Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/MtFN2TKXjqdaucK923ZiaFQJoB0.roa
File: MtFN2TKXjqdaucK923ZiaFQJoB0.roa (raw, json)
Hash identifier: eaAjIjAk31n+fNF0agWcwsNArhsElQSIZGiQGdCSCPs=
Subject key identifier: 32:D1:4D:D9:32:97:8E:A7:5A:B9:C2:BD:DB:76:62:68:54:09:A0:1D
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/MtFN2TKXjqdaucK923ZiaFQJoB0.roa
Signing time: Thu 15 Sep 2022 02:48:09 +0000
ROA not before: Thu 15 Sep 2022 02:48:09 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 3462
IP address blocks: 61.218.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3446 (0xd76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 15 02:48:09 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=32D14DD932978EA75AB9C2BDDB7662685409A01D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b3:f7:a2:20:ad:89:89:60:13:44:46:31:0c:
f5:83:46:28:18:eb:ec:a2:e3:ad:96:24:46:cc:42:
8d:f4:1b:37:29:eb:47:6b:0f:fd:15:7b:3b:8d:e3:
bd:6a:9d:4b:01:c4:40:89:6a:7b:11:fe:3a:aa:91:
3e:6b:35:0e:4d:34:9b:06:56:cf:4f:9b:3a:d9:45:
77:50:9b:fd:6f:e0:d0:99:a5:79:9f:7e:95:b8:7e:
7c:99:05:8b:fb:38:ba:97:7a:d5:f0:cd:31:86:92:
6a:7d:c9:7d:c7:29:0b:1a:b7:fc:d1:61:b1:7e:a0:
a4:6a:9e:f1:05:7a:04:b4:62:05:76:d0:b5:b3:89:
78:73:d9:e5:0b:7d:62:2d:f5:b2:8b:d8:a9:4c:21:
16:62:f0:ca:35:25:f1:ea:60:71:ea:c3:fd:d2:df:
62:64:99:f1:07:83:14:94:0b:d9:10:48:f3:f8:0f:
ff:c2:dc:14:47:66:bc:f0:a2:55:65:3f:7b:cc:a9:
e9:e0:31:46:1f:5a:74:38:17:94:70:ed:71:3a:fb:
70:c6:9d:ee:fc:96:00:30:d4:b9:86:01:54:a7:47:
92:74:d6:f2:11:f7:18:b4:cd:ca:d1:58:05:0c:cb:
9a:f0:d3:71:c2:74:5e:cf:67:ac:f3:ed:7e:3e:5a:
d0:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D1:4D:D9:32:97:8E:A7:5A:B9:C2:BD:DB:76:62:68:54:09:A0:1D
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/MtFN2TKXjqdaucK923ZiaFQJoB0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.218.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bf:6e:58:ce:09:a2:a2:dc:fe:ad:ad:39:42:dc:37:ac:0d:4c:
31:74:87:92:10:91:57:17:90:21:e1:7e:a9:45:72:9e:24:ef:
44:d3:14:31:2d:8f:ee:3d:3e:cf:da:b7:80:91:25:7e:6a:5d:
38:a7:0f:f1:e1:c1:51:b0:a7:5a:2d:48:e2:50:06:e8:d9:0e:
b6:4f:a1:9a:f4:3b:26:77:c7:57:da:df:3b:6c:6f:79:78:dd:
30:17:26:3d:a3:09:7b:bb:b9:f6:21:16:f2:e8:29:ed:0a:01:
03:cb:2a:f8:52:d6:f3:f3:8d:28:f9:ea:54:d2:bc:87:66:e9:
54:12:d2:27:d1:af:aa:6a:ba:27:79:c7:9b:1e:87:f8:1a:d2:
69:19:47:6b:a3:c6:de:d9:a1:82:7a:74:8a:01:eb:e0:74:93:
3a:11:f5:42:db:0c:b8:26:4c:cf:c2:c6:56:64:0f:0c:0c:21:
81:7b:65:ea:ae:03:09:2e:51:0a:03:70:52:3c:41:80:43:e4:
26:fc:0b:d9:d0:af:67:dc:d1:03:81:4a:e8:ba:cc:68:43:28:
e3:6c:d4:dc:7f:9d:e1:1e:6d:66:34:70:f1:5a:15:10:2e:e4:
20:c4:1e:f7:6b:01:76:6d:97:2f:4d:67:e6:e0:55:23:ba:23:
45:dd:99:3c
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MDlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDMyRDE0REQ5MzI5NzhF
QTc1QUI5QzJCRERCNzY2MjY4NTQwOUEwMUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEs/eiIK2JiWATREYxDPWDRigY6+yi462WJEbMQo30Gzcp60dr
D/0VezuN471qnUsBxECJansR/jqqkT5rNQ5NNJsGVs9PmzrZRXdQm/1v4NCZpXmf
fpW4fnyZBYv7OLqXetXwzTGGkmp9yX3HKQsat/zRYbF+oKRqnvEFegS0YgV20LWz
iXhz2eULfWIt9bKL2KlMIRZi8Mo1JfHqYHHqw/3S32JkmfEHgxSUC9kQSPP4D//C
3BRHZrzwolVlP3vMqengMUYfWnQ4F5Rw7XE6+3DGne78lgAw1LmGAVSnR5J01vIR
9xi0zcrRWAUMy5rw03HCdF7PZ6zz7X4+WtAZAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUMtFN2TKXjqdaucK923ZiaFQJoB0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9NdEZOMlRLWGpxZGF1Y0s5MjNa
aWFGUUpvQjAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBPdow
DQYJKoZIhvcNAQELBQADggEBAL9uWM4JoqLc/q2tOULcN6wNTDF0h5IQkVcXkCHh
fqlFcp4k70TTFDEtj+49Ps/at4CRJX5qXTinD/HhwVGwp1otSOJQBujZDrZPoZr0
OyZ3x1fa3ztsb3l43TAXJj2jCXu7ufYhFvLoKe0KAQPLKvhS1vPzjSj56lTSvIdm
6VQS0ifRr6pquid5x5seh/ga0mkZR2ujxt7ZoYJ6dIoB6+B0kzoR9ULbDLgmTM/C
xlZkDwwMIYF7ZequAwkuUQoDcFI8QYBD5Cb8C9nQr2fc0QOBSui6zGhDKONs1Nx/
neEebWY0cPFaFRAu5CDEHvdrAXZtly9NZ+bgVSO6I0XdmTw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org