Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/KPG3DhmRQXSPGHs2MeRS4F2-sZY.roa
File: KPG3DhmRQXSPGHs2MeRS4F2-sZY.roa (raw, json)
Hash identifier: 9HEkMzwSRV34zr6Z7Rr1VeiMU/SiO2DzleuW01XO4DQ=
Subject key identifier: 28:F1:B7:0E:19:91:41:74:8F:18:7B:36:31:E4:52:E0:5D:BE:B1:96
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/KPG3DhmRQXSPGHs2MeRS4F2-sZY.roa
Signing time: Thu 15 Sep 2022 02:48:01 +0000
ROA not before: Thu 15 Sep 2022 02:48:01 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9505
IP address blocks: 175.41.48.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3446 (0xd76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 15 02:48:01 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=28F1B70E199141748F187B3631E452E05DBEB196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:eb:4d:e1:4b:19:9f:90:f2:3d:54:dd:cd:eb:
dc:2a:5a:5f:e9:74:54:4b:af:bc:09:0f:54:e2:22:
74:c1:1d:12:99:5c:c1:56:bd:46:c1:26:9c:96:fa:
40:58:ec:86:85:d4:70:13:46:e2:47:76:51:e6:cd:
db:b8:fa:22:72:24:b0:d4:13:c5:e6:9d:c8:39:58:
17:94:a4:36:60:d0:da:74:ae:55:03:5c:68:77:f1:
45:0b:13:39:7a:23:38:b9:44:b6:e2:3b:ac:2d:d7:
ba:6c:33:79:d2:14:14:3b:c1:d4:3d:a7:c9:4d:1e:
88:5e:c1:d2:f0:b4:7f:2e:54:62:a1:78:1d:7c:c9:
ec:df:25:e6:79:84:7b:ee:97:e7:da:4a:24:cd:5c:
f6:83:b1:9a:fc:65:4a:8f:87:22:b0:41:c6:3b:b2:
b5:02:41:57:b8:c9:82:5f:94:4c:61:b8:06:46:df:
93:80:1b:2b:7a:ef:6e:68:76:6e:18:04:65:a0:1c:
45:c4:8a:4f:7e:93:0b:7b:9c:74:ad:9c:8e:47:b7:
a3:e4:0e:26:01:7c:ec:6c:f9:56:d2:21:b9:ad:01:
2a:58:60:33:ac:9a:c8:de:8c:3a:a1:c6:bf:75:ec:
e7:9a:ba:78:02:a1:55:50:21:f4:27:fe:e1:04:75:
98:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F1:B7:0E:19:91:41:74:8F:18:7B:36:31:E4:52:E0:5D:BE:B1:96
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/KPG3DhmRQXSPGHs2MeRS4F2-sZY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
175.41.48.0/20
Signature Algorithm: sha256WithRSAEncryption
7f:a9:0b:41:4c:bc:8c:75:37:59:fa:4b:b0:6b:b4:7e:f2:1c:
f9:eb:f6:7b:18:09:25:83:cc:84:67:b8:42:5a:6f:c3:41:52:
1e:2a:09:03:35:e0:b4:82:dd:c0:6d:38:3a:09:a7:3a:8f:fc:
7f:f6:3e:11:5a:c6:5a:38:15:04:1b:b0:87:e7:3b:ba:11:c9:
43:4a:ea:c8:8b:ac:d6:79:3a:56:28:41:29:a5:5f:d8:c3:38:
9b:b2:4d:83:eb:a9:bf:e3:7b:e6:d8:81:60:c2:95:4a:ca:1c:
00:2f:ee:e2:ea:77:8d:84:ae:bf:70:94:ff:39:c5:7b:e1:01:
c0:60:1f:ac:99:f4:35:0f:95:b1:3d:41:80:b2:07:8b:46:c6:
15:39:aa:0f:7e:4a:30:b7:2a:a9:54:a5:28:9e:b8:fb:68:5f:
24:40:74:fc:70:c2:5b:54:e4:2f:01:f3:24:41:e9:f9:00:8c:
f8:76:93:ac:75:cc:4e:d9:fe:ff:40:11:72:4d:db:d2:74:95:
7a:81:59:f4:b0:44:17:ab:2f:be:8b:26:90:65:5f:53:ef:25:
87:8a:56:7d:06:66:3f:c6:a5:66:aa:e1:c0:12:af:e3:ab:cb:
63:f3:03:a1:92:be:9d:3d:92:fc:18:c3:41:5a:f2:a1:40:44:
94:70:82:a3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDI4RjFCNzBFMTk5MTQx
NzQ4RjE4N0IzNjMxRTQ1MkUwNURCRUIxOTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk603hSxmfkPI9VN3N69wqWl/pdFRLr7wJD1TiInTBHRKZXMFW
vUbBJpyW+kBY7IaF1HATRuJHdlHmzdu4+iJyJLDUE8Xmncg5WBeUpDZg0Np0rlUD
XGh38UULEzl6Izi5RLbiO6wt17psM3nSFBQ7wdQ9p8lNHohewdLwtH8uVGKheB18
yezfJeZ5hHvul+faSiTNXPaDsZr8ZUqPhyKwQcY7srUCQVe4yYJflExhuAZG35OA
Gyt6725odm4YBGWgHEXEik9+kwt7nHStnI5Ht6PkDiYBfOxs+VbSIbmtASpYYDOs
msjejDqhxr917OeaungCoVVQIfQn/uEEdZiPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUKPG3DhmRQXSPGHs2MeRS4F2+sZYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9LUEczRGhtUlFYU1BHSHMyTWVS
UzRGMi1zWlkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQErykw
MA0GCSqGSIb3DQEBCwUAA4IBAQB/qQtBTLyMdTdZ+kuwa7R+8hz56/Z7GAklg8yE
Z7hCWm/DQVIeKgkDNeC0gt3AbTg6Cac6j/x/9j4RWsZaOBUEG7CH5zu6EclDSurI
i6zWeTpWKEEppV/Ywzibsk2D66m/43vm2IFgwpVKyhwAL+7i6neNhK6/cJT/OcV7
4QHAYB+smfQ1D5WxPUGAsgeLRsYVOaoPfkowtyqpVKUonrj7aF8kQHT8cMJbVOQv
AfMkQen5AIz4dpOsdcxO2f7/QBFyTdvSdJV6gVn0sEQXqy++iyaQZV9T7yWHilZ9
BmY/xqVmquHAEq/jq8tj8wOhkr6dPZL8GMNBWvKhQESUcIKj
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org