Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Ijw9sd30wcKlk1sDwJ2UGbdsFTw.roa
File: Ijw9sd30wcKlk1sDwJ2UGbdsFTw.roa (raw, json)
Hash identifier: nZ7pk8Qep9FsIJ6i/H+swbxDfe8hZ3S0uKa5bxjm5lU=
Subject key identifier: 22:3C:3D:B1:DD:F4:C1:C2:A5:93:5B:03:C0:9D:94:19:B7:6C:15:3C
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0CB3
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Ijw9sd30wcKlk1sDwJ2UGbdsFTw.roa
Signing time: Thu 09 Dec 2021 03:21:43 +0000
ROA not before: Thu 09 Dec 2021 03:21:43 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 220.128.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3251 (0xcb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Dec 9 03:21:43 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=223C3DB1DDF4C1C2A5935B03C09D9419B76C153C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5f:ed:b8:cb:8c:5b:f5:a2:28:22:f9:01:fe:
48:3a:49:6f:c9:f9:f6:3d:0d:21:d1:d3:86:cd:ab:
e9:51:20:5a:d3:3d:5c:b6:ef:69:ba:66:38:26:87:
6f:bc:c3:4b:2a:68:63:d9:1b:0a:8d:29:3c:3c:15:
34:c3:2a:73:a8:d5:88:b2:ef:88:ea:0d:f3:94:0b:
11:28:5f:b2:3d:fe:f2:ca:8d:69:27:e4:4a:89:7f:
87:3f:12:9d:a1:ca:11:49:fb:2d:df:79:11:e1:f2:
70:8b:43:6f:86:c0:18:4c:a2:30:82:d1:f3:29:34:
23:2a:14:ae:e6:20:6c:08:f9:e3:d1:2f:05:48:07:
04:59:f0:bf:0c:e6:a8:53:c7:f3:7a:98:96:c0:63:
19:1c:c0:b9:6d:27:80:ea:71:51:66:d6:63:2b:8c:
a5:47:dd:0e:f7:ed:48:05:a4:75:98:82:b8:15:17:
16:65:46:17:8b:f2:9b:40:52:06:b2:05:b2:fc:18:
89:8a:4a:c8:e3:1c:6b:d9:62:ee:56:a0:eb:ec:d4:
97:93:b2:ba:f6:ae:43:24:d8:53:51:6b:a2:80:e7:
5b:f9:53:ec:01:08:e8:13:e3:44:61:9d:9f:7b:e4:
8c:42:08:d4:58:be:21:bc:72:ec:50:c4:a3:41:c0:
3b:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3C:3D:B1:DD:F4:C1:C2:A5:93:5B:03:C0:9D:94:19:B7:6C:15:3C
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Ijw9sd30wcKlk1sDwJ2UGbdsFTw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.72.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:4e:72:b0:4a:04:ef:4f:6b:38:e5:7d:73:db:80:9c:c1:79:
20:98:df:28:f5:5c:8c:9b:c6:ee:64:85:f0:34:b3:1b:ec:ad:
ad:fd:a2:f6:d4:05:4c:78:68:ba:00:c7:1b:9e:9f:f7:7f:0c:
5d:41:ad:6a:d2:5b:27:28:e0:53:97:f8:71:bd:f9:56:92:2f:
19:dd:33:fd:ff:a3:5c:0e:b9:73:5b:22:71:d1:bd:df:08:49:
72:38:bf:a6:fb:2a:dc:e2:2c:59:aa:4e:07:64:f4:3a:06:0b:
4d:e2:05:79:c1:6e:13:8b:79:2a:9d:e9:d2:a0:af:ee:1d:80:
26:69:4a:4e:00:46:03:ec:b8:35:3a:56:5b:fa:93:7c:1c:12:
89:2f:25:3e:34:44:a8:49:e8:5f:5f:10:04:06:6f:5a:62:9c:
5e:fe:57:b7:21:fa:2e:28:50:b1:0f:36:c9:11:74:ca:65:c6:
f4:62:ca:ee:a2:58:99:87:63:c9:40:9a:68:5f:48:de:3a:f3:
08:d7:f7:6c:2d:f5:0c:c0:59:9c:96:bd:c9:11:34:f2:b5:61:
06:80:e2:85:ba:60:87:48:7d:03:4a:9a:a3:67:a2:6a:91:e7:
af:4a:bb:3f:62:f2:d6:fa:6e:59:e7:a6:a9:8f:07:b2:a6:45:
fc:0f:b0:f3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDLMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTEyMDkw
MzIxNDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDIyM0MzREIxRERGNEMx
QzJBNTkzNUIwM0MwOUQ5NDE5Qjc2QzE1M0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDDX+24y4xb9aIoIvkB/kg6SW/J+fY9DSHR04bNq+lRIFrTPVy2
72m6Zjgmh2+8w0sqaGPZGwqNKTw8FTTDKnOo1Yiy74jqDfOUCxEoX7I9/vLKjWkn
5EqJf4c/Ep2hyhFJ+y3feRHh8nCLQ2+GwBhMojCC0fMpNCMqFK7mIGwI+ePRLwVI
BwRZ8L8M5qhTx/N6mJbAYxkcwLltJ4DqcVFm1mMrjKVH3Q737UgFpHWYgrgVFxZl
RheL8ptAUgayBbL8GImKSsjjHGvZYu5WoOvs1JeTsrr2rkMk2FNRa6KA51v5U+wB
COgT40RhnZ975IxCCNRYviG8cuxQxKNBwDuLAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUIjw9sd30wcKlk1sDwJ2UGbdsFTwwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9Janc5c2QzMHdjS2xrMXNEd0oy
VUdiZHNGVHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBI
MA0GCSqGSIb3DQEBCwUAA4IBAQCoTnKwSgTvT2s45X1z24CcwXkgmN8o9VyMm8bu
ZIXwNLMb7K2t/aL21AVMeGi6AMcbnp/3fwxdQa1q0lsnKOBTl/hxvflWki8Z3TP9
/6NcDrlzWyJx0b3fCElyOL+m+yrc4ixZqk4HZPQ6BgtN4gV5wW4Ti3kqnenSoK/u
HYAmaUpOAEYD7Lg1OlZb+pN8HBKJLyU+NESoSehfXxAEBm9aYpxe/le3IfouKFCx
DzbJEXTKZcb0YsruoliZh2PJQJpoX0jeOvMI1/dsLfUMwFmclr3JETTytWEGgOKF
umCHSH0DSpqjZ6JqkeevSrs/YvLW+m5Z56apjweypkX8D7Dz
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org