Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Nubp7g72kcd95waT5QFeA8y6aGw.roa
File: Nubp7g72kcd95waT5QFeA8y6aGw.roa (raw, json)
Hash identifier: ghkj/hVl6RTmJdfTuWuOlVASqv08o9HJc6ZQh+F435A=
Subject key identifier: 36:E6:E9:EE:0E:F6:91:C7:7D:E7:06:93:E5:01:5E:03:CC:BA:68:6C
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C38
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Nubp7g72kcd95waT5QFeA8y6aGw.roa
Signing time: Wed 29 Sep 2021 02:51:01 +0000
ROA not before: Wed 29 Sep 2021 02:51:01 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 60.248.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3128 (0xc38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:51:01 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=36E6E9EE0EF691C77DE70693E5015E03CCBA686C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b4:35:53:70:27:ed:77:ee:51:58:1c:2a:36:
42:57:bf:b7:c2:d3:da:98:9a:9f:19:a0:49:3b:f1:
01:8e:ba:32:b4:2a:3f:1d:4f:ef:5d:bb:17:8a:4b:
4a:30:fb:49:c5:10:85:94:58:66:26:a1:5e:4c:f0:
28:89:50:5b:b3:bf:30:a6:74:f9:db:0c:76:9d:cb:
6e:57:8a:dd:e5:07:e5:ee:65:ec:9f:0e:5e:08:05:
4e:d5:9f:1e:bc:e1:dd:25:8d:46:69:4b:5b:a7:be:
82:66:30:56:2a:d9:c3:61:55:46:46:c0:9d:b5:73:
4b:eb:5c:0c:ec:fa:66:10:97:06:cb:24:28:df:45:
19:a3:e0:1f:54:11:79:2b:20:ef:cc:9e:ca:c4:a1:
37:d6:76:c9:c5:07:bc:4b:72:8a:e9:3e:ea:d2:74:
5e:c9:c4:e8:89:82:cb:1e:a3:5a:91:c5:7e:a5:04:
7b:0d:0a:9f:22:01:08:5f:3c:96:0b:20:6a:4f:82:
7e:f8:f2:36:6f:58:b6:70:e2:b2:d6:65:01:63:a9:
73:c5:1d:7d:59:b5:6b:f9:99:96:ca:e4:a5:e7:f9:
2a:77:7c:f8:a9:c9:38:e8:90:3e:a2:bf:d5:57:ec:
14:6e:c7:5f:9c:d1:74:ed:d3:fc:0c:7a:63:4b:79:
28:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E6:E9:EE:0E:F6:91:C7:7D:E7:06:93:E5:01:5E:03:CC:BA:68:6C
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Nubp7g72kcd95waT5QFeA8y6aGw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
60.248.0.0/16
Signature Algorithm: sha256WithRSAEncryption
70:76:ba:8b:53:36:bd:e5:4c:fe:55:53:81:6e:52:0b:c7:13:
93:d0:c9:0e:2c:43:11:4a:47:a5:9a:74:f3:f1:ae:e3:d6:b9:
38:bb:68:4e:0f:19:cd:ac:39:46:b5:98:4c:68:26:9b:fc:a8:
88:e8:b6:7f:13:47:01:86:4f:ff:7b:1d:77:6c:95:cf:5f:1f:
1a:a2:aa:a0:fb:bb:ea:41:e0:a0:4e:5e:4c:80:dc:57:71:81:
e4:fa:65:19:6a:5f:fb:0b:7b:7e:4d:1c:37:7a:3b:59:ce:69:
f9:30:86:cd:d7:94:0f:f3:15:68:94:65:d2:56:b1:cc:c2:3b:
6e:75:89:a4:45:b9:4f:4e:b5:89:c1:13:01:ec:9c:b1:a6:79:
b8:f7:fd:20:cb:01:53:de:77:96:0d:ce:97:f8:d1:9d:d1:85:
1a:82:98:bb:19:a8:7e:0c:88:53:11:1d:2c:62:7a:87:66:77:
f8:8e:04:9b:08:04:3b:ba:3f:ff:fa:fa:d2:83:5d:66:97:3d:
c5:c8:d2:d5:bb:3d:16:88:3e:47:d7:09:05:3a:b4:82:bf:ae:
23:28:4c:4a:e1:fb:f9:6e:eb:c8:72:e5:a6:73:8d:dd:35:a3:
1f:05:76:ac:6c:16:4e:bb:09:fd:c4:76:ab:b2:82:70:07:27:
a9:5f:f9:cd
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDDgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM2RTZFOUVFMEVGNjkx
Qzc3REU3MDY5M0U1MDE1RTAzQ0NCQTY4NkMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHtDVTcCftd+5RWBwqNkJXv7fC09qYmp8ZoEk78QGOujK0Kj8d
T+9duxeKS0ow+0nFEIWUWGYmoV5M8CiJUFuzvzCmdPnbDHady25Xit3lB+XuZeyf
Dl4IBU7Vnx684d0ljUZpS1unvoJmMFYq2cNhVUZGwJ21c0vrXAzs+mYQlwbLJCjf
RRmj4B9UEXkrIO/MnsrEoTfWdsnFB7xLcorpPurSdF7JxOiJgsseo1qRxX6lBHsN
Cp8iAQhfPJYLIGpPgn748jZvWLZw4rLWZQFjqXPFHX1ZtWv5mZbK5KXn+Sp3fPip
yTjokD6iv9VX7BRux1+c0XTt0/wMemNLeSgRAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUNubp7g72kcd95waT5QFeA8y6aGwwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9OdWJwN2c3MmtjZDk1d2FUNVFG
ZUE4eTZhR3cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAPPgw
DQYJKoZIhvcNAQELBQADggEBAHB2uotTNr3lTP5VU4FuUgvHE5PQyQ4sQxFKR6Wa
dPPxruPWuTi7aE4PGc2sOUa1mExoJpv8qIjotn8TRwGGT/97HXdslc9fHxqiqqD7
u+pB4KBOXkyA3FdxgeT6ZRlqX/sLe35NHDd6O1nOafkwhs3XlA/zFWiUZdJWsczC
O251iaRFuU9OtYnBEwHsnLGmebj3/SDLAVPed5YNzpf40Z3RhRqCmLsZqH4MiFMR
HSxieodmd/iOBJsIBDu6P//6+tKDXWaXPcXI0tW7PRaIPkfXCQU6tIK/riMoTErh
+/lu68hy5aZzjd01ox8FdqxsFk67Cf3EdquygnAHJ6lf+c0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org