Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/CQPXlABRKNki6JO37_-9j1EEYfE.roa
File: CQPXlABRKNki6JO37_-9j1EEYfE.roa (raw, json)
Hash identifier: A/3CPYBgcZbZi6f2b4AnhncjYJX+2Eqx3EkyUYepyeg=
Subject key identifier: 09:03:D7:94:00:51:28:D9:22:E8:93:B7:EF:FF:BD:8F:51:04:61:F1
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C53
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/CQPXlABRKNki6JO37_-9j1EEYfE.roa
Signing time: Wed 29 Sep 2021 02:51:09 +0000
ROA not before: Wed 29 Sep 2021 02:51:09 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 10126
IP address blocks: 203.160.240.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3155 (0xc53)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:51:09 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=0903D794005128D922E893B7EFFFBD8F510461F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:e8:82:f0:e7:e4:b0:bb:a3:3f:31:47:31:f6:
87:17:c2:cc:29:61:32:f1:97:65:18:63:2a:65:be:
47:27:45:5f:e9:fc:77:7a:53:30:9c:9c:33:54:c4:
72:ab:6d:9e:d3:d2:ba:5b:5c:23:ad:7f:41:f8:3c:
65:4d:4e:6a:27:c7:fa:ed:21:e9:0b:bc:4b:ed:03:
d5:e9:c7:fa:82:aa:28:6c:1d:b6:8f:06:93:c0:40:
23:e7:c2:03:64:25:2d:b6:7b:92:8e:92:1e:72:87:
37:b4:81:c7:da:95:9e:b2:49:5f:4a:8f:81:d6:9f:
06:c7:f2:5c:4b:6c:5f:5b:d8:85:46:94:9c:a3:d8:
0f:31:40:24:b0:26:0a:d7:27:6e:7f:3b:3d:e9:8d:
8b:ea:1c:60:0f:7c:45:d0:73:5b:df:9f:94:a5:cd:
ba:64:2d:3e:b2:81:35:0b:be:b6:45:62:a1:39:f9:
60:a0:d3:c5:c8:0a:86:4e:eb:0c:f2:f0:cb:9f:c7:
8d:d5:d3:99:87:fd:d4:91:f2:81:17:c6:09:1a:0a:
2a:82:bb:8d:b1:ba:07:7e:8e:30:95:21:ac:d5:5e:
a2:a4:52:1a:9b:b8:44:3e:c0:e6:b7:6a:b5:ea:46:
29:f6:a5:2d:2f:01:26:25:dc:45:ce:bb:23:79:3a:
e3:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:03:D7:94:00:51:28:D9:22:E8:93:B7:EF:FF:BD:8F:51:04:61:F1
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/CQPXlABRKNki6JO37_-9j1EEYfE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.160.240.0/20
Signature Algorithm: sha256WithRSAEncryption
44:03:1d:e4:5e:fd:9d:21:ad:05:9a:ec:00:be:bb:00:c6:9a:
fd:76:7f:dc:7c:e8:5f:44:0f:8a:21:f9:56:c8:4a:9d:ea:cf:
1a:a3:cd:f6:42:00:95:a8:a8:28:05:2b:a8:c5:0b:44:44:e3:
b7:e7:35:3f:80:9e:f3:49:31:9f:aa:b6:15:a8:5d:6f:74:a6:
87:cf:42:e6:1b:df:71:3a:c6:4c:d0:28:71:38:66:9e:ec:09:
a7:f2:6e:67:45:22:c6:ff:b3:29:b6:c1:94:82:63:4e:f0:55:
01:67:69:22:8e:b6:d1:3f:4e:2d:0b:39:87:c5:5b:dd:9f:27:
1d:c6:fe:6c:28:5c:91:66:07:53:5a:25:45:01:5f:7c:c8:7f:
1b:3c:c4:5e:13:b2:b2:35:f6:a2:98:d9:b8:2c:08:70:9f:bf:
e1:f7:cc:d1:41:1b:92:0e:dd:25:c8:de:4f:69:a0:cd:1b:df:
d7:3c:4f:dc:d8:3c:8f:f4:e6:28:3d:e7:c8:fd:0a:06:36:b4:
41:eb:69:1e:f1:96:65:ee:df:2a:14:2a:20:fb:79:f9:63:eb:
d9:6a:a0:38:04:9b:9b:ed:14:ce:52:fb:10:a8:28:eb:12:a0:
ea:59:24:f7:5c:51:1a:17:8c:ef:95:ea:dd:00:6e:b8:fc:b1:
01:8f:cc:99
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDFMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMDlaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA5MDNENzk0MDA1MTI4
RDkyMkU4OTNCN0VGRkZCRDhGNTEwNDYxRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCk6ILw5+Swu6M/MUcx9ocXwswpYTLxl2UYYyplvkcnRV/p/Hd6
UzCcnDNUxHKrbZ7T0rpbXCOtf0H4PGVNTmonx/rtIekLvEvtA9Xpx/qCqihsHbaP
BpPAQCPnwgNkJS22e5KOkh5yhze0gcfalZ6ySV9Kj4HWnwbH8lxLbF9b2IVGlJyj
2A8xQCSwJgrXJ25/Oz3pjYvqHGAPfEXQc1vfn5SlzbpkLT6ygTULvrZFYqE5+WCg
08XICoZO6wzy8Mufx43V05mH/dSR8oEXxgkaCiqCu42xugd+jjCVIazVXqKkUhqb
uEQ+wOa3arXqRin2pS0vASYl3EXOuyN5OuOBAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUCQPXlABRKNki6JO37/+9j1EEYfEwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9DUVBYbEFCUktOa2k2Sk8zN18t
OWoxRUVZZkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEy6Dw
MA0GCSqGSIb3DQEBCwUAA4IBAQBEAx3kXv2dIa0FmuwAvrsAxpr9dn/cfOhfRA+K
IflWyEqd6s8ao832QgCVqKgoBSuoxQtEROO35zU/gJ7zSTGfqrYVqF1vdKaHz0Lm
G99xOsZM0ChxOGae7Amn8m5nRSLG/7MptsGUgmNO8FUBZ2kijrbRP04tCzmHxVvd
nycdxv5sKFyRZgdTWiVFAV98yH8bPMReE7KyNfaimNm4LAhwn7/h98zRQRuSDt0l
yN5PaaDNG9/XPE/c2DyP9OYoPefI/QoGNrRB62ke8ZZl7t8qFCog+3n5Y+vZaqA4
BJub7RTOUvsQqCjrEqDqWST3XFEaF4zvlerdAG64/LEBj8yZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:03 2023 by rpki-client on console-fra.rpki-client.org