Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/S-uZIJwCgaLYxk05isnSofIVLUk.roa
File: S-uZIJwCgaLYxk05isnSofIVLUk.roa (raw, json)
Hash identifier: h0TWvbn0NK3jg7WuQOs9QMioXSakQ/QKx+VFql+tGSY=
Subject key identifier: 4B:EB:99:20:9C:02:81:A2:D8:C6:4D:39:8A:C9:D2:A1:F2:15:2D:49
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0E4D
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/S-uZIJwCgaLYxk05isnSofIVLUk.roa
Signing time: Fri 07 Jul 2023 10:00:01 +0000
ROA not before: Fri 07 Jul 2023 10:00:01 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 142005
IP address blocks: 210.242.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3661 (0xe4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Jul 7 10:00:01 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=4BEB99209C0281A2D8C64D398AC9D2A1F2152D49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c1:7b:93:17:37:47:a1:04:84:b3:ff:4e:0d:
71:83:04:d4:a6:95:0a:29:c8:9a:a4:0e:07:3e:02:
68:b0:44:28:f6:8d:f4:a7:bf:4e:3c:3c:63:1f:4f:
c2:2a:3d:bb:fc:19:db:8f:2a:4f:4a:8f:10:7a:fe:
10:fc:bc:5d:0e:69:d2:a7:28:d3:b3:50:44:56:7a:
2a:41:37:8f:9f:d8:a9:14:c7:03:3c:de:5d:a2:e8:
8c:37:b8:1f:32:ec:54:1d:79:51:7d:48:e0:68:63:
35:58:a8:6f:86:9a:0f:de:3b:fa:bf:3d:53:24:5f:
23:7e:a0:eb:0c:c2:35:be:6f:cd:82:b5:79:91:a1:
1d:b9:60:13:99:de:f0:9a:0c:5f:b4:e4:bb:b4:10:
b9:13:6d:5a:0f:40:a3:fd:34:32:9c:5f:40:38:a8:
21:63:ff:75:04:cf:a2:b5:47:c4:88:aa:80:76:23:
4e:2d:ce:4a:e5:60:26:c4:84:e5:3f:1e:58:6b:22:
a7:02:93:dc:e4:9c:ad:00:2f:67:a7:39:e2:f7:fb:
cf:56:3c:88:a4:72:fb:d6:a1:03:d4:79:89:68:40:
f9:b1:a8:fd:e1:d3:2d:b2:9c:9a:f7:25:f7:5e:18:
75:2a:5e:c5:ed:a2:be:37:c4:8e:dc:82:2a:c3:ec:
3e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:EB:99:20:9C:02:81:A2:D8:C6:4D:39:8A:C9:D2:A1:F2:15:2D:49
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/S-uZIJwCgaLYxk05isnSofIVLUk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.242.186.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:a5:31:7e:70:77:ef:61:69:8f:ba:cc:86:5c:cd:2d:ff:0e:
69:0a:45:bc:e3:29:13:a1:dd:5e:29:bd:59:11:53:2b:fe:c2:
c5:2e:a6:52:28:dc:05:8e:d5:ee:b3:80:63:d3:cc:06:c6:9d:
dc:85:70:8f:d7:2a:67:6e:10:86:54:83:bf:bc:f7:51:7d:1d:
75:ce:51:0a:3e:80:b1:fb:9e:54:5c:7a:f6:c9:4d:2b:00:25:
f5:c7:f5:3e:61:93:a6:06:9d:d2:d6:67:c5:95:e0:1a:2c:ef:
77:89:36:f7:3f:0f:46:87:8e:87:1b:c4:91:52:ea:76:22:c8:
f4:b5:14:d5:ff:92:e1:93:84:b1:d2:e9:d4:8a:61:ab:45:72:
28:19:8e:6b:57:10:14:b2:08:76:ba:2b:73:22:4d:0b:c5:63:
cb:1f:1a:d3:22:57:6c:ad:f5:3c:2d:68:e6:37:18:ba:5e:b8:
13:de:9a:fb:35:7f:5c:88:9d:9d:3f:a7:2d:c9:6e:65:9b:1f:
20:86:ea:03:de:61:e8:ae:e2:e7:ae:0b:97:7f:a5:b4:ff:65:
0f:dd:88:0f:ec:b9:92:8a:07:67:03:e3:c4:ed:e9:99:6c:f0:
21:0c:22:05:fd:ed:e8:88:a1:ee:71:28:47:ed:d9:50:af:15:
1c:8e:c2:ad
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDk0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMzA3MDcx
MDAwMDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRCRUI5OTIwOUMwMjgx
QTJEOEM2NEQzOThBQzlEMkExRjIxNTJENDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+wXuTFzdHoQSEs/9ODXGDBNSmlQopyJqkDgc+AmiwRCj2jfSn
v048PGMfT8IqPbv8GduPKk9KjxB6/hD8vF0OadKnKNOzUERWeipBN4+f2KkUxwM8
3l2i6Iw3uB8y7FQdeVF9SOBoYzVYqG+Gmg/eO/q/PVMkXyN+oOsMwjW+b82CtXmR
oR25YBOZ3vCaDF+05Lu0ELkTbVoPQKP9NDKcX0A4qCFj/3UEz6K1R8SIqoB2I04t
zkrlYCbEhOU/HlhrIqcCk9zknK0AL2enOeL3+89WPIikcvvWoQPUeYloQPmxqP3h
0y2ynJr3JfdeGHUqXsXtor43xI7cgirD7D7RAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUS+uZIJwCgaLYxk05isnSofIVLUkwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9TLXVaSUp3Q2dhTFl4azA1aXNu
U29mSVZMVWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0vK6
MA0GCSqGSIb3DQEBCwUAA4IBAQBrpTF+cHfvYWmPusyGXM0t/w5pCkW84ykTod1e
Kb1ZEVMr/sLFLqZSKNwFjtXus4Bj08wGxp3chXCP1ypnbhCGVIO/vPdRfR11zlEK
PoCx+55UXHr2yU0rACX1x/U+YZOmBp3S1mfFleAaLO93iTb3Pw9Gh46HG8SRUup2
Isj0tRTV/5Lhk4Sx0unUimGrRXIoGY5rVxAUsgh2uitzIk0LxWPLHxrTIldsrfU8
LWjmNxi6XrgT3pr7NX9ciJ2dP6ctyW5lmx8ghuoD3mHoruLnrguXf6W0/2UP3YgP
7LmSigdnA+PE7emZbPAhDCIF/e3oiKHucShH7dlQrxUcjsKt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org