Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/3lQw2yfFf-D2r3jJlhTcsVxT1Cs.roa
File: 3lQw2yfFf-D2r3jJlhTcsVxT1Cs.roa (raw, json)
Hash identifier: lP0dJnJDKISLGNTc9V7Bx+TpC758gLPN7w/HJmDfGzc=
Subject key identifier: DE:54:30:DB:27:C5:7F:E0:F6:AF:78:C9:96:14:DC:B1:5C:53:D4:2B
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0D76
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/3lQw2yfFf-D2r3jJlhTcsVxT1Cs.roa
Signing time: Thu 15 Sep 2022 02:48:03 +0000
ROA not before: Thu 15 Sep 2022 02:48:03 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 3462
IP address blocks: 221.120.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3446 (0xd76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 15 02:48:03 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DE5430DB27C57FE0F6AF78C99614DCB15C53D42B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e4:e9:40:64:cc:b0:6d:25:ee:1d:a0:68:56:
da:96:f5:3e:15:93:fa:6f:7c:9e:6c:33:74:60:b9:
68:25:90:3d:92:05:3d:ed:ff:56:2a:20:6b:c9:d8:
b9:0e:43:82:f0:53:37:f1:9d:52:48:e7:a3:d2:89:
2b:7b:72:83:47:6c:2f:88:39:cf:47:5b:29:db:51:
ff:f4:37:32:d3:b6:7d:79:77:df:e5:c6:06:9a:84:
bc:59:e7:7d:71:1a:27:f4:10:ec:a0:f0:4c:92:3f:
b0:ce:9c:33:a3:45:54:8b:65:21:15:d0:d2:a9:71:
01:2e:bd:51:bd:e5:18:ac:41:aa:c9:7e:20:92:b9:
cd:3a:ab:41:cf:60:4a:0b:ab:7b:24:cd:3a:a2:05:
59:58:d3:7f:08:8d:94:79:1b:7a:b2:2a:73:60:d5:
14:89:1f:6b:f4:26:c4:c3:24:16:8a:1e:55:af:2f:
cc:94:f7:6b:32:4e:46:f2:50:7f:49:ac:62:d9:ea:
ed:18:d9:79:6f:8e:99:fa:72:a5:48:d2:c7:08:00:
3a:4a:30:e8:4c:ba:28:4b:14:ec:d3:d8:0d:aa:1d:
b7:e6:a7:6e:8e:c3:92:e3:93:3f:ff:ea:b9:79:ca:
eb:95:4d:e3:4f:70:f9:45:1d:eb:cd:41:d3:46:d3:
f2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:54:30:DB:27:C5:7F:E0:F6:AF:78:C9:96:14:DC:B1:5C:53:D4:2B
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/3lQw2yfFf-D2r3jJlhTcsVxT1Cs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.120.21.0/24
Signature Algorithm: sha256WithRSAEncryption
30:7c:8f:6d:79:70:92:7d:24:61:3d:86:86:aa:fd:84:77:46:
22:38:70:c7:27:69:5a:e9:c3:70:04:4e:30:e2:6f:69:1b:f1:
df:f5:4b:ba:b0:81:4a:a0:24:24:9d:03:4f:23:b5:5d:01:12:
73:62:60:68:52:79:3a:c1:fe:49:b1:09:52:8a:99:3e:7f:3a:
60:bf:c1:cc:75:23:10:4b:1a:da:e9:0a:e2:75:05:ca:00:57:
80:e8:99:fc:76:33:ad:3b:22:e6:30:0f:1b:4e:10:9a:34:28:
01:72:9e:3c:b4:7a:48:41:8a:5f:52:bb:b0:63:79:e7:f5:04:
ba:7e:79:34:bb:4a:04:32:f9:9c:e4:54:70:e2:c0:14:8a:5a:
d8:be:e6:b1:d2:2a:e3:73:27:0e:cd:cf:f3:c2:7e:42:df:53:
be:ce:9c:fe:be:7d:92:fb:ed:85:98:5c:5f:af:7b:47:b4:73:
ed:84:83:7e:2f:ca:7f:d0:3a:30:84:18:a2:c8:03:bb:e8:b5:
c3:96:87:37:99:9c:c4:b7:3b:b5:b0:c4:2d:1f:a0:6d:55:69:
82:bf:09:93:1c:ad:34:91:9e:88:8a:d2:e0:f6:67:66:4a:dc:
49:9e:55:f2:b9:91:48:78:6d:74:ad:6b:92:09:48:5a:7d:8e:
91:1c:ff:b1
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDXYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMjA5MTUw
MjQ4MDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERFNTQzMERCMjdDNTdG
RTBGNkFGNzhDOTk2MTREQ0IxNUM1M0Q0MkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDF5OlAZMywbSXuHaBoVtqW9T4Vk/pvfJ5sM3RguWglkD2SBT3t
/1YqIGvJ2LkOQ4LwUzfxnVJI56PSiSt7coNHbC+IOc9HWynbUf/0NzLTtn15d9/l
xgaahLxZ531xGif0EOyg8EySP7DOnDOjRVSLZSEV0NKpcQEuvVG95RisQarJfiCS
uc06q0HPYEoLq3skzTqiBVlY038IjZR5G3qyKnNg1RSJH2v0JsTDJBaKHlWvL8yU
92syTkbyUH9JrGLZ6u0Y2Xlvjpn6cqVI0scIADpKMOhMuihLFOzT2A2qHbfmp26O
w5Ljkz//6rl5yuuVTeNPcPlFHevNQdNG0/LPAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3lQw2yfFf+D2r3jJlhTcsVxT1CswHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC8zbFF3MnlmRmYtRDJyM2pKbGhU
Y3NWeFQxQ3Mucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3XgV
MA0GCSqGSIb3DQEBCwUAA4IBAQAwfI9teXCSfSRhPYaGqv2Ed0YiOHDHJ2la6cNw
BE4w4m9pG/Hf9Uu6sIFKoCQknQNPI7VdARJzYmBoUnk6wf5JsQlSipk+fzpgv8HM
dSMQSxra6QridQXKAFeA6Jn8djOtOyLmMA8bThCaNCgBcp48tHpIQYpfUruwY3nn
9QS6fnk0u0oEMvmc5FRw4sAUilrYvuax0irjcycOzc/zwn5C31O+zpz+vn2S++2F
mFxfr3tHtHPthIN+L8p/0DowhBiiyAO76LXDloc3mZzEtzu1sMQtH6BtVWmCvwmT
HK00kZ6IitLg9mdmStxJnlXyuZFIeG10rWuSCUhafY6RHP+x
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org