bd:
59:16:d5:e8:0e:bf:bd:74:34:e0:24:33:f4:1d:46:
34:25:c4:c9:60:4d:cc:83:a8:69:ec:ed:9a:25:32:
52:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E1:EA:B1:F9:75:9D:8B:78:3C:10:AE:38:E2:1A:9A:F0:76:51:2E
X509v3 Authority Key Identifier:
keyid:BD:C7:71:5D:29:F4:E4:31:98:D5:93:15:B7:16:74:EE:9F:64:8F:6D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/HOSTIN/1/BDC7715D29F4E43198D59315B71674EE9F648F6D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/3/BDC7715D29F4E43198D59315B71674EE9F648F6D.cer
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/HOSTIN/1/322e35382e3234302e302f32342d3234203d3e2039363738.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.240.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:53:26:a9:73:15:4d:7a:09:cc:3d:37:1e:73:9c:25:44:b2:
d0:c0:eb:26:dc:62:2c:7f:15:bf:7e:f3:ec:b5:da:5a:d7:63:
63:72:87:6e:4b:ef:d2:61:48:c8:c4:c8:fc:9f:d4:cf:11:1f:
83:b9:f7:0d:5b:4b:54:9b:11:c3:04:08:93:14:62:0f:8a:b6:
07:8d:4d:e4:d2:10:c8:9c:20:f4:40:29:6b:cf:10:c4:1e:7a:
65:7b:b8:ad:bf:41:ca:e4:ab:86:93:1c:07:e0:ab:5a:74:be:
3f:5a:31:b4:05:6a:26:16:7d:3a:04:6c:19:72:3b:b9:c8:78:
a3:50:66:46:78:90:92:75:76:8e:c1:9d:ab:4f:c2:c6:c3:64:
cb:d6:27:83:12:63:55:74:d5:e3:61:0d:90:ac:00:ab:e2:40:
e2:99:7b:95:e2:17:85:65:32:51:b7:f8:ca:64:94:57:af:41:
63:71:5e:39:b8:c4:2b:37:bf:44:a8:ea:02:8c:3d:60:bc:1f:
f4:22:de:92:9a:15:10:31:d3:70:69:cc:b3:b9:d9:ed:af:8a:
a5:10:d6:22:29:0a:ac:50:14:2a:47:81:2f:54:0f:7b:dd:3c:
6d:e0:74:f0:a2:39:f8:e1:a3:a9:48:6e:54:51:49:fc:9f:b8:
06:d5:0b:4a
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIUVLB7O4L6tdK3sZvi0Tom3xabpFgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkRDNzcxNUQyOUY0RTQzMTk4RDU5MzE1QjcxNjc0RUU5
RjY0OEY2RDAeFw0yNjA1MTExNzM0MDVaFw0yNzA1MTAxNzM5MDVaMDMxMTAvBgNV
BAMTKDRBRTFFQUIxRjk3NTlEOEI3ODNDMTBBRTM4RTIxQTlBRjA3NjUxMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEW7a3bI3W+Z7fz9XF3PsaoqpK
r6T86jpcdpfrtmGH4pY/FZ+MHHczRcQqG6zPUog6KucjVFt8rW13qkHQVZ6XsOm9
JDLHBHtTlqJl9jJeX3/kcAqvTzxWicQrblpzM4fbRwASxXJMi8h2CjpuH3S2DaPZ
PqEJYgNdqjt+Ihmc0HIfbxdD+4QS3e4mkxiREzWyurcze5twRDRsbULc4f0y/RPk
cCzVbI8B02IXwvJA6ImVEAakq8dop2sOCcXuDi9HtU0S9PSsIXd9yvYjDJAWTw8g
y1PBmL4+3M5uMl5yvVkW1egOv710NOAkM/QdRjQlxMlgTcyDqGns7ZolMlLbAgMB
AAGjggHdMIIB2TAdBgNVHQ4EFgQUSuHqsfl1nYt4PBCuOOIamvB2US4wHwYDVR0j
BBgwFoAUvcdxXSn05DGY1ZMVtxZ07p9kj20wDgYDVR0PAQH/BAQDAgeAMGMGA1Ud
HwRcMFowWKBWoFSGUnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvSE9TVElO
LzEvQkRDNzcxNUQyOUY0RTQzMTk4RDU5MzE1QjcxNjc0RUU5RjY0OEY2RC5jcmww
bwYIKwYBBQUHAQEEYzBhMF8GCCsGAQUFBzAChlNyc3luYzovL3Jwa2ljYS50d25p
Yy50dy9ycGtpL1RXTklDQ0EvMy9CREM3NzE1RDI5RjRFNDMxOThENTkzMTVCNzE2
NzRFRTlGNjQ4RjZELmNlcjB2BggrBgEFBQcBCwRqMGgwZgYIKwYBBQUHMAuGWnJz
eW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvSE9TVElOLzEvMzIyZTM1MzgyZTMy
MzQzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzYzNzM4LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
AjrwMA0GCSqGSIb3DQEBCwUAA4IBAQCjUyapcxVNegnMPTcec5wlRLLQwOsm3GIs
fxW/fvPstdpa12NjcoduS+/SYUjIxMj8n9TPER+DufcNW0tUmxHDBAiTFGIPirYH
jU3k0hDInCD0QClrzxDEHnple7itv0HK5KuGkxwH4KtadL4/WjG0BWomFn06BGwZ
cju5yHijUGZGeJCSdXaOwZ2rT8LGw2TL1ieDEmNVdNXjYQ2QrACr4kDimXuV4heF
ZTJRt/jKZJRXr0FjcV45uMQrN79EqOoCjD1gvB/0It6SmhUQMdNwacyzudntr4ql
ENYiKQqsUBQqR4EvVA973Txt4HTwojn44aOpSG5UUUn8n7gG1QtK
-----END CERTIFICATE-----
Generated at Wed May 13 02:51:36 2026 by rpki-client