Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/usQUMFTaJFVCcZNg11ZPidHr2C0.roa
File: usQUMFTaJFVCcZNg11ZPidHr2C0.roa (raw, json)
Hash identifier: UQNB5rjldQZfwah8YMBCShJHgJBB61EjGnUG29COqC8=
Subject key identifier: BA:C4:14:30:54:DA:24:55:42:71:93:60:D7:56:4F:89:D1:EB:D8:2D
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0867
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/usQUMFTaJFVCcZNg11ZPidHr2C0.roa
Signing time: Tue 29 Sep 2020 09:58:42 +0000
ROA not before: Tue 29 Sep 2020 09:58:42 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 3462
IP address blocks: 211.21.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2151 (0x867)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 09:58:42 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=BAC4143054DA245542719360D7564F89D1EBD82D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:3c:71:a9:7c:83:e9:66:fc:67:07:88:a4:db:
2f:d6:8e:55:97:34:f1:b3:c8:47:54:c2:99:c8:a8:
dc:fe:4b:e1:9c:55:76:6b:96:f2:7c:db:65:4a:4f:
f9:54:ff:51:fe:98:d6:ad:1f:b7:bd:22:dd:89:d8:
5f:48:e4:bb:42:b6:6b:8c:82:9c:d3:f9:2f:a3:c8:
c5:bc:82:00:18:18:25:95:6a:8f:c1:6f:b6:6f:25:
22:43:f4:ce:37:06:d9:ea:ad:10:9e:1c:04:53:1e:
1a:e1:c2:53:62:5a:9c:bd:7e:03:f3:70:60:b3:10:
8b:82:58:26:eb:b1:b9:dc:c3:c5:42:44:7f:17:e3:
7b:01:f1:84:bd:71:8a:45:ab:c2:19:8f:62:ba:fc:
58:6d:8f:0c:d4:ce:89:32:ae:79:9a:b4:15:1c:10:
d3:f8:3d:35:32:49:9a:f5:d6:62:17:bc:e2:b2:2e:
9d:59:52:64:f1:a9:e9:41:2e:66:44:fb:63:52:d4:
ac:89:6b:35:54:aa:55:b9:aa:08:8d:ce:c4:c3:90:
ff:31:db:e2:06:0f:d1:bc:5d:f6:1c:60:3a:88:95:
2c:b2:91:95:4f:9b:fb:54:9b:15:15:62:10:db:7a:
cc:6f:b5:67:b5:44:03:26:b0:0a:48:a5:22:c5:97:
dd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C4:14:30:54:DA:24:55:42:71:93:60:D7:56:4F:89:D1:EB:D8:2D
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/usQUMFTaJFVCcZNg11ZPidHr2C0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.21.0.0/16
Signature Algorithm: sha256WithRSAEncryption
02:97:ad:f5:8b:64:53:a8:29:ee:71:9f:83:79:4a:c3:92:fb:
e4:2c:25:8d:e8:8a:54:46:f1:d7:39:e4:71:d9:63:df:d9:d6:
75:4b:61:85:7f:6f:45:cc:89:0c:eb:3e:0c:9e:54:f9:56:4e:
d9:4f:10:27:7a:be:20:34:e4:d8:ea:50:81:b9:ac:1d:a6:a4:
95:ca:34:5e:d2:36:bb:5b:fa:e4:8f:d8:77:31:b8:cf:f3:61:
5f:31:83:c2:10:b2:d6:4d:30:e1:1b:c8:4a:c1:89:d0:6e:fd:
60:d9:25:98:bc:47:7e:30:1b:13:67:83:eb:00:40:50:8d:cd:
c8:47:ae:d4:b2:29:d2:ae:0f:9c:8a:ee:9a:34:33:fa:1c:09:
82:ad:64:2c:7a:e1:e1:6f:01:24:db:59:43:ca:2a:16:91:98:
64:13:ec:c2:55:5f:fd:2b:c8:ec:13:10:52:e3:65:1c:66:79:
13:95:9d:6c:80:25:70:94:1a:e7:28:78:40:74:41:6d:99:05:
56:f3:82:9e:88:7f:fa:12:83:59:09:df:04:72:14:59:fe:6c:
b5:e6:f9:da:6b:29:77:45:b5:c5:df:b3:f3:ab:ae:c9:0e:38:
fa:93:9d:d3:17:13:dd:74:15:7e:e2:9d:49:5e:c4:0c:ba:9f:
a2:dc:0d:a8
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCGcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4NDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJBQzQxNDMwNTREQTI0
NTU0MjcxOTM2MEQ3NTY0Rjg5RDFFQkQ4MkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMPHGpfIPpZvxnB4ik2y/WjlWXNPGzyEdUwpnIqNz+S+GcVXZr
lvJ822VKT/lU/1H+mNatH7e9It2J2F9I5LtCtmuMgpzT+S+jyMW8ggAYGCWVao/B
b7ZvJSJD9M43BtnqrRCeHARTHhrhwlNiWpy9fgPzcGCzEIuCWCbrsbncw8VCRH8X
43sB8YS9cYpFq8IZj2K6/FhtjwzUzokyrnmatBUcENP4PTUySZr11mIXvOKyLp1Z
UmTxqelBLmZE+2NS1KyJazVUqlW5qgiNzsTDkP8x2+IGD9G8XfYcYDqIlSyykZVP
m/tUmxUVYhDbesxvtWe1RAMmsApIpSLFl92TAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUusQUMFTaJFVCcZNg11ZPidHr2C0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC91c1FVTUZUYUpGVkNjWk5nMTFa
UGlkSHIyQzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xUw
DQYJKoZIhvcNAQELBQADggEBAAKXrfWLZFOoKe5xn4N5SsOS++QsJY3oilRG8dc5
5HHZY9/Z1nVLYYV/b0XMiQzrPgyeVPlWTtlPECd6viA05NjqUIG5rB2mpJXKNF7S
Nrtb+uSP2HcxuM/zYV8xg8IQstZNMOEbyErBidBu/WDZJZi8R34wGxNng+sAQFCN
zchHrtSyKdKuD5yK7po0M/ocCYKtZCx64eFvASTbWUPKKhaRmGQT7MJVX/0ryOwT
EFLjZRxmeROVnWyAJXCUGucoeEB0QW2ZBVbzgp6If/oSg1kJ3wRyFFn+bLXm+dpr
KXdFtcXfs/OrrskOOPqTndMXE910FX7inUlexAy6n6LcDag=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org