Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/BL4K6FcwPqTbZMGJ3QM3bLEq5fQ.roa
File: BL4K6FcwPqTbZMGJ3QM3bLEq5fQ.roa (raw, json)
Hash identifier: n0Nc2m3ildMUKxjmxK0XbDba5Ck6N52pa7GYBbsz7w8=
Subject key identifier: 04:BE:0A:E8:57:30:3E:A4:DB:64:C1:89:DD:03:37:6C:B1:2A:E5:F4
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C2B
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/BL4K6FcwPqTbZMGJ3QM3bLEq5fQ.roa
Signing time: Wed 29 Sep 2021 02:50:58 +0000
ROA not before: Wed 29 Sep 2021 02:50:58 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 218.168.0.0/13 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3115 (0xc2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:50:58 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=04BE0AE857303EA4DB64C189DD03376CB12AE5F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d2:21:90:34:01:82:2a:8b:36:3d:12:69:1e:
e5:8c:2f:dc:4e:3f:1a:55:61:89:c4:6f:6b:14:97:
7f:d6:15:49:96:b0:37:e9:05:52:cb:31:9c:8a:ec:
3d:44:f7:25:90:8f:19:57:b8:31:9b:8f:e2:7d:e7:
aa:f5:06:69:89:13:e6:19:d6:c7:54:48:e6:6f:35:
0f:a9:c1:a8:fd:4a:68:b9:fb:20:22:bd:21:f3:81:
88:46:54:a0:99:72:d9:f0:23:a7:c8:35:3d:ee:1d:
9f:38:df:27:d6:32:de:ec:2b:59:cd:f2:7a:d2:bd:
2e:f8:72:e7:3f:dc:5c:84:aa:29:1d:8e:51:f1:c9:
ba:a2:b2:f0:da:05:40:13:66:19:b2:a4:d0:32:ab:
b4:90:a5:76:6d:4c:ab:29:a7:3f:53:86:ef:69:36:
27:99:ad:b4:5b:31:c4:70:33:f6:ed:78:59:a6:cb:
90:73:96:7b:d3:4c:e6:12:5b:9b:3d:3a:24:5d:65:
b2:65:97:19:a5:06:5a:bd:52:0d:35:bc:2c:84:fb:
62:c1:e8:1c:4c:b0:4a:01:28:d8:c0:60:c9:cb:bb:
2b:26:3d:f6:3d:b9:c1:e7:39:f4:42:24:05:e4:6f:
be:88:10:dd:0d:78:c4:00:02:f5:c6:84:9c:5a:66:
b5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BE:0A:E8:57:30:3E:A4:DB:64:C1:89:DD:03:37:6C:B1:2A:E5:F4
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/BL4K6FcwPqTbZMGJ3QM3bLEq5fQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.168.0.0/13
Signature Algorithm: sha256WithRSAEncryption
2d:4a:51:cf:e7:5a:68:cc:1c:ce:e1:06:2a:fb:da:75:59:6e:
fd:36:c2:cd:89:55:f1:c6:da:ca:61:04:db:9a:8d:a3:5c:f2:
00:f1:30:2e:3b:b1:cb:ca:6c:b8:e9:c6:36:c7:ca:af:64:01:
93:88:c7:a5:9f:b9:a4:fb:b5:c0:9a:0b:eb:ec:48:a7:1a:38:
33:8f:6d:ac:44:3b:74:5a:09:95:0e:4f:f5:2e:f2:03:95:6d:
3a:51:dc:de:db:a2:ca:f6:d1:df:26:f2:42:a6:aa:ed:8a:e8:
42:08:5e:39:f9:68:f8:37:9e:05:21:5a:81:2a:77:d0:cd:59:
a4:ae:4a:a6:4e:7c:26:c6:cb:f9:44:f9:8b:9e:92:8b:ca:cb:
83:1b:91:e4:9b:22:22:2f:04:44:06:19:61:8c:1f:6b:bc:34:
7e:14:0f:d2:f9:9d:ea:9a:cd:2f:29:8e:01:6a:be:c6:a8:16:
86:8b:71:b9:5f:94:0f:ee:53:52:9b:00:87:f3:65:ab:c6:9b:
dc:e0:b7:4b:c5:67:67:15:3d:d7:38:68:47:1e:c3:48:2c:22:
48:c2:f9:0c:f2:92:ba:7a:a6:8a:79:34:21:dd:ad:45:06:81:
8e:62:66:9b:73:b3:7e:ab:04:0b:fc:66:68:0f:fe:21:a3:7f:
e0:13:b4:6f
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDCswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUwNThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA0QkUwQUU4NTczMDNF
QTREQjY0QzE4OUREMDMzNzZDQjEyQUU1RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk0iGQNAGCKos2PRJpHuWML9xOPxpVYYnEb2sUl3/WFUmWsDfp
BVLLMZyK7D1E9yWQjxlXuDGbj+J956r1BmmJE+YZ1sdUSOZvNQ+pwaj9Smi5+yAi
vSHzgYhGVKCZctnwI6fINT3uHZ843yfWMt7sK1nN8nrSvS74cuc/3FyEqikdjlHx
ybqisvDaBUATZhmypNAyq7SQpXZtTKsppz9Thu9pNieZrbRbMcRwM/bteFmmy5Bz
lnvTTOYSW5s9OiRdZbJllxmlBlq9Ug01vCyE+2LB6BxMsEoBKNjAYMnLuysmPfY9
ucHnOfRCJAXkb76IEN0NeMQAAvXGhJxaZrWRAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUBL4K6FcwPqTbZMGJ3QM3bLEq5fQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9CTDRLNkZjd1BxVGJaTUdKM1FN
M2JMRXE1ZlEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD2qgw
DQYJKoZIhvcNAQELBQADggEBAC1KUc/nWmjMHM7hBir72nVZbv02ws2JVfHG2sph
BNuajaNc8gDxMC47scvKbLjpxjbHyq9kAZOIx6WfuaT7tcCaC+vsSKcaODOPbaxE
O3RaCZUOT/Uu8gOVbTpR3N7bosr20d8m8kKmqu2K6EIIXjn5aPg3ngUhWoEqd9DN
WaSuSqZOfCbGy/lE+YuekovKy4MbkeSbIiIvBEQGGWGMH2u8NH4UD9L5neqazS8p
jgFqvsaoFoaLcblflA/uU1KbAIfzZavGm9zgt0vFZ2cVPdc4aEcew0gsIkjC+Qzy
krp6pop5NCHdrUUGgY5iZptzs36rBAv8ZmgP/iGjf+ATtG8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org