Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/A34kqByeHJ-1CnBdMzRPVLNoHgo.roa
File: A34kqByeHJ-1CnBdMzRPVLNoHgo.roa (raw, json)
Hash identifier: Qnn6lO+yzpAOiJ6AlTB/inHxQbXkx0pEFH2fPNyTVng=
Subject key identifier: 03:7E:24:A8:1C:9E:1C:9F:B5:0A:70:5D:33:34:4F:54:B3:68:1E:0A
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0AB7
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/A34kqByeHJ-1CnBdMzRPVLNoHgo.roa
Signing time: Sun 07 Feb 2021 11:38:50 +0000
ROA not before: Sun 07 Feb 2021 11:38:50 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 3462
IP address blocks: 220.128.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2743 (0xab7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 7 11:38:50 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=037E24A81C9E1C9FB50A705D33344F54B3681E0A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:f7:8f:3c:f3:14:0a:06:c3:fb:b2:fe:96:
e7:25:05:5a:61:37:c4:92:73:d6:7c:82:79:57:0d:
19:92:c5:6c:74:93:c7:3b:d2:21:08:24:7b:0a:2d:
00:3d:d8:81:c6:52:29:55:da:ad:7f:bc:1e:cb:d0:
33:03:13:e6:05:76:17:fa:34:a3:f6:ed:22:9b:ef:
5d:53:4c:8e:81:76:ab:4a:4a:e6:18:34:43:9f:5f:
ac:e6:ee:7e:c0:67:5c:18:69:54:da:c2:e7:b5:c6:
c9:ed:ef:50:35:ee:d2:5c:01:86:05:19:1d:54:b8:
52:2b:ca:21:a8:4f:7d:7b:ea:81:f0:ca:72:52:ed:
1e:df:61:68:f3:a9:05:3c:5a:c2:7f:54:7a:72:28:
c1:e9:9d:a4:f7:8e:a0:a4:f7:3f:7c:66:02:3a:b3:
40:37:da:5d:03:ee:0b:a6:7b:f5:84:4d:e2:1b:b2:
c0:09:9c:fd:7f:38:2d:e9:61:4c:1d:de:43:5b:5f:
22:13:e0:84:a3:5d:1c:a0:2a:70:6a:51:3c:ff:b9:
6f:32:be:fb:10:79:6d:64:69:fb:9a:c5:74:1c:a1:
23:aa:b8:d7:cd:36:26:52:84:85:d3:f0:3f:53:4d:
eb:3e:ae:46:7a:28:2c:b5:6f:0c:5b:3b:38:a1:4c:
91:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:7E:24:A8:1C:9E:1C:9F:B5:0A:70:5D:33:34:4F:54:B3:68:1E:0A
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/A34kqByeHJ-1CnBdMzRPVLNoHgo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
220.128.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9e:bf:e8:8d:09:c0:f8:f4:1d:84:44:88:07:a0:6f:72:b7:11:
b0:93:5f:5b:ef:f1:5e:d0:33:cb:6b:c3:1b:2e:77:3a:5e:e4:
ae:f2:b0:a2:52:30:fe:d6:3c:13:0c:ed:09:73:d6:dc:b5:db:
e2:cc:ae:26:53:be:a9:4d:00:cb:35:1a:2a:6a:0a:7d:5e:01:
b8:4f:74:b4:19:29:c4:93:cf:26:47:2e:56:f5:2e:40:b5:48:
3a:3f:84:f4:e5:ee:6d:b6:db:67:49:1f:e2:e4:ec:f7:43:95:
cb:5b:04:24:1d:52:eb:a2:21:a8:ea:cf:03:7a:b5:1f:f3:ba:
d9:0a:21:05:52:af:75:aa:0b:62:b2:06:ae:93:04:5c:50:fd:
94:bc:42:9f:c6:ff:75:ed:c9:ea:f8:fa:85:db:de:e3:09:10:
6a:41:40:c0:9b:01:c4:c4:58:5d:ff:a0:6d:32:90:5f:88:72:
ff:0c:c5:73:56:2a:46:a4:24:37:c8:17:ff:05:f0:da:c6:9c:
f7:61:53:9a:b7:dd:76:12:6d:a4:9c:fe:d1:05:43:bf:8a:6d:
fc:b9:98:2b:9a:87:40:12:7a:47:a3:5a:54:1b:51:bf:35:d0:
cc:cc:16:4e:44:da:93:48:df:34:8f:d8:76:4b:74:fa:8c:97:
a5:93:7f:a5
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM4NTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDAzN0UyNEE4MUM5RTFD
OUZCNTBBNzA1RDMzMzQ0RjU0QjM2ODFFMEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmy/ePPPMUCgbD+7L+luclBVphN8SSc9Z8gnlXDRmSxWx0k8c7
0iEIJHsKLQA92IHGUilV2q1/vB7L0DMDE+YFdhf6NKP27SKb711TTI6BdqtKSuYY
NEOfX6zm7n7AZ1wYaVTawue1xsnt71A17tJcAYYFGR1UuFIryiGoT3176oHwynJS
7R7fYWjzqQU8WsJ/VHpyKMHpnaT3jqCk9z98ZgI6s0A32l0D7gume/WETeIbssAJ
nP1/OC3pYUwd3kNbXyIT4ISjXRygKnBqUTz/uW8yvvsQeW1kafuaxXQcoSOquNfN
NiZShIXT8D9TTes+rkZ6KCy1bwxbOzihTJF1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUA34kqByeHJ+1CnBdMzRPVLNoHgowHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9BMzRrcUJ5ZUhKLTFDbkJkTXpS
UFZMTm9IZ28ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH3ICA
MA0GCSqGSIb3DQEBCwUAA4IBAQCev+iNCcD49B2ERIgHoG9ytxGwk19b7/Fe0DPL
a8MbLnc6XuSu8rCiUjD+1jwTDO0Jc9bctdvizK4mU76pTQDLNRoqagp9XgG4T3S0
GSnEk88mRy5W9S5AtUg6P4T05e5ttttnSR/i5Oz3Q5XLWwQkHVLroiGo6s8DerUf
87rZCiEFUq91qgtisgaukwRcUP2UvEKfxv917cnq+PqF297jCRBqQUDAmwHExFhd
/6BtMpBfiHL/DMVzVipGpCQ3yBf/BfDaxpz3YVOat912Em2knP7RBUO/im38uZgr
modAEnpHo1pUG1G/NdDMzBZORNqTSN80j9h2S3T6jJelk3+l
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org