Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2snphrozuXfMigwG_9ccXtia1sU.roa
File: 2snphrozuXfMigwG_9ccXtia1sU.roa (raw, json)
Hash identifier: 4DxBJateVNI35OibMxW+S6XZ1+LAVRbJKDG+d9NtabQ=
Subject key identifier: DA:C9:E9:86:BA:33:B9:77:CC:8A:0C:06:FF:D7:1C:5E:D8:9A:D6:C5
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C49
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2snphrozuXfMigwG_9ccXtia1sU.roa
Signing time: Wed 29 Sep 2021 02:51:06 +0000
ROA not before: Wed 29 Sep 2021 02:51:06 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 10126
IP address blocks: 220.128.80.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3145 (0xc49)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:51:06 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=DAC9E986BA33B977CC8A0C06FFD71C5ED89AD6C5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:12:d5:af:f8:a6:9e:4a:64:82:54:22:11:05:
aa:79:77:85:ff:7f:c7:dc:8e:fb:c8:d3:40:f0:76:
e3:bc:7b:ab:53:64:11:ab:8c:5b:32:a0:fd:3a:9a:
d8:8e:fb:c6:09:3a:99:9e:5e:18:03:19:f7:ba:a9:
3f:32:fc:2d:6c:b4:3c:44:07:12:00:37:c8:1d:40:
f7:8d:a5:f9:6d:79:3a:8e:ef:c0:85:88:bb:fc:ce:
88:69:e6:0e:db:c6:3f:05:01:dd:aa:a2:bc:65:88:
7e:11:e2:27:a8:0c:e7:d8:31:0b:a3:8c:e9:6b:89:
d9:b3:92:c7:cc:b9:1c:6c:e9:0d:b3:48:12:8d:c2:
2c:84:db:71:83:30:bc:51:5e:9c:c9:41:15:89:f9:
a2:74:de:6c:94:ca:68:c4:77:d5:11:36:ce:4d:75:
1c:a2:67:bc:b6:9f:d4:b4:a9:0b:f5:3a:de:0b:8a:
e8:af:53:f9:5a:3d:fa:df:d8:2e:ed:c3:c2:f0:5c:
99:35:18:fe:c8:e3:6c:fa:5a:8b:f0:69:bf:b4:bc:
b4:ab:30:d7:8b:28:b3:1a:a4:eb:9d:fc:7d:ac:ae:
45:c3:d8:33:0d:49:e9:88:68:de:89:9d:db:b9:a6:
96:d8:95:25:c8:87:aa:77:6c:c7:57:22:75:25:f0:
c5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C9:E9:86:BA:33:B9:77:CC:8A:0C:06:FF:D7:1C:5E:D8:9A:D6:C5
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2snphrozuXfMigwG_9ccXtia1sU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.80.0/20
Signature Algorithm: sha256WithRSAEncryption
cd:fb:dc:ef:a7:aa:5c:46:be:54:0a:4c:58:83:25:c2:95:bc:
e8:61:51:0c:99:ef:b5:9e:da:71:92:77:18:42:4d:dd:c8:51:
25:cf:1c:ed:0d:df:c8:8a:aa:02:a5:91:98:af:ac:2a:20:73:
eb:27:3f:68:4c:87:72:7d:82:64:84:45:3c:d5:27:83:78:95:
d8:7e:17:b9:0b:24:cc:38:b9:37:7f:f4:df:d2:9b:7a:c6:29:
1a:14:ca:aa:74:69:df:53:1f:c5:9c:9a:6b:7e:88:2b:a2:55:
e2:60:0a:a1:5e:e5:97:18:68:7f:09:92:bf:d6:da:66:84:ec:
3a:49:42:17:c8:8a:06:5f:4d:7f:81:71:70:6e:d4:09:52:65:
e0:fc:51:b8:5a:b3:9b:e9:5f:94:e0:26:e5:be:43:fa:4e:bc:
46:9a:f2:ee:10:87:36:3a:48:60:58:ef:f5:79:d8:e4:88:91:
d1:e2:6b:6d:d8:cf:94:c6:39:28:a8:e1:0b:bc:9e:cc:45:8b:
e4:04:c2:8d:4e:e7:2b:39:ba:a2:87:f7:4a:a1:2b:c9:7c:bf:
f0:b0:44:98:75:53:e0:6a:88:e7:e3:24:f7:dd:49:33:e6:43:
d3:4b:15:24:e8:a7:39:51:fe:eb:81:f1:99:80:37:7e:2f:b3:
7e:31:41:b5
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDEkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKERBQzlFOTg2QkEzM0I5
NzdDQzhBMEMwNkZGRDcxQzVFRDg5QUQ2QzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXEtWv+KaeSmSCVCIRBap5d4X/f8fcjvvI00DwduO8e6tTZBGr
jFsyoP06mtiO+8YJOpmeXhgDGfe6qT8y/C1stDxEBxIAN8gdQPeNpflteTqO78CF
iLv8zohp5g7bxj8FAd2qorxliH4R4ieoDOfYMQujjOlridmzksfMuRxs6Q2zSBKN
wiyE23GDMLxRXpzJQRWJ+aJ03myUymjEd9URNs5NdRyiZ7y2n9S0qQv1Ot4Liuiv
U/laPfrf2C7tw8LwXJk1GP7I42z6Wovwab+0vLSrMNeLKLMapOud/H2srkXD2DMN
SemIaN6Jndu5ppbYlSXIh6p3bMdXInUl8MWbAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2snphrozuXfMigwG/9ccXtia1sUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8yc25waHJvenVYZk1pZ3dHXzlj
Y1h0aWExc1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE3IBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQDN+9zvp6pcRr5UCkxYgyXClbzoYVEMme+1ntpx
kncYQk3dyFElzxztDd/IiqoCpZGYr6wqIHPrJz9oTIdyfYJkhEU81SeDeJXYfhe5
CyTMOLk3f/Tf0pt6xikaFMqqdGnfUx/FnJprfogrolXiYAqhXuWXGGh/CZK/1tpm
hOw6SUIXyIoGX01/gXFwbtQJUmXg/FG4WrOb6V+U4CblvkP6TrxGmvLuEIc2Okhg
WO/1edjkiJHR4mtt2M+UxjkoqOELvJ7MRYvkBMKNTucrObqih/dKoSvJfL/wsESY
dVPgaojn4yT33Ukz5kPTSxUk6Kc5Uf7rgfGZgDd+L7N+MUG1
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org