Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/ZR2HHA9KibuH_13unuZjFhBO6bE.roa
File: ZR2HHA9KibuH_13unuZjFhBO6bE.roa (raw, json)
Hash identifier: ChRLKcr6R5wUnrFB/cLFZC0F6z5o55vRtYfzk719eD0=
Subject key identifier: 65:1D:87:1C:0F:4A:89:BB:87:FF:5D:EE:9E:E6:63:16:10:4E:E9:B1
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C47
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ZR2HHA9KibuH_13unuZjFhBO6bE.roa
Signing time: Wed 29 Sep 2021 02:51:06 +0000
ROA not before: Wed 29 Sep 2021 02:51:06 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 10126
IP address blocks: 220.128.56.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3143 (0xc47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:51:06 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=651D871C0F4A89BB87FF5DEE9EE66316104EE9B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6c:80:a1:47:03:91:be:0c:b5:a6:bc:49:79:
93:2a:87:b9:1b:9f:7e:1f:c8:8f:5d:78:7c:bc:1a:
f1:d9:14:f6:49:21:0a:d8:4d:e1:a2:52:33:5f:6b:
06:80:4a:23:87:ac:68:54:97:f7:2c:98:e5:91:8f:
3f:9a:80:4b:ee:ba:59:02:9f:3d:c7:e2:61:7d:4c:
5d:b7:b2:43:ca:d8:3c:f7:dc:16:e6:96:47:f1:88:
c0:92:10:a8:88:70:9c:f8:43:f6:0b:5c:9a:8f:f1:
16:1a:82:f7:4a:65:b4:7a:b8:bf:7e:cb:bb:cf:19:
bb:57:5c:a8:e4:42:7c:5f:35:82:5c:d3:14:64:13:
70:cf:f7:64:67:da:49:a3:73:c6:28:de:19:53:90:
cc:7e:e6:8b:f9:e8:ed:dc:fc:8d:24:71:11:de:74:
ed:cc:1d:9f:4a:3f:e6:6f:47:e4:8d:eb:72:9c:44:
61:9e:da:81:59:c8:d6:f8:a3:f5:8f:a4:3c:a2:fa:
af:e3:28:35:6f:a5:cf:10:7c:2a:8a:1b:94:b5:c5:
2b:64:6a:d0:71:17:5e:14:c9:3c:a2:be:da:80:44:
26:ee:74:4a:a1:2a:b2:0d:35:90:41:d1:72:e6:e0:
c7:6d:81:a0:26:77:41:37:17:4b:49:21:86:2b:b3:
5d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:1D:87:1C:0F:4A:89:BB:87:FF:5D:EE:9E:E6:63:16:10:4E:E9:B1
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/ZR2HHA9KibuH_13unuZjFhBO6bE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.56.0/21
Signature Algorithm: sha256WithRSAEncryption
99:e3:b6:a2:95:41:bf:d0:56:e8:04:89:b4:f5:53:80:81:85:
ba:58:cf:18:55:53:99:c8:22:4c:f9:e0:17:b0:af:56:45:d8:
07:84:0a:63:8e:16:f8:77:38:f8:0f:de:b5:1d:df:ce:29:69:
5e:f3:03:65:cd:66:b5:1b:ad:66:04:d3:f7:e4:ca:66:76:99:
5c:54:46:19:eb:e3:83:66:1d:35:88:6d:ec:76:3a:57:77:75:
14:3d:a6:71:17:65:be:d6:81:98:94:fd:eb:ad:a9:ec:f6:4c:
39:64:76:18:58:53:02:71:66:23:0a:77:d5:b4:66:90:4b:f8:
e1:bf:e5:7c:5d:78:74:96:14:6c:33:c0:0b:7d:74:a8:6d:89:
fe:bb:e2:78:1b:ab:ba:e3:fc:ac:5f:fc:5a:36:c5:ec:04:64:
1c:b2:10:18:2c:85:49:22:d7:6e:4a:05:f7:ad:b7:38:57:f7:
77:1e:00:44:dc:be:dd:70:c0:18:da:d9:a4:ae:b0:5e:83:fd:
6f:98:00:07:c5:4d:05:18:1e:ff:39:53:a2:b7:c9:06:2b:f8:
59:81:67:74:7a:7f:cd:a1:5a:a0:38:2c:60:c9:6b:f2:46:79:
a1:ee:4a:dc:83:ae:52:dd:17:d0:40:61:60:04:bf:99:42:60:
74:61:ad:5e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDEcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY1MUQ4NzFDMEY0QTg5
QkI4N0ZGNURFRTlFRTY2MzE2MTA0RUU5QjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkbIChRwORvgy1prxJeZMqh7kbn34fyI9deHy8GvHZFPZJIQrY
TeGiUjNfawaASiOHrGhUl/csmOWRjz+agEvuulkCnz3H4mF9TF23skPK2Dz33Bbm
lkfxiMCSEKiIcJz4Q/YLXJqP8RYagvdKZbR6uL9+y7vPGbtXXKjkQnxfNYJc0xRk
E3DP92Rn2kmjc8Yo3hlTkMx+5ov56O3c/I0kcRHedO3MHZ9KP+ZvR+SN63KcRGGe
2oFZyNb4o/WPpDyi+q/jKDVvpc8QfCqKG5S1xStkatBxF14UyTyivtqARCbudEqh
KrINNZBB0XLm4MdtgaAmd0E3F0tJIYYrs133AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUZR2HHA9KibuH/13unuZjFhBO6bEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9aUjJISEE5S2lidUhfMTN1bnVa
akZoQk82YkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD3IA4
MA0GCSqGSIb3DQEBCwUAA4IBAQCZ47ailUG/0FboBIm09VOAgYW6WM8YVVOZyCJM
+eAXsK9WRdgHhApjjhb4dzj4D961Hd/OKWle8wNlzWa1G61mBNP35MpmdplcVEYZ
6+ODZh01iG3sdjpXd3UUPaZxF2W+1oGYlP3rrans9kw5ZHYYWFMCcWYjCnfVtGaQ
S/jhv+V8XXh0lhRsM8ALfXSobYn+u+J4G6u64/ysX/xaNsXsBGQcshAYLIVJItdu
SgX3rbc4V/d3HgBE3L7dcMAY2tmkrrBeg/1vmAAHxU0FGB7/OVOit8kGK/hZgWd0
en/NoVqgOCxgyWvyRnmh7krcg65S3RfQQGFgBL+ZQmB0Ya1e
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org