Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/LVPBxBz6TwIw4QtP38bHT-05cHw.roa
File: LVPBxBz6TwIw4QtP38bHT-05cHw.roa (raw, json)
Hash identifier: wv9BEZgjHewWcJ5zUI0XhdQsxy32L7dZs+uU4FtNxuE=
Subject key identifier: 2D:53:C1:C4:1C:FA:4F:02:30:E1:0B:4F:DF:C6:C7:4F:ED:39:70:7C
Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Certificate serial: 0991
Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LVPBxBz6TwIw4QtP38bHT-05cHw.roa
Signing time: Sun 07 Feb 2021 13:05:55 +0000
ROA not before: Sun 07 Feb 2021 13:05:55 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131660
IP address blocks: 168.95.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2449 (0x991)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Validity
Not Before: Feb 7 13:05:55 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=2D53C1C41CFA4F0230E10B4FDFC6C74FED39707C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d4:01:51:20:1e:b4:8c:d4:02:c1:f0:4a:4e:
4d:52:15:fa:54:93:a1:81:52:af:b4:6d:82:d3:1d:
e1:0e:d8:b4:a3:51:80:12:e2:7f:e1:08:cd:46:ef:
d7:7c:f5:b9:14:6c:88:33:42:3b:8e:7a:2b:b7:02:
9f:ca:91:b1:09:b0:53:83:e9:ff:4d:b2:b0:66:e1:
94:43:34:99:0b:f6:87:bd:61:0d:cd:7b:8c:2c:fd:
b7:97:29:b6:52:cb:28:3c:e0:ac:ca:d1:75:31:0c:
ec:2b:00:88:20:e3:8a:87:b7:04:56:1d:15:cf:a6:
e8:ed:24:2e:70:59:70:ae:31:da:81:e1:cf:4b:2d:
20:c2:0f:40:a5:72:61:c2:05:e6:fa:c1:c7:d2:bd:
d3:96:81:01:89:de:f1:57:eb:19:7e:ea:cf:42:68:
f6:f8:0d:ee:1a:78:7d:e2:9e:37:7c:2d:3a:43:db:
aa:b2:e6:90:46:47:17:1f:69:07:74:df:a8:f1:b5:
5b:de:f1:3c:e3:5e:8e:eb:e9:54:52:0a:fa:e6:2a:
15:8e:2e:ac:ef:ca:81:77:cd:58:06:be:32:3a:af:
6c:28:dc:32:0b:d6:35:e5:af:7d:12:21:15:47:13:
e1:26:ce:69:6d:a7:89:94:01:54:89:33:33:a1:6c:
bb:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:53:C1:C4:1C:FA:4F:02:30:E1:0B:4F:DF:C6:C7:4F:ED:39:70:7C
X509v3 Authority Key Identifier:
keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/LVPBxBz6TwIw4QtP38bHT-05cHw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
168.95.246.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:e8:27:6a:3c:21:10:bf:15:74:29:e0:88:20:90:0b:65:32:
92:b6:de:79:2a:25:28:6b:98:c9:a3:15:97:d0:09:fe:21:d0:
ea:9b:d4:f9:3f:63:f9:54:ba:b3:eb:94:cb:4a:45:e5:ad:d8:
6c:4d:52:91:b2:51:02:f7:52:c3:11:14:29:1c:3f:7d:29:31:
3f:3f:5f:ed:88:23:64:ba:87:49:ca:63:ab:bc:ac:e4:4a:df:
71:3e:f9:8f:53:0b:45:5c:73:db:60:6c:ab:35:b5:e9:a9:2d:
6a:28:7a:80:73:82:15:22:0c:55:d3:ba:19:e0:3f:e9:92:5a:
38:aa:92:c6:53:12:c0:77:ab:0a:b1:d0:f9:75:66:8b:eb:fd:
2f:ae:cd:e0:3e:fe:a5:f7:58:b1:27:83:6d:b2:fc:d6:7b:d7:
24:ed:38:06:6a:19:e5:3d:11:7c:10:89:93:48:a1:0c:a7:ed:
36:9d:62:38:8a:ff:70:02:12:90:c3:5f:62:6b:8c:84:a6:d3:
1e:ea:ef:41:ec:3c:9b:5a:60:de:35:c6:a1:03:e0:3a:f8:28:
86:88:21:30:af:be:5d:ad:1d:47:3a:cd:21:19:dc:a5:d2:3f:
5e:6f:7e:45:bd:39:41:19:74:ce:c1:59:8f:c5:71:54:b4:3b:
a9:95:a6:28
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCZEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3
NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yMTAyMDcx
MzA1NTVaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDJENTNDMUM0MUNGQTRG
MDIzMEUxMEI0RkRGQzZDNzRGRUQzOTcwN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB1AFRIB60jNQCwfBKTk1SFfpUk6GBUq+0bYLTHeEO2LSjUYAS
4n/hCM1G79d89bkUbIgzQjuOeiu3Ap/KkbEJsFOD6f9NsrBm4ZRDNJkL9oe9YQ3N
e4ws/beXKbZSyyg84KzK0XUxDOwrAIgg44qHtwRWHRXPpujtJC5wWXCuMdqB4c9L
LSDCD0ClcmHCBeb6wcfSvdOWgQGJ3vFX6xl+6s9CaPb4De4aeH3injd8LTpD26qy
5pBGRxcfaQd036jxtVve8TzjXo7r6VRSCvrmKhWOLqzvyoF3zVgGvjI6r2wo3DIL
1jXlr30SIRVHE+Emzmltp4mUAVSJMzOhbLt5AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQULVPBxBz6TwIw4QtP38bHT+05cHwwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp
Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9MVlBCeEJ6NlR3SXc0UXRQMzhi
SFQtMDVjSHcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqF/2
MA0GCSqGSIb3DQEBCwUAA4IBAQBr6CdqPCEQvxV0KeCIIJALZTKStt55KiUoa5jJ
oxWX0An+IdDqm9T5P2P5VLqz65TLSkXlrdhsTVKRslEC91LDERQpHD99KTE/P1/t
iCNkuodJymOrvKzkSt9xPvmPUwtFXHPbYGyrNbXpqS1qKHqAc4IVIgxV07oZ4D/p
klo4qpLGUxLAd6sKsdD5dWaL6/0vrs3gPv6l91ixJ4NtsvzWe9ck7TgGahnlPRF8
EImTSKEMp+02nWI4iv9wAhKQw19ia4yEptMe6u9B7DybWmDeNcahA+A6+CiGiCEw
r75drR1HOs0hGdyl0j9eb35FvTlBGXTOwVmPxXFUtDuplaYo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:55 2023 by rpki-client on console-ams.rpki-client.org