Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/MvYT0G0mWnijVvIuPW5zLxKpn5U.roa
File: MvYT0G0mWnijVvIuPW5zLxKpn5U.roa (raw, json)
Hash identifier: L9eg2fdOkeh7OY54MxScgGtDOYzAZjSEHCjL9+LGsI8=
Subject key identifier: 32:F6:13:D0:6D:26:5A:78:A3:56:F2:2E:3D:6E:73:2F:12:A9:9F:95
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C23
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/MvYT0G0mWnijVvIuPW5zLxKpn5U.roa
Signing time: Wed 29 Sep 2021 02:50:55 +0000
ROA not before: Wed 29 Sep 2021 02:50:55 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 211.21.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3107 (0xc23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:50:55 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=32F613D06D265A78A356F22E3D6E732F12A99F95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fb:db:8c:8c:b1:69:d0:c9:2f:75:4a:16:3d:
a3:e2:21:c5:a1:c1:4e:1a:df:e8:46:87:f8:26:d1:
c5:37:7d:8c:eb:90:6b:a5:fa:ac:0d:0a:b3:91:8a:
fd:cb:c5:d5:bd:52:34:a8:84:ad:0e:03:fc:ca:e0:
79:6f:89:34:59:7c:60:4e:f6:78:21:7d:1e:6d:36:
33:e5:c1:91:4a:e5:45:1f:b5:60:2c:b9:6d:84:74:
cd:11:11:f6:96:c4:e4:ef:37:6e:be:4a:19:b7:41:
02:b5:52:0a:bf:8e:e2:ac:2e:6f:63:ff:5d:56:9a:
26:2e:53:50:9b:70:6d:df:3d:4a:2c:81:01:89:32:
fc:c9:db:2f:a9:3b:32:03:19:bf:8e:8e:24:1a:0b:
61:49:8f:a1:1f:4e:ea:ab:35:24:9d:65:a1:b3:5e:
6a:85:8c:c2:b8:01:20:34:f1:49:d5:5f:7c:13:7a:
dd:29:c3:26:6d:38:e0:21:29:46:92:2a:ca:fc:0a:
00:bf:71:59:27:70:c9:9f:4d:62:8c:b3:71:3d:7b:
83:bd:38:4c:02:8f:c5:7f:31:2e:e9:a0:b3:72:76:
93:1f:0a:37:1f:96:73:df:68:2d:45:64:4d:c3:ff:
80:ec:56:0b:b3:dc:80:78:07:42:49:7b:4e:62:f1:
c8:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F6:13:D0:6D:26:5A:78:A3:56:F2:2E:3D:6E:73:2F:12:A9:9F:95
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/MvYT0G0mWnijVvIuPW5zLxKpn5U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4c:d5:7a:04:01:c2:8e:d5:03:b4:57:96:85:b4:54:b4:ca:10:
bb:67:4d:63:aa:23:61:f3:ce:58:93:81:46:a9:09:d1:fd:07:
48:56:6e:cc:2f:ea:d9:d5:93:71:71:2f:a1:9b:cd:c3:02:5a:
4a:bf:21:83:1c:7a:a2:40:76:0c:a1:cc:0a:df:dc:7c:73:ad:
74:d8:83:b9:f9:95:e6:e2:d3:4a:b0:76:18:3f:90:3e:bd:bc:
55:d0:02:a6:09:42:38:94:65:11:7a:e3:52:a5:ed:4e:91:8d:
47:fa:17:81:be:56:1f:95:1a:96:d5:80:50:a0:ec:bd:e7:32:
8c:e9:04:9f:9f:ca:cd:3c:15:15:42:e1:73:3b:be:df:6f:d5:
6e:a3:51:34:70:da:51:c1:c0:65:a3:c1:23:99:b3:af:4a:fc:
62:10:0f:4a:66:55:d5:3e:40:aa:ad:99:47:3d:88:b7:3d:9e:
fe:40:77:b3:50:d9:87:52:57:00:b9:2e:39:99:3a:fa:d7:fc:
57:8c:f5:ff:c7:09:6d:de:1f:e1:aa:00:eb:83:08:3e:ab:52:
50:76:e2:f5:02:e7:84:b6:14:8b:f5:43:04:81:cd:0f:2e:5c:
50:93:79:86:24:ad:fb:52:79:33:11:d3:cb:c7:4d:be:c6:e0:
1e:0d:e1:8f
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDCMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUwNTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDMyRjYxM0QwNkQyNjVB
NzhBMzU2RjIyRTNENkU3MzJGMTJBOTlGOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCq+9uMjLFp0MkvdUoWPaPiIcWhwU4a3+hGh/gm0cU3fYzrkGul
+qwNCrORiv3LxdW9UjSohK0OA/zK4HlviTRZfGBO9nghfR5tNjPlwZFK5UUftWAs
uW2EdM0REfaWxOTvN26+Shm3QQK1Ugq/juKsLm9j/11WmiYuU1CbcG3fPUosgQGJ
MvzJ2y+pOzIDGb+OjiQaC2FJj6EfTuqrNSSdZaGzXmqFjMK4ASA08UnVX3wTet0p
wyZtOOAhKUaSKsr8CgC/cVkncMmfTWKMs3E9e4O9OEwCj8V/MS7poLNydpMfCjcf
lnPfaC1FZE3D/4DsVguz3IB4B0JJe05i8ch3AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUMvYT0G0mWnijVvIuPW5zLxKpn5UwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9NdllUMEcwbVduaWpWdkl1UFc1
ekx4S3BuNVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xUw
DQYJKoZIhvcNAQELBQADggEBAEzVegQBwo7VA7RXloW0VLTKELtnTWOqI2HzzliT
gUapCdH9B0hWbswv6tnVk3FxL6GbzcMCWkq/IYMceqJAdgyhzArf3HxzrXTYg7n5
lebi00qwdhg/kD69vFXQAqYJQjiUZRF641Kl7U6RjUf6F4G+Vh+VGpbVgFCg7L3n
MozpBJ+fys08FRVC4XM7vt9v1W6jUTRw2lHBwGWjwSOZs69K/GIQD0pmVdU+QKqt
mUc9iLc9nv5Ad7NQ2YdSVwC5LjmZOvrX/FeM9f/HCW3eH+GqAOuDCD6rUlB24vUC
54S2FIv1QwSBzQ8uXFCTeYYkrftSeTMR08vHTb7G4B4N4Y8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org