Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/NCHC/hlH_VnIkbulFHeU6sP-wZgm4aZo.roa
File: hlH_VnIkbulFHeU6sP-wZgm4aZo.roa (raw, json)
Hash identifier: aaeLthtZSFiyQgS6Kgy79ZiFYzKP92ooKUpjVPN8dnk=
Subject key identifier: 86:51:FF:56:72:24:6E:E9:45:1D:E5:3A:B0:FF:B0:66:09:B8:69:9A
Certificate issuer: /CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Certificate serial: 0DA1
Authority key identifier: ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/hlH_VnIkbulFHeU6sP-wZgm4aZo.roa
Signing time: Fri 22 Aug 2025 08:54:25 +0000
ROA not before: Fri 22 Aug 2025 08:54:25 +0000
ROA not after: Sat 22 Aug 2026 08:14:28 +0000
asID: 7539
IP address blocks: 211.73.64.0/19 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3489 (0xda1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ED38685FF3EA1F46685DE5F57C6A4B8104481891
Validity
Not Before: Aug 22 08:54:25 2025 GMT
Not After : Aug 22 08:14:28 2026 GMT
Subject: CN=8651FF5672246EE9451DE53AB0FFB06609B8699A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:a5:66:74:18:ef:2c:51:50:b1:8c:9f:52:70:
9b:fa:a4:86:24:93:37:f1:b5:8f:fc:5f:1b:67:bd:
26:e5:81:33:f8:02:10:5d:72:3c:7a:a2:e5:81:1d:
5c:ec:f2:84:22:b5:a8:a7:29:e5:a7:f4:da:27:f6:
92:43:a2:d2:39:9a:c4:4f:d2:91:ed:4a:e6:73:19:
d1:53:c7:f3:24:0f:a7:7b:15:e3:a8:6b:a3:93:4c:
e7:93:d2:1c:7d:ba:10:fa:f8:c8:e3:6b:da:bb:11:
0b:48:42:25:5a:a7:35:a3:fc:78:07:bd:3b:8c:e8:
34:26:1b:76:05:ed:2e:24:bb:cb:ba:26:08:4d:34:
90:a3:52:f0:9a:6f:fb:14:55:18:5c:3c:14:e6:4c:
95:e9:06:be:96:4d:96:a1:e3:49:32:98:f6:1b:b9:
e3:22:ef:eb:77:84:99:b3:4b:98:c7:9f:79:81:42:
2a:f2:05:03:2d:42:6a:53:2b:19:90:9e:f1:60:9c:
f3:6f:70:ae:14:53:b8:14:c5:6c:bd:42:36:63:ce:
54:cc:bc:b1:56:27:d8:11:8c:8a:5a:f5:36:c9:75:
8a:ef:cf:d4:ce:eb:fe:48:09:ef:0b:dd:8a:45:e6:
77:cd:f9:4d:85:46:66:28:2f:32:f0:a1:17:f2:d3:
3e:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:51:FF:56:72:24:6E:E9:45:1D:E5:3A:B0:FF:B0:66:09:B8:69:9A
X509v3 Authority Key Identifier:
keyid:ED:38:68:5F:F3:EA:1F:46:68:5D:E5:F5:7C:6A:4B:81:04:48:18:91
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/7ThoX_PqH0ZoXeX1fGpLgQRIGJE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/NCHC/hlH_VnIkbulFHeU6sP-wZgm4aZo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.73.64.0/19
Signature Algorithm: sha256WithRSAEncryption
88:34:fe:35:14:e7:e2:b1:e1:13:e7:c8:7e:c3:8b:6a:84:35:
37:84:5e:12:85:a2:44:9c:8d:48:b3:ce:86:47:ed:3a:78:1d:
22:58:5f:25:b6:d4:e5:a0:02:20:1d:6f:91:c6:e5:f2:6e:4d:
5f:f8:a2:35:1e:99:85:74:40:8d:4f:c4:61:b6:41:55:50:cc:
d6:6b:f7:c2:b5:ae:5c:7c:76:a2:f6:35:f2:07:d6:87:59:0d:
95:b8:2b:1b:1c:aa:4c:db:95:cf:87:bd:b6:a0:ae:0b:f2:8e:
9a:82:4e:05:04:c7:d8:9d:bb:e9:1f:f7:ad:34:84:32:37:bd:
55:b9:12:39:e6:bf:7e:64:7a:57:f9:8f:a2:2e:90:ce:be:31:
16:ce:e5:5d:87:3c:2e:aa:03:83:a7:9f:ea:f1:99:53:9f:3d:
ed:ab:a3:6e:8d:7f:be:a6:e3:65:52:bd:1a:5e:da:ac:f5:6d:
a6:bb:4c:4a:a6:f0:1f:d9:38:33:54:14:0c:e3:52:25:a4:78:
95:1b:70:90:db:f5:b2:5d:ea:2a:94:e8:ac:39:0a:80:82:20:
d5:a8:d2:f9:aa:39:83:a8:9d:f2:f5:c7:a2:bc:2d:18:49:04:
46:42:3c:f3:1a:03:71:02:6d:14:f4:19:9d:f2:35:2e:59:84:
86:f8:76:dc
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICDaEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRUQz
ODY4NUZGM0VBMUY0NjY4NURFNUY1N0M2QTRCODEwNDQ4MTg5MTAeFw0yNTA4MjIw
ODU0MjVaFw0yNjA4MjIwODE0MjhaMDMxMTAvBgNVBAMTKDg2NTFGRjU2NzIyNDZF
RTk0NTFERTUzQUIwRkZCMDY2MDlCODY5OUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqpWZ0GO8sUVCxjJ9ScJv6pIYkkzfxtY/8XxtnvSblgTP4AhBd
cjx6ouWBHVzs8oQitainKeWn9Non9pJDotI5msRP0pHtSuZzGdFTx/MkD6d7FeOo
a6OTTOeT0hx9uhD6+Mjja9q7EQtIQiVapzWj/HgHvTuM6DQmG3YF7S4ku8u6JghN
NJCjUvCab/sUVRhcPBTmTJXpBr6WTZah40kymPYbueMi7+t3hJmzS5jHn3mBQiry
BQMtQmpTKxmQnvFgnPNvcK4UU7gUxWy9QjZjzlTMvLFWJ9gRjIpa9TbJdYrvz9TO
6/5ICe8L3YpF5nfN+U2FRmYoLzLwoRfy0z6pAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUhlH/VnIkbulFHeU6sP+wZgm4aZowHwYDVR0jBBgwFoAU7ThoX/PqH0ZoXeX1
fGpLgQRIGJEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvTkNIQy83
VGhvWF9QcUgwWm9YZVgxZkdwTGdRUklHSkUuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzdUaG9YX1BxSDBab1hlWDFmR3BMZ1FSSUdKRS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL05DSEMvaGxIX1ZuSWtidWxGSGVVNnNQLXda
Z200YVpvLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdNJQDAN
BgkqhkiG9w0BAQsFAAOCAQEAiDT+NRTn4rHhE+fIfsOLaoQ1N4ReEoWiRJyNSLPO
hkftOngdIlhfJbbU5aACIB1vkcbl8m5NX/iiNR6ZhXRAjU/EYbZBVVDM1mv3wrWu
XHx2ovY18gfWh1kNlbgrGxyqTNuVz4e9tqCuC/KOmoJOBQTH2J276R/3rTSEMje9
VbkSOea/fmR6V/mPoi6Qzr4xFs7lXYc8LqoDg6ef6vGZU5897aujbo1/vqbjZVK9
Gl7arPVtprtMSqbwH9k4M1QUDONSJaR4lRtwkNv1sl3qKpTorDkKgIIg1ajS+ao5
g6id8vXHorwtGEkERkI88xoDcQJtFPQZnfI1LlmEhvh23A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:53:37 2025 by rpki-client