Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/9NtB6CFCmfKDmg-oXtpHQJGL3Iw.roa
File: 9NtB6CFCmfKDmg-oXtpHQJGL3Iw.roa (raw, json)
Hash identifier: uZ0ti1sFa0eBWTPIy/odW0CsEm2qBXABrYzK71y00lw=
Subject key identifier: F4:DB:41:E8:21:42:99:F2:83:9A:0F:A8:5E:DA:47:40:91:8B:DC:8C
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0AE3
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/9NtB6CFCmfKDmg-oXtpHQJGL3Iw.roa
Signing time: Sun 07 Feb 2021 11:40:52 +0000
ROA not before: Sun 07 Feb 2021 11:40:52 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9505
IP address blocks: 220.128.48.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2787 (0xae3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 7 11:40:52 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=F4DB41E8214299F2839A0FA85EDA4740918BDC8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:31:34:11:20:bf:cc:34:31:e2:95:df:71:ca:
fc:d2:95:2f:0f:64:f5:02:53:87:0e:be:c5:39:2e:
e3:09:57:d4:65:80:c3:4e:43:fd:19:d3:a8:e8:c4:
e5:2d:5f:03:12:8f:4c:62:9a:44:e9:20:62:d8:5b:
32:65:b0:de:f4:ab:35:8c:95:90:94:ec:4a:a5:99:
49:3a:bd:fa:3d:54:0f:95:d7:74:b2:42:5c:9d:84:
a4:1d:2a:fd:ee:82:90:d5:0a:cb:50:96:65:d6:ad:
c4:82:3e:ad:ba:e5:22:79:6d:61:b0:23:65:5b:54:
ad:ab:e6:98:c0:92:5e:68:8b:ea:d7:2c:98:e6:24:
7a:bd:02:68:89:53:29:92:b1:03:4d:34:e9:c6:0d:
0a:c5:03:37:58:dc:29:13:5b:e3:8f:74:40:12:0b:
23:35:c7:6a:8e:48:c0:42:ae:2b:6b:57:8a:dc:5e:
93:a6:92:82:98:6d:22:93:d0:13:d2:1b:fb:ba:8c:
2b:3f:69:c8:02:65:86:94:8c:26:b9:16:66:3d:b5:
9b:f9:73:68:0c:59:5e:53:e6:f7:db:a1:b7:e7:98:
3d:a2:49:32:ff:65:d2:4b:62:f8:1c:15:53:fd:d0:
ae:2e:87:c2:4e:c3:a6:f3:fd:c2:ce:80:66:ce:05:
32:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:DB:41:E8:21:42:99:F2:83:9A:0F:A8:5E:DA:47:40:91:8B:DC:8C
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/9NtB6CFCmfKDmg-oXtpHQJGL3Iw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.48.0/21
Signature Algorithm: sha256WithRSAEncryption
45:25:f8:4d:7f:26:39:a9:12:7b:f2:12:ac:f3:cc:b6:85:6d:
cb:09:cd:63:12:a0:f9:0e:78:08:e0:1d:91:54:1e:6b:e9:c1:
7a:77:a5:9d:dd:31:1a:2c:8d:68:dc:c9:27:b4:1d:95:21:3b:
6f:52:2b:c6:b7:63:b7:c3:d7:e7:d6:bc:6d:8f:fc:89:92:bf:
55:a5:7f:95:42:f2:02:b8:cb:10:46:2a:fb:53:d1:34:5d:a4:
e4:91:17:a6:a1:2d:6f:fd:ff:74:41:6e:e7:d7:cd:84:01:f0:
37:5a:56:9d:39:db:3c:98:e4:cf:3b:b6:4c:23:2d:91:60:b6:
b5:5a:4f:53:80:90:d0:02:fa:8c:c0:37:26:66:bc:cc:0a:75:
c6:94:04:c1:a6:16:e4:ad:6d:5a:d0:2e:7a:8c:50:21:ed:c4:
56:93:4e:42:3b:f0:d4:47:bf:fa:b9:ca:db:73:84:be:78:4a:
f0:30:ac:b8:48:14:f4:b2:ca:f4:c5:eb:53:9a:42:c2:1f:84:
e1:36:fc:27:4c:b0:67:a4:fc:81:76:0c:f9:e1:7c:81:b0:6a:
11:db:3e:78:e8:bc:de:64:32:ae:dc:aa:a7:9a:5d:ad:0a:0c:
d8:6e:63:0b:30:14:40:61:30:f7:02:01:9e:3b:6c:c4:ca:12:
cd:35:54:54
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCuMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTQwNTJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEY0REI0MUU4MjE0Mjk5
RjI4MzlBMEZBODVFREE0NzQwOTE4QkRDOEMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaMTQRIL/MNDHild9xyvzSlS8PZPUCU4cOvsU5LuMJV9RlgMNO
Q/0Z06joxOUtXwMSj0ximkTpIGLYWzJlsN70qzWMlZCU7EqlmUk6vfo9VA+V13Sy
QlydhKQdKv3ugpDVCstQlmXWrcSCPq265SJ5bWGwI2VbVK2r5pjAkl5oi+rXLJjm
JHq9AmiJUymSsQNNNOnGDQrFAzdY3CkTW+OPdEASCyM1x2qOSMBCritrV4rcXpOm
koKYbSKT0BPSG/u6jCs/acgCZYaUjCa5FmY9tZv5c2gMWV5T5vfbobfnmD2iSTL/
ZdJLYvgcFVP90K4uh8JOw6bz/cLOgGbOBTLTAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU9NtB6CFCmfKDmg+oXtpHQJGL3IwwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC85TnRCNkNGQ21mS0RtZy1vWHRw
SFFKR0wzSXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD3IAw
MA0GCSqGSIb3DQEBCwUAA4IBAQBFJfhNfyY5qRJ78hKs88y2hW3LCc1jEqD5DngI
4B2RVB5r6cF6d6Wd3TEaLI1o3MkntB2VITtvUivGt2O3w9fn1rxtj/yJkr9VpX+V
QvICuMsQRir7U9E0XaTkkRemoS1v/f90QW7n182EAfA3WladOds8mOTPO7ZMIy2R
YLa1Wk9TgJDQAvqMwDcmZrzMCnXGlATBphbkrW1a0C56jFAh7cRWk05CO/DUR7/6
ucrbc4S+eErwMKy4SBT0ssr0xetTmkLCH4ThNvwnTLBnpPyBdgz54XyBsGoR2z54
6LzeZDKu3Kqnml2tCgzYbmMLMBRAYTD3AgGeO2zEyhLNNVRU
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org