Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/8zzi6QiOeHymlv5v-fcx2nBzBA0.roa
File: 8zzi6QiOeHymlv5v-fcx2nBzBA0.roa (raw, json)
Hash identifier: 8J9vpXJBbO0YeysM3vqnbah6+ixSqpC91kBt//fFoF0=
Subject key identifier: F3:3C:E2:E9:08:8E:78:7C:A6:96:FE:6F:F9:F7:31:DA:70:73:04:0D
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0A5E
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/8zzi6QiOeHymlv5v-fcx2nBzBA0.roa
Signing time: Sun 07 Feb 2021 11:37:35 +0000
ROA not before: Sun 07 Feb 2021 11:37:35 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 20940
IP address blocks: 203.74.67.0/25 maxlen: 25
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2654 (0xa5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 7 11:37:35 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F33CE2E9088E787CA696FE6FF9F731DA7073040D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:af:63:70:9c:30:95:4a:1a:2d:d9:b0:60:8b:
be:15:ba:59:9c:ac:d7:15:40:46:c4:81:5a:c5:c9:
de:28:b7:79:f9:12:97:3c:e7:46:e3:bd:8a:b0:af:
de:9f:21:4d:7d:30:57:4d:2a:17:2a:cd:47:0a:0a:
67:ee:19:0b:9f:81:ec:aa:84:ef:eb:c9:b5:56:c1:
0f:5a:a0:66:59:b6:1a:5c:fb:47:72:3e:ad:42:0e:
be:c4:6f:60:cb:40:60:0c:cd:e6:0e:e8:bb:db:d4:
21:73:a1:ec:3c:ef:61:8e:f0:88:27:b0:6d:64:87:
ef:5f:61:00:a7:93:f8:7f:05:a4:c1:76:a2:a2:e9:
9e:70:b3:cd:b0:f9:3c:54:39:96:af:76:b2:55:98:
99:9d:7e:7e:4d:96:6c:8c:55:cc:62:61:b6:f7:40:
3b:3e:60:cc:45:45:4a:24:c2:6d:5b:af:fa:59:f0:
3a:94:75:e4:53:2f:69:ef:72:d5:75:a9:55:fd:c2:
77:95:89:d7:59:96:5a:61:71:0f:92:86:6c:78:1d:
a4:83:92:45:30:c2:9a:90:a5:6d:d4:17:90:2b:9c:
88:81:83:4b:7c:81:ab:df:f3:c5:cb:a8:fa:b3:1d:
db:ad:32:67:1a:9a:87:df:e0:2a:b9:67:34:aa:e0:
d4:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3C:E2:E9:08:8E:78:7C:A6:96:FE:6F:F9:F7:31:DA:70:73:04:0D
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/8zzi6QiOeHymlv5v-fcx2nBzBA0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.74.67.0/25
Signature Algorithm: sha256WithRSAEncryption
63:7f:cb:7d:9d:ef:db:9b:44:50:ed:3a:55:cb:ad:ff:bc:71:
56:69:66:a7:d1:5f:60:49:45:3c:7e:a3:ea:ad:5e:9f:6e:a7:
30:ab:41:9a:81:f8:d3:b5:74:21:6c:51:04:e2:ae:f1:2e:2b:
7f:cf:ae:1c:de:8d:7e:83:21:b5:60:78:5f:6c:09:e8:a1:de:
04:1c:6a:35:56:d5:8a:d6:01:fa:a1:19:8e:f8:02:65:44:e9:
54:d4:16:36:5c:64:dc:4f:89:df:19:79:40:45:a3:a6:56:2c:
3b:29:15:ce:59:ed:b9:01:19:1b:95:bc:52:f1:36:de:06:2f:
d1:f2:2f:77:34:44:72:9d:e2:6c:3c:3d:ca:a0:56:48:33:45:
d6:33:ab:88:a8:b9:fc:c3:53:ea:0b:06:aa:81:b3:0d:d6:89:
54:34:25:46:58:1c:e5:7a:86:69:b4:98:b5:96:4f:e0:1f:5f:
50:d6:c4:e3:33:2e:14:1f:e4:83:38:ad:e6:27:41:4b:de:dd:
da:79:a8:ef:92:0c:5b:01:9b:d1:26:ee:be:64:bb:79:a8:32:
6c:d1:68:e6:15:7f:36:2b:86:bb:9f:08:98:2e:3b:55:08:77:
dd:52:6b:0a:b1:4c:95:6e:60:9a:23:21:74:eb:1a:04:06:c1:
36:79:8b:a0
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgICCl4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM3MzVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEYzM0NFMkU5MDg4RTc4
N0NBNjk2RkU2RkY5RjczMURBNzA3MzA0MEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyr2NwnDCVShot2bBgi74VulmcrNcVQEbEgVrFyd4ot3n5Epc8
50bjvYqwr96fIU19MFdNKhcqzUcKCmfuGQufgeyqhO/rybVWwQ9aoGZZthpc+0dy
Pq1CDr7Eb2DLQGAMzeYO6Lvb1CFzoew872GO8IgnsG1kh+9fYQCnk/h/BaTBdqKi
6Z5ws82w+TxUOZavdrJVmJmdfn5NlmyMVcxiYbb3QDs+YMxFRUokwm1br/pZ8DqU
deRTL2nvctV1qVX9wneViddZllphcQ+Shmx4HaSDkkUwwpqQpW3UF5ArnIiBg0t8
gavf88XLqPqzHdutMmcamoff4Cq5ZzSq4NQnAgMBAAGjggHtMIIB6TAdBgNVHQ4E
FgQU8zzi6QiOeHymlv5v+fcx2nBzBA0wHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC84enppNlFpT2VIeW1sdjV2LWZj
eDJuQnpCQTAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUHy0pD
ADANBgkqhkiG9w0BAQsFAAOCAQEAY3/LfZ3v25tEUO06Vcut/7xxVmlmp9FfYElF
PH6j6q1en26nMKtBmoH407V0IWxRBOKu8S4rf8+uHN6NfoMhtWB4X2wJ6KHeBBxq
NVbVitYB+qEZjvgCZUTpVNQWNlxk3E+J3xl5QEWjplYsOykVzlntuQEZG5W8UvE2
3gYv0fIvdzREcp3ibDw9yqBWSDNF1jOriKi5/MNT6gsGqoGzDdaJVDQlRlgc5XqG
abSYtZZP4B9fUNbE4zMuFB/kgzit5idBS97d2nmo75IMWwGb0SbuvmS7eagybNFo
5hV/NiuGu58ImC47VQh33VJrCrFMlW5gmiMhdOsaBAbBNnmLoA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org