Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/-DQXHlY-9DjIkZoDSAZr0gZAXE4.roa
File: -DQXHlY-9DjIkZoDSAZr0gZAXE4.roa (raw, json)
Hash identifier: vJ/U2y1pE56ouYK+I25PS4N6l2nNQLcqfxGoKCiltp8=
Subject key identifier: F8:34:17:1E:56:3E:F4:38:C8:91:9A:03:48:06:6B:D2:06:40:5C:4E
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0A78
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/-DQXHlY-9DjIkZoDSAZr0gZAXE4.roa
Signing time: Sun 07 Feb 2021 11:37:56 +0000
ROA not before: Sun 07 Feb 2021 11:37:56 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 3462
IP address blocks: 118.160.0.0/13 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2680 (0xa78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 7 11:37:56 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F834171E563EF438C8919A0348066BD206405C4E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3a:26:1d:cf:89:d6:20:83:c9:29:28:91:26:
9a:26:95:1f:0c:6c:ed:95:14:80:fd:70:73:93:84:
ce:0c:0d:5a:2d:54:05:3a:d4:85:f8:94:54:6e:a0:
c0:92:23:4b:85:12:4b:af:b0:27:b4:74:de:a1:48:
38:2a:6e:5c:4d:51:03:11:71:45:ae:c0:2b:cd:75:
df:32:4e:46:b7:1a:ab:11:86:9f:bf:d4:a7:f4:f2:
0b:b5:c1:48:1c:a7:ab:f0:46:9e:72:0e:0f:e7:ea:
6f:5f:fb:4d:ff:36:6f:ed:8e:77:fc:e6:a0:9f:fe:
6d:81:88:c9:e3:1d:78:63:c8:2e:e9:7d:3d:be:06:
8b:8e:b7:58:17:27:40:46:59:70:62:8f:89:c0:3a:
c2:0e:15:39:3c:bc:9d:81:9c:f0:8e:19:2b:5a:f7:
67:25:af:90:f7:be:77:98:f0:ca:97:fc:7a:17:2a:
3f:84:1e:68:17:4a:8e:55:b2:82:43:ec:9a:c3:04:
6e:48:79:c4:b3:c0:0a:f1:d2:d9:d0:10:87:43:16:
ed:6f:f4:5f:56:95:fb:34:f5:04:bd:7f:18:da:e2:
31:97:af:a6:57:20:c5:0b:d8:66:21:8d:5f:6c:68:
af:ee:1c:db:a5:04:59:60:b1:48:9c:b7:d4:97:ba:
27:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:34:17:1E:56:3E:F4:38:C8:91:9A:03:48:06:6B:D2:06:40:5C:4E
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/-DQXHlY-9DjIkZoDSAZr0gZAXE4.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.160.0.0/13
Signature Algorithm: sha256WithRSAEncryption
6d:78:2d:95:87:11:f1:03:cd:20:97:7e:a9:97:61:53:de:23:
bc:bc:96:d9:c2:ee:b0:37:2e:3a:51:98:0b:18:72:d9:ad:80:
c5:49:10:13:89:88:6f:6c:eb:a8:a3:7a:10:f6:61:68:13:fd:
0e:29:a9:ae:0d:e5:ca:f4:85:1a:12:9e:c5:9e:1b:5d:cf:99:
33:09:23:c6:34:9b:d7:04:fa:be:2c:5f:c0:77:3b:84:af:c8:
fa:fa:c2:24:51:d3:cb:23:b5:b8:ed:6e:e2:d5:31:56:78:dd:
69:e8:8b:b7:98:b8:84:8d:f9:74:68:dc:f2:b6:c4:1d:ec:73:
9e:7a:77:3e:7f:f3:09:e5:03:15:f4:a0:c4:d9:04:2d:c0:c3:
35:c0:bf:98:ca:bd:f0:78:66:97:c8:e0:c5:d9:bc:87:a8:27:
ce:6f:1e:96:e1:78:c5:8c:60:46:0b:b8:4f:3d:22:9b:9b:4e:
83:44:7a:85:6d:e5:f9:92:f8:5c:8b:43:04:cc:d9:96:22:fa:
83:09:71:aa:4c:97:5c:c6:9d:e1:a8:88:8f:7b:dc:74:64:40:
d4:9c:27:dc:8a:1b:44:98:56:67:79:44:56:9c:11:bd:e8:5a:
a9:8d:db:c3:32:bb:8d:48:fa:7f:24:2a:a4:80:67:b6:a5:6d:
9b:f1:87:78
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCngwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM3NTZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY4MzQxNzFFNTYzRUY0
MzhDODkxOUEwMzQ4MDY2QkQyMDY0MDVDNEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+OiYdz4nWIIPJKSiRJpomlR8MbO2VFID9cHOThM4MDVotVAU6
1IX4lFRuoMCSI0uFEkuvsCe0dN6hSDgqblxNUQMRcUWuwCvNdd8yTka3GqsRhp+/
1Kf08gu1wUgcp6vwRp5yDg/n6m9f+03/Nm/tjnf85qCf/m2BiMnjHXhjyC7pfT2+
BouOt1gXJ0BGWXBij4nAOsIOFTk8vJ2BnPCOGSta92clr5D3vneY8MqX/HoXKj+E
HmgXSo5VsoJD7JrDBG5IecSzwArx0tnQEIdDFu1v9F9Wlfs09QS9fxja4jGXr6ZX
IMUL2GYhjV9saK/uHNulBFlgsUict9SXuicfAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQU+DQXHlY+9DjIkZoDSAZr0gZAXE4wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8tRFFYSGxZLTlEaklrWm9EU0Fa
cjBnWkFYRTQucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMDdqAw
DQYJKoZIhvcNAQELBQADggEBAG14LZWHEfEDzSCXfqmXYVPeI7y8ltnC7rA3LjpR
mAsYctmtgMVJEBOJiG9s66ijehD2YWgT/Q4pqa4N5cr0hRoSnsWeG13PmTMJI8Y0
m9cE+r4sX8B3O4SvyPr6wiRR08sjtbjtbuLVMVZ43Wnoi7eYuISN+XRo3PK2xB3s
c556dz5/8wnlAxX0oMTZBC3AwzXAv5jKvfB4ZpfI4MXZvIeoJ85vHpbheMWMYEYL
uE89IpubToNEeoVt5fmS+FyLQwTM2ZYi+oMJcapMl1zGneGoiI973HRkQNScJ9yK
G0SYVmd5RFacEb3oWqmN28Myu41I+n8kKqSAZ7albZvxh3g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org