Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Pr660iVOhXpr5wW2rnVQaQHY3e0.roa
File: Pr660iVOhXpr5wW2rnVQaQHY3e0.roa (raw, json)
Hash identifier: tQgu0TGFuA8jhLZDugQhokq4wDprOtaewJgpzlwUT2U=
Subject key identifier: 3E:BE:BA:D2:25:4E:85:7A:6B:E7:05:B6:AE:75:50:69:01:D8:DD:ED
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C25
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Pr660iVOhXpr5wW2rnVQaQHY3e0.roa
Signing time: Wed 29 Sep 2021 02:50:56 +0000
ROA not before: Wed 29 Sep 2021 02:50:56 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 211.23.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3109 (0xc25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:50:56 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=3EBEBAD2254E857A6BE705B6AE75506901D8DDED
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:6c:27:cd:f5:d8:8a:cd:3b:46:16:c2:b3:7b:
73:79:16:f6:ab:6d:e3:89:d9:0e:ef:f6:dd:46:4f:
42:d0:11:ce:19:20:c8:a4:3b:dd:5a:5b:92:e9:aa:
2b:62:ef:66:a2:09:55:8e:6f:82:5c:9b:33:9f:0e:
2d:a7:ac:f5:34:4d:f0:4c:94:b7:53:79:09:9f:51:
0c:49:dd:e2:3b:2c:4d:96:ca:4d:49:4e:d9:f6:e6:
bf:e6:f7:a7:7a:80:e5:e0:2f:ff:00:ee:59:35:86:
77:01:8f:57:1a:a3:0b:ff:ca:c3:76:f8:a7:09:f4:
c8:ed:86:c0:17:26:23:34:3c:17:0d:6f:e5:f9:de:
a9:8b:f9:35:33:c6:89:12:72:b6:00:65:ce:68:4f:
58:cb:93:34:60:0c:fc:3e:a7:ec:30:62:5a:9a:52:
a5:0a:f3:1b:28:62:11:ce:f8:e6:7a:08:0c:94:1c:
80:ef:0a:f0:22:5b:11:00:79:05:be:9d:94:aa:a3:
bf:52:fc:64:5d:63:05:75:52:9f:b4:ad:97:a8:11:
31:54:bc:01:44:bd:e3:0e:bd:c8:ea:0a:1f:25:d5:
56:d7:99:cb:47:9b:18:f6:fc:23:0f:51:44:e9:76:
d1:a5:64:c4:7e:c4:a2:66:87:e9:d3:fe:2d:c1:ae:
10:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BE:BA:D2:25:4E:85:7A:6B:E7:05:B6:AE:75:50:69:01:D8:DD:ED
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Pr660iVOhXpr5wW2rnVQaQHY3e0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.23.0.0/16
Signature Algorithm: sha256WithRSAEncryption
37:0c:db:67:eb:f5:77:b3:51:0e:79:26:b9:04:6e:9d:ae:95:
8f:5f:e8:a6:bc:bd:c1:73:eb:47:7e:32:f4:ab:18:32:71:75:
55:31:72:be:7c:d1:a8:ba:e7:a2:29:4b:b3:cd:3e:f6:b9:ee:
dc:56:76:f0:9a:4c:38:48:03:22:90:e6:d5:4a:df:9f:25:51:
51:db:dd:1b:d9:cb:46:10:12:f8:08:7c:a2:85:c8:9c:22:94:
65:0d:ca:44:0c:11:54:3f:00:62:fd:71:d6:b0:ba:f8:91:bd:
bc:e6:c9:81:29:ec:c2:52:bc:36:80:17:13:61:21:68:d3:2f:
66:1b:0b:6d:72:21:1e:1e:0e:c6:41:2e:61:82:37:7d:2f:64:
5d:a9:eb:40:5e:ea:f7:36:22:21:55:59:ea:cf:06:d2:55:11:
da:11:e3:20:9e:7d:af:95:19:3d:ac:7d:2b:5f:b3:6a:ab:f8:
51:b9:5b:c0:51:53:5f:5f:2d:d5:1f:e0:9f:f6:89:2f:bb:15:
8d:f7:9d:a1:03:51:8c:99:f3:5a:79:25:48:8d:6a:20:42:89:
6e:32:0d:e3:2e:8c:97:c1:ef:72:e1:85:88:96:76:4b:b3:53:
0b:3a:95:8b:fa:55:cd:4d:9a:06:79:32:ac:86:e4:d8:68:81:
96:10:88:92
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDCUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUwNTZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDNFQkVCQUQyMjU0RTg1
N0E2QkU3MDVCNkFFNzU1MDY5MDFEOERERUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDzbCfN9diKzTtGFsKze3N5FvarbeOJ2Q7v9t1GT0LQEc4ZIMik
O91aW5Lpqiti72aiCVWOb4JcmzOfDi2nrPU0TfBMlLdTeQmfUQxJ3eI7LE2Wyk1J
Ttn25r/m96d6gOXgL/8A7lk1hncBj1caowv/ysN2+KcJ9MjthsAXJiM0PBcNb+X5
3qmL+TUzxokScrYAZc5oT1jLkzRgDPw+p+wwYlqaUqUK8xsoYhHO+OZ6CAyUHIDv
CvAiWxEAeQW+nZSqo79S/GRdYwV1Up+0rZeoETFUvAFEveMOvcjqCh8l1VbXmctH
mxj2/CMPUUTpdtGlZMR+xKJmh+nT/i3BrhAdAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUPr660iVOhXpr5wW2rnVQaQHY3e0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9QcjY2MGlWT2hYcHI1d1cycm5W
UWFRSFkzZTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xcw
DQYJKoZIhvcNAQELBQADggEBADcM22fr9XezUQ55JrkEbp2ulY9f6Ka8vcFz60d+
MvSrGDJxdVUxcr580ai656IpS7PNPva57txWdvCaTDhIAyKQ5tVK358lUVHb3RvZ
y0YQEvgIfKKFyJwilGUNykQMEVQ/AGL9cdawuviRvbzmyYEp7MJSvDaAFxNhIWjT
L2YbC21yIR4eDsZBLmGCN30vZF2p60Be6vc2IiFVWerPBtJVEdoR4yCefa+VGT2s
fStfs2qr+FG5W8BRU19fLdUf4J/2iS+7FY33naEDUYyZ81p5JUiNaiBCiW4yDeMu
jJfB73LhhYiWdkuzUws6lYv6Vc1NmgZ5MqyG5NhogZYQiJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org