Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/LXtoSpJgUmHZswiB9hbAy0kGt6I.roa
File: LXtoSpJgUmHZswiB9hbAy0kGt6I.roa (raw, json)
Hash identifier: GM42MhwjL/jXp5ThzGGeS/gp3AbxHbtTMHa7/7Cpz7E=
Subject key identifier: 2D:7B:68:4A:92:60:52:61:D9:B3:08:81:F6:16:C0:CB:49:06:B7:A2
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LXtoSpJgUmHZswiB9hbAy0kGt6I.roa
Signing time: Thu 15 Sep 2022 02:48:11 +0000
ROA not before: Thu 15 Sep 2022 02:48:11 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 137280
IP address blocks: 203.69.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3446 (0xd76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 15 02:48:11 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2D7B684A92605261D9B30881F616C0CB4906B7A2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:27:bc:e5:a8:cf:41:b6:9f:1d:10:05:f3:4f:
8a:8a:2f:7f:a6:08:f1:8e:09:e3:c5:05:5c:78:38:
7e:6c:5b:47:03:d7:b6:68:3f:54:a0:10:a5:ca:12:
a1:31:36:e4:18:70:5e:21:ee:84:40:86:6a:96:6c:
e9:a1:78:5c:ec:01:c0:c9:d1:04:07:00:16:9e:3c:
0e:31:fd:ba:69:3b:76:63:31:72:b3:31:d5:1e:30:
0b:aa:ef:a3:f9:44:c0:61:59:10:37:37:10:ad:97:
80:37:ca:0b:8c:6f:2d:01:a3:38:7b:55:15:2c:94:
13:d1:50:65:77:93:29:8e:42:30:66:57:ed:f1:41:
17:12:34:95:a7:f5:99:2a:b5:24:02:c7:e9:86:ef:
2d:b0:36:c5:0b:78:37:36:c7:9a:a4:d4:d4:e2:76:
a8:03:1a:92:36:34:6a:6c:17:04:7a:7a:70:48:8c:
bd:df:5d:f7:17:ab:40:49:dc:09:f5:83:46:28:4b:
0c:a0:19:8f:91:17:fc:95:31:c6:96:c0:ae:b7:a7:
32:9f:69:9a:af:a6:44:2b:e8:85:eb:1c:bb:02:59:
ae:c0:37:40:dd:91:75:23:c8:73:58:a6:17:7a:61:
da:78:a8:45:74:22:b2:b6:07:e6:e7:d1:0f:e3:c7:
b5:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7B:68:4A:92:60:52:61:D9:B3:08:81:F6:16:C0:CB:49:06:B7:A2
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LXtoSpJgUmHZswiB9hbAy0kGt6I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.69.33.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:da:25:1e:be:a9:7d:24:86:04:1f:19:c5:65:89:fa:7e:fd:
9f:2e:d4:ff:a5:71:e8:7f:93:b6:d5:58:64:f8:b2:46:89:8b:
af:9d:4b:6d:4b:86:62:8c:97:d1:8d:19:76:18:f6:02:78:9c:
c3:e8:29:eb:f1:21:75:bf:30:9e:68:85:50:bf:83:9c:30:42:
f9:f6:f5:39:a2:93:40:75:1f:86:e3:e9:70:bb:7e:81:a6:d9:
44:cf:7a:a1:6c:a2:41:8b:d6:57:cc:07:fe:52:96:5a:ee:8e:
b0:cc:96:39:e1:5b:db:f6:60:12:9c:9d:bd:eb:da:57:aa:fe:
57:28:d5:cb:63:fc:83:0e:f8:d7:ba:a8:a2:01:80:44:cf:c9:
d2:22:c7:6a:3c:b1:c2:01:e7:1a:76:8f:0b:b7:e4:ea:9e:6c:
b3:5e:36:5f:89:cb:12:14:36:61:41:a3:d7:74:c8:89:b9:9c:
aa:a7:02:55:47:3f:da:b5:e5:7d:9b:6a:a8:f5:98:e4:d4:89:
06:f2:32:f4:ed:ba:9a:70:e2:43:55:a0:a6:d2:a6:55:b9:33:
ec:5f:42:41:3f:dc:d3:88:77:6d:58:0f:8d:3d:ee:a4:e9:db:
7a:06:eb:fc:33:b6:c5:07:25:b2:74:58:74:77:9d:df:ff:b3:
c5:d4:03:65
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MTFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJEN0I2ODRBOTI2MDUy
NjFEOUIzMDg4MUY2MTZDMENCNDkwNkI3QTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBJ7zlqM9Btp8dEAXzT4qKL3+mCPGOCePFBVx4OH5sW0cD17Zo
P1SgEKXKEqExNuQYcF4h7oRAhmqWbOmheFzsAcDJ0QQHABaePA4x/bppO3ZjMXKz
MdUeMAuq76P5RMBhWRA3NxCtl4A3yguMby0Bozh7VRUslBPRUGV3kymOQjBmV+3x
QRcSNJWn9ZkqtSQCx+mG7y2wNsULeDc2x5qk1NTidqgDGpI2NGpsFwR6enBIjL3f
XfcXq0BJ3An1g0YoSwygGY+RF/yVMcaWwK63pzKfaZqvpkQr6IXrHLsCWa7AN0Dd
kXUjyHNYphd6Ydp4qEV0IrK2B+bn0Q/jx7WlAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQULXtoSpJgUmHZswiB9hbAy0kGt6IwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9MWHRvU3BKZ1VtSFpzd2lCOWhi
QXkwa0d0Nkkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy0Uh
MA0GCSqGSIb3DQEBCwUAA4IBAQCp2iUevql9JIYEHxnFZYn6fv2fLtT/pXHof5O2
1Vhk+LJGiYuvnUttS4ZijJfRjRl2GPYCeJzD6Cnr8SF1vzCeaIVQv4OcMEL59vU5
opNAdR+G4+lwu36BptlEz3qhbKJBi9ZXzAf+UpZa7o6wzJY54Vvb9mASnJ2969pX
qv5XKNXLY/yDDvjXuqiiAYBEz8nSIsdqPLHCAecado8Lt+TqnmyzXjZficsSFDZh
QaPXdMiJuZyqpwJVRz/ateV9m2qo9Zjk1IkG8jL07bqacOJDVaCm0qZVuTPsX0JB
P9zTiHdtWA+NPe6k6dt6Buv8M7bFByWydFh0d53f/7PF1ANl
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org