Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/T1P29YaX0U5rhhMNccN0kVFT8n8.roa
File: T1P29YaX0U5rhhMNccN0kVFT8n8.roa (raw, json)
Hash identifier: m4Ku0qgqiY0EhADNAYdV9DYwKh9HH5OJN+iTFpqVhKE=
Subject key identifier: 4F:53:F6:F5:86:97:D1:4E:6B:86:13:0D:71:C3:74:91:51:53:F2:7F
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0AEB
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/T1P29YaX0U5rhhMNccN0kVFT8n8.roa
Signing time: Sun 07 Feb 2021 11:42:04 +0000
ROA not before: Sun 07 Feb 2021 11:42:04 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 10126
IP address blocks: 220.128.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2795 (0xaeb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 7 11:42:04 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=4F53F6F58697D14E6B86130D71C374915153F27F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:49:5c:e5:4a:63:85:32:4e:43:fe:0b:fd:8e:
10:36:56:8d:a6:09:27:7e:0d:5f:f5:26:61:a4:ab:
e9:62:f8:ca:64:0a:50:68:35:15:23:fd:6c:bb:9b:
1d:5c:ac:68:8f:2c:5c:93:50:e4:90:d6:41:bc:49:
cb:43:d5:1b:e3:83:2c:26:a2:d9:22:29:ba:a3:00:
e4:c2:83:d1:10:e1:48:53:f0:3c:10:cd:9c:76:9a:
8f:f2:3b:ff:35:4e:4e:c1:3d:35:de:a8:6d:3f:d4:
b7:03:4c:09:fa:93:10:ac:10:13:a9:78:a3:8f:e3:
4d:0a:88:1d:63:2b:3a:30:54:69:1b:34:6a:d0:bf:
80:68:28:ea:b2:f9:53:89:bf:10:05:80:d2:f8:af:
b4:e0:74:d6:fa:a5:d2:4c:22:85:ae:b0:0f:3d:cd:
cc:c5:ec:b7:d5:2a:07:68:d6:54:39:1a:6e:99:e3:
fb:1c:49:62:c3:06:14:d5:8e:12:99:2c:67:95:bd:
d2:c4:c1:e0:5f:f3:a5:8b:51:77:d0:07:d6:67:9f:
a4:52:44:47:7f:3d:3a:77:1f:be:d8:0f:c2:25:46:
eb:37:8d:4a:31:01:09:6b:0d:98:ee:41:25:0d:27:
ff:2f:10:79:66:27:08:8e:7f:f9:c4:0c:b3:bf:64:
11:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:53:F6:F5:86:97:D1:4E:6B:86:13:0D:71:C3:74:91:51:53:F2:7F
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/T1P29YaX0U5rhhMNccN0kVFT8n8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.56.0/21
Signature Algorithm: sha256WithRSAEncryption
78:ce:c2:2c:99:76:c4:41:42:3d:0e:ea:13:a7:5c:18:11:d8:
e9:22:42:6f:37:f1:38:6f:fe:ab:cc:a3:ff:a4:88:7a:22:f0:
f5:22:34:3f:44:1f:20:d9:8a:ec:b0:9b:b7:4a:fc:80:c5:c0:
8d:7c:46:60:9c:af:36:ba:b3:2e:d3:3b:80:49:bb:e4:0b:97:
53:6e:e5:b7:53:fa:42:12:be:5c:7a:1c:e5:26:63:21:d4:38:
a0:30:39:d2:da:ce:b3:3d:9c:92:ce:df:54:bb:8e:a5:79:66:
bc:4d:4b:be:86:98:d1:44:c9:12:ec:49:64:7b:71:43:35:8d:
f5:d6:c8:b8:68:57:67:6a:23:43:ae:85:ae:8b:95:aa:27:b3:
cf:a3:b9:1e:46:96:58:ee:01:d3:47:e3:56:aa:f4:60:d1:36:
5a:76:65:e0:79:76:31:dd:30:c0:23:55:88:d6:77:f6:3d:9f:
d3:47:5d:82:94:75:33:99:3d:71:30:8b:66:a2:b9:1f:ea:d1:
4a:b5:1e:79:bb:03:95:00:0b:cd:32:23:d6:e8:ac:d8:e5:b5:
81:82:57:e2:91:2f:bd:fc:8e:1f:64:ff:c5:bd:90:9d:3e:08:
ae:9c:e5:52:d5:e0:9b:b8:4b:66:98:35:58:3a:25:6d:61:b5:
79:ea:8b:20
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTQyMDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDRGNTNGNkY1ODY5N0Qx
NEU2Qjg2MTMwRDcxQzM3NDkxNTE1M0YyN0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpSVzlSmOFMk5D/gv9jhA2Vo2mCSd+DV/1JmGkq+li+MpkClBo
NRUj/Wy7mx1crGiPLFyTUOSQ1kG8SctD1RvjgywmotkiKbqjAOTCg9EQ4UhT8DwQ
zZx2mo/yO/81Tk7BPTXeqG0/1LcDTAn6kxCsEBOpeKOP400KiB1jKzowVGkbNGrQ
v4BoKOqy+VOJvxAFgNL4r7TgdNb6pdJMIoWusA89zczF7LfVKgdo1lQ5Gm6Z4/sc
SWLDBhTVjhKZLGeVvdLEweBf86WLUXfQB9Znn6RSREd/PTp3H77YD8IlRus3jUox
AQlrDZjuQSUNJ/8vEHlmJwiOf/nEDLO/ZBFBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUT1P29YaX0U5rhhMNccN0kVFT8n8wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9UMVAyOVlhWDBVNXJoaE1OY2NO
MGtWRlQ4bjgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD3IA4
MA0GCSqGSIb3DQEBCwUAA4IBAQB4zsIsmXbEQUI9DuoTp1wYEdjpIkJvN/E4b/6r
zKP/pIh6IvD1IjQ/RB8g2YrssJu3SvyAxcCNfEZgnK82urMu0zuASbvkC5dTbuW3
U/pCEr5cehzlJmMh1DigMDnS2s6zPZySzt9Uu46leWa8TUu+hpjRRMkS7Elke3FD
NY311si4aFdnaiNDroWui5WqJ7PPo7keRpZY7gHTR+NWqvRg0TZadmXgeXYx3TDA
I1WI1nf2PZ/TR12ClHUzmT1xMItmorkf6tFKtR55uwOVAAvNMiPW6KzY5bWBglfi
kS+9/I4fZP/FvZCdPgiunOVS1eCbuEtmmDVYOiVtYbV56osg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org