Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/2XgL2K7vm3jM4n9St0caoCPQRPQ.roa
File: 2XgL2K7vm3jM4n9St0caoCPQRPQ.roa (raw, json)
Hash identifier: adRI/G4T1vZidprzW2NCdKcfvBy6LLC24Jaq1AYrC74=
Subject key identifier: D9:78:0B:D8:AE:EF:9B:78:CC:E2:7F:52:B7:47:1A:A0:23:D0:44:F4
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C2C
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2XgL2K7vm3jM4n9St0caoCPQRPQ.roa
Signing time: Wed 29 Sep 2021 02:50:58 +0000
ROA not before: Wed 29 Sep 2021 02:50:58 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 220.128.0.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3116 (0xc2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:50:58 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=D9780BD8AEEF9B78CCE27F52B7471AA023D044F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:22:33:fc:f7:44:f0:26:79:6f:e3:b1:92:e1:
6c:96:2c:af:e4:30:a3:3b:18:49:f1:fc:b3:9a:c8:
c6:f1:e5:47:1a:a2:d5:d7:cb:b5:22:8c:d1:53:25:
59:85:23:a1:b4:2f:dd:26:f6:15:36:6a:46:2e:35:
06:85:06:d1:27:23:04:cf:56:9a:b3:c4:c4:81:c5:
92:4c:10:36:07:ce:ab:51:e0:df:07:3f:9d:66:c8:
f0:b3:58:da:bb:1e:04:07:c3:0d:8c:ed:78:87:18:
22:1b:bc:7f:9f:02:05:47:73:4b:c0:5d:02:95:15:
b4:f7:33:ad:bf:9c:21:7e:91:43:b5:00:45:a5:1f:
df:5f:cc:1f:07:50:67:bc:ee:0a:79:b1:b1:33:5c:
63:40:0a:a5:8f:b2:09:aa:f2:aa:58:c9:49:a6:a4:
dd:4e:9e:fb:09:4f:1c:0e:82:2c:31:7a:92:9f:9c:
2b:f8:d1:db:8d:f1:6a:b7:00:f2:2f:22:2b:2a:50:
80:d9:7f:30:e9:0b:1d:b2:16:d2:ca:94:ea:2c:95:
fa:9b:11:39:6f:d6:dd:f3:1c:26:7e:e6:ff:9e:93:
3f:b3:25:80:45:a2:e5:7c:f4:95:b5:a2:16:ce:60:
9f:d7:ef:fd:17:79:ed:10:25:b8:5c:49:f7:82:a8:
ec:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:78:0B:D8:AE:EF:9B:78:CC:E2:7F:52:B7:47:1A:A0:23:D0:44:F4
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/2XgL2K7vm3jM4n9St0caoCPQRPQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.0.0/18
Signature Algorithm: sha256WithRSAEncryption
16:3e:ce:e7:9d:6e:1e:99:d1:e6:41:0b:7b:5d:3c:e8:32:d2:
7b:b2:98:93:7e:02:08:80:98:85:21:b7:24:bf:d5:53:f2:3d:
90:01:30:71:26:eb:80:3d:b9:93:bb:9e:5c:b8:51:ff:ad:bd:
7b:14:50:f4:2e:25:1c:6e:9f:17:65:7a:30:ce:87:4e:c2:9c:
99:b5:0b:7e:af:08:c5:c8:a9:7e:c9:9b:24:66:9a:45:3b:23:
97:6f:13:d4:a0:f6:7a:de:3a:81:3a:00:5a:52:f8:bc:0b:4f:
ba:8f:fe:99:f4:b8:f8:83:b5:4c:d7:ea:60:c2:af:78:be:22:
37:4d:c5:0a:4f:95:47:a2:30:45:83:28:9d:71:69:0b:ad:8d:
e4:23:13:6b:06:6c:d1:ed:cd:15:95:19:76:3e:61:f0:7d:03:
1d:b0:28:94:ff:41:94:06:bb:49:f7:ec:4c:57:7a:8c:c8:db:
a7:a9:6a:77:34:c2:c1:bc:b3:ad:6d:ea:da:c1:7f:4b:3b:92:
40:65:eb:b4:45:f2:e0:98:f3:28:13:52:ce:b6:4b:99:e6:96:
74:31:51:c4:01:cd:84:05:01:63:88:89:2e:4a:d3:d2:15:6d:
45:58:d2:d7:c9:c6:d4:8c:bb:1b:ba:f5:19:d6:f3:48:e4:f6:
9e:8e:d6:a1
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDCwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUwNThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEQ5NzgwQkQ4QUVFRjlC
NzhDQ0UyN0Y1MkI3NDcxQUEwMjNEMDQ0RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7IjP890TwJnlv47GS4WyWLK/kMKM7GEnx/LOayMbx5UcaotXX
y7UijNFTJVmFI6G0L90m9hU2akYuNQaFBtEnIwTPVpqzxMSBxZJMEDYHzqtR4N8H
P51myPCzWNq7HgQHww2M7XiHGCIbvH+fAgVHc0vAXQKVFbT3M62/nCF+kUO1AEWl
H99fzB8HUGe87gp5sbEzXGNACqWPsgmq8qpYyUmmpN1OnvsJTxwOgiwxepKfnCv4
0duN8Wq3APIvIisqUIDZfzDpCx2yFtLKlOoslfqbETlv1t3zHCZ+5v+ekz+zJYBF
ouV89JW1ohbOYJ/X7/0Xee0QJbhcSfeCqOxtAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU2XgL2K7vm3jM4n9St0caoCPQRPQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8yWGdMMks3dm0zak00bjlTdDBj
YW9DUFFSUFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG3IAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAWPs7nnW4emdHmQQt7XTzoMtJ7spiTfgIIgJiF
Ibckv9VT8j2QATBxJuuAPbmTu55cuFH/rb17FFD0LiUcbp8XZXowzodOwpyZtQt+
rwjFyKl+yZskZppFOyOXbxPUoPZ63jqBOgBaUvi8C0+6j/6Z9Lj4g7VM1+pgwq94
viI3TcUKT5VHojBFgyidcWkLrY3kIxNrBmzR7c0VlRl2PmHwfQMdsCiU/0GUBrtJ
9+xMV3qMyNunqWp3NMLBvLOtberawX9LO5JAZeu0RfLgmPMoE1LOtkuZ5pZ0MVHE
Ac2EBQFjiIkuStPSFW1FWNLXycbUjLsbuvUZ1vNI5Paejtah
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:08 2024 by rpki-client on console-ams.rpki-client.org