Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/NIs4_HOkVo5gX-DX-zyuZY7PtTY.roa
File: NIs4_HOkVo5gX-DX-zyuZY7PtTY.roa (raw, json)
Hash identifier: sYQsjp5+O5jwLdHKMOXQ9wNGnOki/X0Y9FGL9B7XguE=
Subject key identifier: 34:8B:38:FC:73:A4:56:8E:60:5F:E0:D7:FB:3C:AE:65:8E:CF:B5:36
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0889
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NIs4_HOkVo5gX-DX-zyuZY7PtTY.roa
Signing time: Tue 29 Sep 2020 09:58:51 +0000
ROA not before: Tue 29 Sep 2020 09:58:51 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 3462
IP address blocks: 221.120.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2185 (0x889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 09:58:51 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=348B38FC73A4568E605FE0D7FB3CAE658ECFB536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f6:ad:b6:d5:48:d7:dc:ee:49:9f:ed:cd:50:
06:74:8d:6a:52:09:b9:56:51:e4:bb:e2:b4:11:f7:
84:0c:36:d1:7e:1e:38:22:f3:db:4c:00:2a:4a:4e:
61:08:fb:00:d9:ac:cf:f0:69:8d:41:84:75:96:75:
3a:f0:ff:46:7c:ff:df:64:b8:88:26:d7:4d:71:c4:
3f:91:8d:e4:12:b0:bf:b4:f8:4c:fc:29:ac:62:e7:
47:45:98:26:01:74:63:84:96:cb:fc:d9:7e:3d:17:
e6:6d:27:73:f5:f6:44:73:d6:d9:c7:75:8d:63:cd:
83:59:e7:f1:41:cc:b5:a3:7d:38:b5:f5:9f:ec:df:
61:4d:c0:9d:01:83:a3:a4:c5:31:5b:97:65:29:12:
67:6e:29:04:c4:37:37:54:76:2b:5e:05:61:5b:3d:
fe:7b:93:07:8d:b9:fb:5a:9d:91:f7:05:a9:e3:6f:
4d:f1:d0:bc:94:e5:9f:3d:59:0d:48:ad:a9:75:9d:
a2:fe:20:d1:ce:26:5b:1e:db:89:24:ff:b1:88:f2:
5f:82:22:b9:4e:74:7f:de:7b:4a:64:8b:1e:3c:2d:
d3:e5:ae:1c:ab:1f:fb:40:22:8c:73:26:a9:39:8b:
93:4d:36:32:83:1a:1d:1f:aa:52:94:73:24:51:14:
0d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8B:38:FC:73:A4:56:8E:60:5F:E0:D7:FB:3C:AE:65:8E:CF:B5:36
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/NIs4_HOkVo5gX-DX-zyuZY7PtTY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.120.21.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:58:68:50:19:69:8a:05:4b:3a:1a:f6:e7:86:94:77:79:c8:
71:c7:67:2f:48:3d:72:c9:de:35:8d:48:b1:23:dd:11:c9:27:
0c:98:6a:ee:80:dd:a7:72:74:b3:b6:87:fb:9c:3f:c4:f3:eb:
b0:8d:60:d0:77:4e:5f:92:5a:d2:e5:90:67:81:4a:02:3d:c6:
72:c5:58:fb:b8:ec:58:24:f3:3f:41:6d:ac:bb:87:40:bc:d7:
81:8b:f0:7b:92:7e:d5:51:51:4c:01:2a:2a:65:0f:81:04:68:
90:65:dd:99:5a:12:d1:72:e5:fd:44:56:4e:9e:74:7a:1f:b7:
4f:95:d1:ba:b1:f1:d0:32:95:2c:6e:2d:6e:58:01:18:45:3e:
83:f4:98:b9:59:24:a6:17:e1:97:b9:fb:0d:a5:94:87:f4:6a:
e7:d3:a4:6a:c1:de:65:fd:ce:30:cc:e3:56:38:68:7d:f6:7b:
17:0f:69:c4:a3:ca:9a:66:98:b8:0f:ae:f4:d1:4f:f5:6d:e9:
71:b6:c5:93:14:57:24:10:1b:77:36:2e:7e:5a:04:63:08:9e:
a6:73:81:3c:a5:1a:6a:4d:43:d7:17:94:fe:0c:d4:33:43:9c:
f8:b3:c2:26:49:a1:f1:8e:41:01:df:8e:b6:0d:8d:9b:fe:56:
5b:3d:7f:a2
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCIkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4NTFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDM0OEIzOEZDNzNBNDU2
OEU2MDVGRTBEN0ZCM0NBRTY1OEVDRkI1MzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDi9q221UjX3O5Jn+3NUAZ0jWpSCblWUeS74rQR94QMNtF+Hjgi
89tMACpKTmEI+wDZrM/waY1BhHWWdTrw/0Z8/99kuIgm101xxD+RjeQSsL+0+Ez8
Kaxi50dFmCYBdGOElsv82X49F+ZtJ3P19kRz1tnHdY1jzYNZ5/FBzLWjfTi19Z/s
32FNwJ0Bg6OkxTFbl2UpEmduKQTENzdUditeBWFbPf57kweNuftanZH3Banjb03x
0LyU5Z89WQ1Iral1naL+INHOJlse24kk/7GI8l+CIrlOdH/ee0pkix48LdPlrhyr
H/tAIoxzJqk5i5NNNjKDGh0fqlKUcyRRFA2vAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUNIs4/HOkVo5gX+DX+zyuZY7PtTYwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9OSXM0X0hPa1ZvNWdYLURYLXp5
dVpZN1B0VFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3XgV
MA0GCSqGSIb3DQEBCwUAA4IBAQCxWGhQGWmKBUs6GvbnhpR3echxx2cvSD1yyd41
jUixI90RyScMmGrugN2ncnSztof7nD/E8+uwjWDQd05fklrS5ZBngUoCPcZyxVj7
uOxYJPM/QW2su4dAvNeBi/B7kn7VUVFMASoqZQ+BBGiQZd2ZWhLRcuX9RFZOnnR6
H7dPldG6sfHQMpUsbi1uWAEYRT6D9Ji5WSSmF+GXufsNpZSH9Grn06Rqwd5l/c4w
zONWOGh99nsXD2nEo8qaZpi4D6700U/1belxtsWTFFckEBt3Ni5+WgRjCJ6mc4E8
pRpqTUPXF5T+DNQzQ5z4s8ImSaHxjkEB3462DY2b/lZbPX+i
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org