Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/NvJUh9emyJYYvrNTfrwODC4YMOg.roa
File: NvJUh9emyJYYvrNTfrwODC4YMOg.roa (raw, json)
Hash identifier: 7MYVn3tVyHkuZc3UB0D3ksPLRIDT+KRCRN1sQ92k/Z0=
Subject key identifier: 36:F2:54:87:D7:A6:C8:96:18:BE:B3:53:7E:BC:0E:0C:2E:18:30:E8
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0AA7
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NvJUh9emyJYYvrNTfrwODC4YMOg.roa
Signing time: Sun 07 Feb 2021 11:38:36 +0000
ROA not before: Sun 07 Feb 2021 11:38:36 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 3462
IP address blocks: 211.23.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2727 (0xaa7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 7 11:38:36 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=36F25487D7A6C89618BEB3537EBC0E0C2E1830E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c0:86:46:14:40:15:6e:ea:29:ed:2f:21:51:
34:62:a0:4d:9b:42:8d:6f:80:76:6a:3c:13:cb:24:
d3:28:80:00:3d:e6:06:b6:ef:de:3e:97:82:a8:ed:
32:73:22:28:23:55:c9:8f:aa:a9:95:44:b5:06:8b:
d5:70:cb:fe:ae:ca:29:04:ca:28:43:5f:9b:68:88:
9c:22:3d:d2:ed:7d:d7:94:c3:bc:f5:52:0a:d4:13:
57:93:c6:22:37:34:85:11:a7:d9:7c:70:42:09:22:
7c:ab:72:98:86:4b:55:c2:e0:c0:be:18:8a:2c:3f:
ec:32:62:5a:68:14:f5:ec:de:97:3e:19:dd:4b:0c:
72:34:31:34:6b:f6:2d:58:bd:fb:cf:48:55:cb:b2:
dd:9f:a9:6e:d3:db:5f:dc:3c:34:c4:b0:89:62:79:
46:ef:74:e1:0d:9c:9a:c2:81:7f:48:50:8d:2b:4f:
ed:7a:e7:9f:a6:c3:30:7e:ce:e8:7b:12:fc:6a:b4:
75:d6:41:09:91:51:e9:6d:df:d8:df:d8:98:c0:14:
ec:c5:ac:cf:78:c9:a0:c2:dc:36:cc:e8:d3:c8:7f:
59:f3:ec:1e:3b:19:bb:75:3e:25:df:d7:82:e7:e1:
73:c9:67:ee:62:72:d7:66:e6:e4:71:97:8d:e0:47:
b5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:F2:54:87:D7:A6:C8:96:18:BE:B3:53:7E:BC:0E:0C:2E:18:30:E8
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NvJUh9emyJYYvrNTfrwODC4YMOg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.23.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:1c:aa:db:d7:b2:51:0b:93:e9:92:a6:42:b8:df:78:79:90:
9f:72:9a:60:e4:f1:2d:1d:96:dd:40:74:48:50:55:38:97:93:
94:30:df:1d:6a:a0:1c:76:e8:4c:e0:26:11:c8:a7:67:8e:14:
e3:8c:25:ef:06:d8:c8:42:07:c8:69:eb:0d:bf:e4:99:6c:33:
9e:a6:55:17:0e:74:b6:88:74:5d:58:77:ae:23:da:a4:33:47:
61:a3:a6:16:fe:a2:8d:69:70:e2:dc:37:a4:2d:5e:ed:54:2e:
5d:01:b2:5b:29:09:cf:20:42:bd:51:ff:26:ac:a4:d7:9e:20:
ba:fb:9a:a6:e8:ba:84:69:d7:66:13:56:83:8a:68:a7:b8:05:
a3:e9:89:06:ba:3a:c9:a3:67:f0:f0:11:4f:03:35:1c:d9:e3:
43:dd:2e:b1:57:c5:18:b8:01:3f:2e:a2:2e:c6:be:41:0b:12:
04:ff:ef:06:9d:31:15:0f:c2:f3:1c:12:1d:c0:08:75:3f:67:
19:40:0f:90:78:45:a7:78:37:bb:31:4a:e6:c6:14:d0:41:5f:
94:a3:a2:2a:0c:ab:90:25:fe:a0:44:2c:77:13:cc:af:7f:28:
6c:30:32:99:fe:2b:d5:17:75:a6:06:df:d7:15:1a:02:9a:18:
46:f2:c5:51
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCqcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM4MzZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM2RjI1NDg3RDdBNkM4
OTYxOEJFQjM1MzdFQkMwRTBDMkUxODMwRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzwIZGFEAVbuop7S8hUTRioE2bQo1vgHZqPBPLJNMogAA95ga2
794+l4Ko7TJzIigjVcmPqqmVRLUGi9Vwy/6uyikEyihDX5toiJwiPdLtfdeUw7z1
UgrUE1eTxiI3NIURp9l8cEIJInyrcpiGS1XC4MC+GIosP+wyYlpoFPXs3pc+Gd1L
DHI0MTRr9i1YvfvPSFXLst2fqW7T21/cPDTEsIlieUbvdOENnJrCgX9IUI0rT+16
55+mwzB+zuh7EvxqtHXWQQmRUelt39jf2JjAFOzFrM94yaDC3DbM6NPIf1nz7B47
Gbt1PiXf14Ln4XPJZ+5ictdm5uRxl43gR7UJAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUNvJUh9emyJYYvrNTfrwODC4YMOgwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9OdkpVaDllbXlKWVl2ck5UZnJ3
T0RDNFlNT2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xcw
DQYJKoZIhvcNAQELBQADggEBAAEcqtvXslELk+mSpkK433h5kJ9ymmDk8S0dlt1A
dEhQVTiXk5Qw3x1qoBx26EzgJhHIp2eOFOOMJe8G2MhCB8hp6w2/5JlsM56mVRcO
dLaIdF1Yd64j2qQzR2Gjphb+oo1pcOLcN6QtXu1ULl0BslspCc8gQr1R/yaspNee
ILr7mqbouoRp12YTVoOKaKe4BaPpiQa6OsmjZ/DwEU8DNRzZ40PdLrFXxRi4AT8u
oi7GvkELEgT/7wadMRUPwvMcEh3ACHU/ZxlAD5B4Rad4N7sxSubGFNBBX5SjoioM
q5Al/qBELHcTzK9/KGwwMpn+K9UXdaYG39cVGgKaGEbyxVE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org