Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/VmJ6HrASO_HxMGEbwppsR6kBPH0.roa
File: VmJ6HrASO_HxMGEbwppsR6kBPH0.roa (raw, json)
Hash identifier: 9XDheWe0LAPOBzJMGUaIvGukV6eqj9t0spj1Bpe+l0c=
Subject key identifier: 56:62:7A:1E:B0:12:3B:F1:F1:30:61:1B:C2:9A:6C:47:A9:01:3C:7D
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/VmJ6HrASO_HxMGEbwppsR6kBPH0.roa
Signing time: Thu 15 Sep 2022 02:48:13 +0000
ROA not before: Thu 15 Sep 2022 02:48:13 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 3462
IP address blocks: 220.128.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3446 (0xd76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 15 02:48:13 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=56627A1EB0123BF1F130611BC29A6C47A9013C7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:84:51:11:e6:35:a4:68:1c:b5:1f:a5:b3:b5:
ca:86:86:36:54:83:a9:19:3c:14:75:80:86:2c:ec:
cd:c6:74:ba:26:41:e9:80:a4:fb:48:e2:45:7a:c4:
5f:81:e4:10:cf:04:b0:92:44:64:ef:ad:71:a2:d6:
18:d6:a4:18:93:e7:6f:23:38:6c:7d:35:f2:47:bb:
24:6f:d2:ff:4a:01:58:2a:02:e6:2e:09:1d:b6:e9:
b5:fc:2b:22:52:1a:17:30:ae:54:49:a1:da:59:26:
6e:b3:c6:a0:f4:a6:18:53:d1:df:62:14:ea:12:ae:
a4:28:5b:f5:5b:4e:5e:02:a2:92:b7:8f:a5:d4:f7:
6d:21:cf:96:ee:2b:f2:96:30:88:85:2c:79:36:bb:
c2:f4:7c:ba:4e:7c:3d:88:17:a1:9b:65:8f:a7:33:
26:c4:18:2a:1a:a1:c8:fd:03:09:cc:45:29:49:f3:
61:54:9d:01:40:33:62:af:e9:cc:f8:1d:97:d0:0b:
0f:24:ac:fd:49:7e:ab:4a:e7:68:d0:83:90:3f:7f:
46:e0:53:85:67:7f:5c:d2:3e:04:18:d1:7f:81:a6:
c1:13:3b:51:6d:12:6a:73:d7:1e:3d:6b:96:f4:e0:
2b:0d:bf:08:a0:12:76:e0:7a:6f:a4:52:46:21:04:
5a:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:62:7A:1E:B0:12:3B:F1:F1:30:61:1B:C2:9A:6C:47:A9:01:3C:7D
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/VmJ6HrASO_HxMGEbwppsR6kBPH0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.72.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:3a:f5:bb:e1:bc:ea:bc:58:ab:18:b3:90:3c:ba:d6:85:a8:
36:57:0b:99:8f:fd:02:c4:cf:7a:d8:16:a2:fc:64:53:3a:be:
2e:b4:b5:85:37:0a:69:d1:66:1d:98:7e:cd:00:07:cf:50:32:
a5:18:f1:5b:ab:04:29:6a:d9:44:4f:9a:19:97:9e:b2:1b:3d:
ee:38:01:0f:e4:93:fa:00:e2:49:c3:e3:db:de:fe:44:ac:ec:
e5:d2:2c:2a:0b:4f:42:f0:27:88:57:ac:0e:13:6e:69:be:21:
c9:02:fa:6b:2f:8e:95:cf:d5:94:43:de:5b:51:6e:a3:d5:34:
01:30:f1:f6:4b:a2:b2:fa:05:47:a9:28:61:5c:f8:63:aa:ce:
77:39:28:f3:32:e6:83:9d:66:57:1f:7f:29:87:0e:7c:ea:fb:
b4:54:74:c3:a2:64:77:14:8d:90:b5:ec:c5:64:53:30:a9:26:
f7:aa:2f:fa:5f:14:d8:38:60:74:b1:db:69:40:d1:ba:0d:26:
6c:99:4c:d9:7a:e2:c2:e8:51:ca:db:41:9e:3f:4b:e7:f2:7b:
32:d8:eb:b1:94:90:48:40:08:e2:46:fd:ca:08:5f:43:5c:2d:
1c:ef:9d:7e:0d:4d:b8:68:c0:64:73:72:b1:90:bb:c9:2d:64:
86:79:4d:89
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MTNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDU2NjI3QTFFQjAxMjNC
RjFGMTMwNjExQkMyOUE2QzQ3QTkwMTNDN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhhFER5jWkaBy1H6WztcqGhjZUg6kZPBR1gIYs7M3GdLomQemA
pPtI4kV6xF+B5BDPBLCSRGTvrXGi1hjWpBiT528jOGx9NfJHuyRv0v9KAVgqAuYu
CR226bX8KyJSGhcwrlRJodpZJm6zxqD0phhT0d9iFOoSrqQoW/VbTl4CopK3j6XU
920hz5buK/KWMIiFLHk2u8L0fLpOfD2IF6GbZY+nMybEGCoaocj9AwnMRSlJ82FU
nQFAM2Kv6cz4HZfQCw8krP1JfqtK52jQg5A/f0bgU4Vnf1zSPgQY0X+BpsETO1Ft
Empz1x49a5b04CsNvwigEnbgem+kUkYhBFpnAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUVmJ6HrASO/HxMGEbwppsR6kBPH0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9WbUo2SHJBU09fSHhNR0Vid3Bw
c1I2a0JQSDAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3IBI
MA0GCSqGSIb3DQEBCwUAA4IBAQAPOvW74bzqvFirGLOQPLrWhag2VwuZj/0CxM96
2Bai/GRTOr4utLWFNwpp0WYdmH7NAAfPUDKlGPFbqwQpatlET5oZl56yGz3uOAEP
5JP6AOJJw+Pb3v5ErOzl0iwqC09C8CeIV6wOE25pviHJAvprL46Vz9WUQ95bUW6j
1TQBMPH2S6Ky+gVHqShhXPhjqs53OSjzMuaDnWZXH38phw586vu0VHTDomR3FI2Q
tezFZFMwqSb3qi/6XxTYOGB0sdtpQNG6DSZsmUzZeuLC6FHK20GeP0vn8nsy2Oux
lJBIQAjiRv3KCF9DXC0c751+DU24aMBkc3KxkLvJLWSGeU2J
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org