Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/hELpqzdbQ1MlXopdJXk5NulP-i0.roa
File: hELpqzdbQ1MlXopdJXk5NulP-i0.roa (raw, json)
Hash identifier: ewKbNDKXFJkJKIs7WCdnJp0NOjTWhEOP6lZGYJc2u8w=
Subject key identifier: 84:42:E9:AB:37:5B:43:53:25:5E:8A:5D:25:79:39:36:E9:4F:FA:2D
Certificate issuer: /CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Certificate serial: 0972
Authority key identifier: 38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/hELpqzdbQ1MlXopdJXk5NulP-i0.roa
Signing time: Wed 29 Sep 2021 02:50:29 +0000
ROA not before: Wed 29 Sep 2021 02:50:29 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 134823
IP address blocks: 103.122.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2418 (0x972)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=385713E359FCB9CAB12F20DB3FF190FCA81E323E
Validity
Not Before: Sep 29 02:50:29 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=8442E9AB375B4353255E8A5D25793936E94FFA2D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:de:d9:65:6a:2f:fa:c3:bd:27:f1:80:7f:20:
c4:39:ed:c1:3e:71:0b:79:f9:be:84:bd:03:2c:1a:
37:64:57:cf:ba:9f:95:d2:ee:45:65:55:9a:e8:c5:
18:9e:09:21:92:f8:ff:63:c3:da:fc:1d:4f:ac:ec:
59:9e:13:35:7e:f4:8d:a9:8d:35:18:60:49:af:1c:
52:9c:2d:32:07:ba:8b:89:64:5b:73:01:e5:b2:31:
7a:c6:4a:f6:69:52:ce:b5:87:ee:10:ef:b2:79:65:
41:3d:4f:4a:2f:76:2a:ab:a4:24:cc:23:2d:60:ed:
80:67:94:ed:c3:7b:09:6c:65:20:b6:5a:f6:f0:62:
e6:cc:4a:0f:a7:d1:ba:b6:bf:97:85:ba:25:04:ac:
da:e3:de:57:4f:dd:cc:27:ea:85:0a:5a:e1:50:2d:
c1:61:be:44:0e:75:ef:8d:bf:7d:d9:23:45:38:8f:
97:10:04:e9:4d:06:26:7d:da:30:4d:d9:b6:7d:16:
76:8d:91:16:97:49:cb:09:1c:e2:81:5d:95:bd:e3:
d4:c4:44:93:71:9c:c8:5f:77:69:ee:0a:54:af:06:
52:0a:18:28:71:0e:e6:fa:ed:06:c4:c3:c1:16:e9:
42:e0:a4:1a:05:38:d0:62:3e:cf:7c:0d:b2:ff:cb:
b3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:42:E9:AB:37:5B:43:53:25:5E:8A:5D:25:79:39:36:E9:4F:FA:2D
X509v3 Authority Key Identifier:
keyid:38:57:13:E3:59:FC:B9:CA:B1:2F:20:DB:3F:F1:90:FC:A8:1E:32:3E
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/OFcT41n8ucqxLyDbP_GQ_KgeMj4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/OFcT41n8ucqxLyDbP_GQ_KgeMj4.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HHRCOLTD/hELpqzdbQ1MlXopdJXk5NulP-i0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.188.0/22
Signature Algorithm: sha256WithRSAEncryption
16:e0:52:63:4a:00:31:9e:9a:04:f9:dd:0e:89:91:9f:14:85:
82:19:26:34:68:bf:59:4a:a7:e2:2d:72:4e:cd:8c:58:78:e8:
1a:c8:51:0b:02:94:ce:0d:66:05:e9:80:2a:4e:b3:82:1b:f9:
e4:2d:4c:11:73:8c:c4:ad:3e:29:99:77:81:54:c1:c0:05:d3:
72:08:f9:15:8c:f8:55:23:d6:15:14:a4:4f:cf:0c:70:bb:4a:
27:6b:d1:eb:a0:19:e5:7b:a1:4b:e4:85:07:e1:ef:82:7d:87:
48:28:b1:69:c3:50:64:04:b0:10:f7:7d:80:e7:a8:98:9e:5d:
aa:c2:d4:ce:1f:ff:ca:f8:1f:aa:bf:66:a6:67:e1:6d:51:e9:
df:43:ac:05:0f:00:d3:b4:59:6d:aa:52:91:33:6b:49:09:fd:
14:1b:32:ef:44:b3:4c:4b:fb:45:f5:0f:f3:12:0e:d3:47:cd:
4b:a6:91:c4:08:62:33:49:e7:b5:9c:82:47:f0:9d:eb:ce:61:
60:de:8f:d8:d4:68:b7:20:d8:8b:5d:3d:73:6b:9b:80:8c:bf:
1a:a5:41:8d:d1:4a:1d:d0:1b:e8:f1:b9:19:cf:69:24:d9:a8:
fa:27:41:69:5e:9b:f2:ba:d2:4c:6b:f8:42:e7:5e:db:c6:d4:
64:12:28:fd
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCXIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMzg1
NzEzRTM1OUZDQjlDQUIxMkYyMERCM0ZGMTkwRkNBODFFMzIzRTAeFw0yMTA5Mjkw
MjUwMjlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg0NDJFOUFCMzc1QjQz
NTMyNTVFOEE1RDI1NzkzOTM2RTk0RkZBMkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCu3tllai/6w70n8YB/IMQ57cE+cQt5+b6EvQMsGjdkV8+6n5XS
7kVlVZroxRieCSGS+P9jw9r8HU+s7FmeEzV+9I2pjTUYYEmvHFKcLTIHuouJZFtz
AeWyMXrGSvZpUs61h+4Q77J5ZUE9T0ovdiqrpCTMIy1g7YBnlO3DewlsZSC2Wvbw
YubMSg+n0bq2v5eFuiUErNrj3ldP3cwn6oUKWuFQLcFhvkQOde+Nv33ZI0U4j5cQ
BOlNBiZ92jBN2bZ9FnaNkRaXScsJHOKBXZW949TERJNxnMhfd2nuClSvBlIKGChx
Dub67QbEw8EW6ULgpBoFONBiPs98DbL/y7OhAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUhELpqzdbQ1MlXopdJXk5NulP+i0wHwYDVR0jBBgwFoAUOFcT41n8ucqxLyDb
P/GQ/KgeMj4wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSEhSQ09M
VEQvT0ZjVDQxbjh1Y3F4THlEYlBfR1FfS2dlTWo0LmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9PRmNUNDFuOHVjcXhMeURiUF9HUV9LZ2VNajQuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISFJDT0xURC9oRUxwcXpkYlExTWxY
b3BkSlhrNU51bFAtaTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCZ3q8MA0GCSqGSIb3DQEBCwUAA4IBAQAW4FJjSgAxnpoE+d0OiZGfFIWCGSY0
aL9ZSqfiLXJOzYxYeOgayFELApTODWYF6YAqTrOCG/nkLUwRc4zErT4pmXeBVMHA
BdNyCPkVjPhVI9YVFKRPzwxwu0ona9HroBnle6FL5IUH4e+CfYdIKLFpw1BkBLAQ
932A56iYnl2qwtTOH//K+B+qv2amZ+FtUenfQ6wFDwDTtFltqlKRM2tJCf0UGzLv
RLNMS/tF9Q/zEg7TR81LppHECGIzSee1nIJH8J3rzmFg3o/Y1Gi3INiLXT1za5uA
jL8apUGN0Uod0Bvo8bkZz2kk2aj6J0FpXpvyutJMa/hC517bxtRkEij9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:54 2023 by rpki-client on console-ams.rpki-client.org