Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/E1HInsZVo2eDac37ylV46lmN21w.roa
File: E1HInsZVo2eDac37ylV46lmN21w.roa (raw, json)
Hash identifier: 5Yc6hfQnk2glUE7pbtR8Any/HtEm/waEMWogo9p1c+Q=
Subject key identifier: 13:51:C8:9E:C6:55:A3:67:83:69:CD:FB:CA:55:78:EA:59:8D:DB:5C
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0826
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/E1HInsZVo2eDac37ylV46lmN21w.roa
Signing time: Tue 29 Sep 2020 09:58:25 +0000
ROA not before: Tue 29 Sep 2020 09:58:25 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 3462
IP address blocks: 218.168.0.0/13 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2086 (0x826)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 09:58:25 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=1351C89EC655A3678369CDFBCA5578EA598DDB5C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bf:c5:85:80:d8:3f:08:57:06:35:46:e9:36:
76:ca:22:73:d7:3f:06:e1:3f:2d:81:46:e1:bb:79:
98:ee:c8:5d:6d:ef:a9:12:5b:4d:5b:ae:81:e7:77:
46:64:aa:dd:91:04:2e:64:1b:03:b9:dc:19:28:8f:
1e:07:f1:35:57:ed:b0:b1:40:18:bd:2b:17:1c:02:
c7:b3:36:b9:81:66:73:66:0b:8b:76:d4:6a:d7:59:
c6:7b:fa:c1:24:d1:ed:d1:6d:ee:31:10:15:42:57:
60:93:a3:14:26:01:a2:55:9e:a6:46:06:99:11:48:
9e:c7:3e:0d:f8:3c:20:d0:f0:84:a6:7d:0b:d2:30:
3c:7a:0d:47:a7:82:28:63:02:dc:20:e1:b3:75:68:
e6:f1:2c:e2:54:d8:ab:8b:e1:89:c2:b4:af:17:17:
e2:96:00:1d:a8:2a:db:c8:c4:58:48:22:34:eb:32:
05:85:c9:ca:8e:bc:02:dd:5e:22:a0:7c:40:6b:64:
59:1f:b6:6f:7f:c8:4e:90:b0:50:26:71:b9:6b:b2:
55:48:68:84:82:16:bd:45:90:7a:c6:82:2f:07:9f:
7b:0c:85:13:03:f2:f2:fe:c4:fa:76:93:f2:6b:73:
ae:b7:62:25:df:94:06:88:65:2d:1d:16:d7:b8:89:
92:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:51:C8:9E:C6:55:A3:67:83:69:CD:FB:CA:55:78:EA:59:8D:DB:5C
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/E1HInsZVo2eDac37ylV46lmN21w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
218.168.0.0/13
Signature Algorithm: sha256WithRSAEncryption
24:19:60:d1:5d:9d:3c:54:09:5a:8d:f0:f0:54:20:c7:d5:b7:
66:21:48:d6:ec:40:47:bc:67:07:05:08:62:5a:4e:5a:d6:74:
94:9e:a9:11:a5:24:7e:7e:2e:26:dc:84:89:e6:64:4a:85:8e:
21:83:14:b3:1e:41:b9:06:82:a2:a6:23:fc:41:2d:12:53:87:
67:9f:c8:ae:b9:ff:d6:51:0f:1f:46:62:cb:9d:53:d7:6b:bf:
dc:6e:41:73:10:9f:5f:79:13:cc:96:8f:11:e5:d7:28:56:65:
4c:63:c2:5c:9b:80:4d:c5:7e:8c:73:83:24:ec:54:5d:60:ed:
a6:32:46:bd:47:6f:e9:b5:d2:38:f0:1c:fe:bb:aa:d1:2f:5f:
5b:1f:98:f8:9f:87:a0:9f:c5:29:2c:69:8b:ce:8d:a9:91:9d:
8d:b6:8d:4c:76:61:59:b7:bf:61:8e:8c:c0:bd:84:bc:a7:10:
39:7f:2b:16:3b:34:32:df:f6:2c:5c:ad:ea:49:4f:13:44:76:
5f:b8:f5:e7:ff:89:56:0f:50:54:a1:69:77:94:ca:da:81:75:
bc:2a:ca:6d:9a:6b:b5:83:0b:67:dc:47:7b:4e:53:5a:56:c6:
9a:ef:74:74:28:74:34:d1:04:e5:b5:5f:0e:30:18:e6:d9:9a:
40:78:8a:5a
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCCYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4MjVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDEzNTFDODlFQzY1NUEz
Njc4MzY5Q0RGQkNBNTU3OEVBNTk4RERCNUMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpv8WFgNg/CFcGNUbpNnbKInPXPwbhPy2BRuG7eZjuyF1t76kS
W01broHnd0Zkqt2RBC5kGwO53Bkojx4H8TVX7bCxQBi9KxccAsezNrmBZnNmC4t2
1GrXWcZ7+sEk0e3Rbe4xEBVCV2CToxQmAaJVnqZGBpkRSJ7HPg34PCDQ8ISmfQvS
MDx6DUengihjAtwg4bN1aObxLOJU2KuL4YnCtK8XF+KWAB2oKtvIxFhIIjTrMgWF
ycqOvALdXiKgfEBrZFkftm9/yE6QsFAmcblrslVIaISCFr1FkHrGgi8Hn3sMhRMD
8vL+xPp2k/Jrc663YiXflAaIZS0dFte4iZLzAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUE1HInsZVo2eDac37ylV46lmN21wwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9FMUhJbnNaVm8yZURhYzM3eWxW
NDZsbU4yMXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMD2qgw
DQYJKoZIhvcNAQELBQADggEBACQZYNFdnTxUCVqN8PBUIMfVt2YhSNbsQEe8ZwcF
CGJaTlrWdJSeqRGlJH5+LibchInmZEqFjiGDFLMeQbkGgqKmI/xBLRJTh2efyK65
/9ZRDx9GYsudU9drv9xuQXMQn195E8yWjxHl1yhWZUxjwlybgE3FfoxzgyTsVF1g
7aYyRr1Hb+m10jjwHP67qtEvX1sfmPifh6CfxSksaYvOjamRnY22jUx2YVm3v2GO
jMC9hLynEDl/KxY7NDLf9ixcrepJTxNEdl+49ef/iVYPUFShaXeUytqBdbwqym2a
a7WDC2fcR3tOU1pWxprvdHQodDTRBOW1Xw4wGObZmkB4ilo=
-----END CERTIFICATE-----