Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Riedx_BH3_DcNDneteRKCEJvjoU.roa
File: Riedx_BH3_DcNDneteRKCEJvjoU.roa (raw, json)
Hash identifier: j9+kKK/MCQgeDc3qfbH9jHvepTKr4n8eeSDu5b6Voag=
Subject key identifier: 46:27:9D:C7:F0:47:DF:F0:DC:34:39:DE:B5:E4:4A:08:42:6F:8E:85
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C3F
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Riedx_BH3_DcNDneteRKCEJvjoU.roa
Signing time: Wed 29 Sep 2021 02:51:04 +0000
ROA not before: Wed 29 Sep 2021 02:51:04 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 61.224.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3135 (0xc3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:51:04 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=46279DC7F047DFF0DC3439DEB5E44A08426F8E85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:78:c2:62:e6:14:35:6a:2e:fa:8c:e5:a5:bd:
cd:b0:56:bd:91:88:15:95:42:b1:d0:0a:c6:17:0d:
b2:da:4e:94:65:40:13:c5:cd:10:98:37:dd:7d:9b:
84:1b:97:71:c6:97:b0:dc:6f:46:bc:72:c2:de:39:
44:6a:1a:16:3a:b8:a9:cc:3e:5a:58:81:e2:5a:07:
ff:0d:f1:9f:25:d1:92:65:bc:66:ae:e9:34:cc:7b:
09:18:c1:f6:31:35:0a:72:93:c9:58:75:98:d7:86:
65:9d:ed:90:4c:1c:21:96:56:fc:d3:1b:ec:60:fb:
ab:e2:d3:48:4e:76:f6:53:fa:54:1b:28:65:97:5a:
c5:e0:60:1e:35:6f:f5:53:f3:37:4c:74:2c:d9:2e:
d0:3b:90:0c:c8:f6:12:42:4b:eb:68:b3:59:b4:7e:
e3:49:2b:8f:85:9c:53:72:f6:d8:83:37:b5:88:89:
ad:e5:6b:ee:75:56:24:3d:94:d0:0d:5a:4e:58:c2:
4d:1b:0b:54:e6:2f:ba:aa:2b:35:e2:6d:9d:0f:d0:
2a:64:42:2d:91:02:45:da:be:07:c4:14:6c:74:34:
1f:62:7f:28:b7:83:19:e7:86:51:45:6c:a8:fd:8c:
c3:4d:54:b1:64:59:19:3f:c8:03:10:87:29:7b:4b:
b9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:27:9D:C7:F0:47:DF:F0:DC:34:39:DE:B5:E4:4A:08:42:6F:8E:85
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Riedx_BH3_DcNDneteRKCEJvjoU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.224.0.0/14
Signature Algorithm: sha256WithRSAEncryption
39:b2:4e:67:d0:bc:00:76:64:8f:a0:c1:19:bf:d0:2f:0c:e9:
79:50:77:2b:74:9c:0d:ea:17:dc:52:1f:ee:6b:d3:5e:e1:c4:
52:f8:50:1d:76:54:d2:b0:6c:be:41:be:f9:15:f6:fd:71:8f:
2c:32:ab:81:de:f2:99:ba:b1:31:5a:d1:3a:96:6a:4d:7a:82:
10:7b:c9:c0:78:c7:38:42:06:d3:81:70:f7:29:2d:18:f7:ff:
94:e9:5b:58:45:a5:03:ef:76:40:31:4a:b7:b7:04:2e:e2:ef:
a3:ee:d3:52:76:f5:6b:94:ad:8b:fa:49:2b:f5:54:07:2a:4f:
18:02:d2:13:8e:75:e7:8b:34:e4:a1:5c:7d:9e:82:ab:00:3a:
ad:2e:ea:f9:78:97:25:8a:4d:46:90:71:76:a0:1c:3e:21:00:
d0:25:b2:59:62:8f:b1:a5:9b:e8:1d:3a:f5:25:e4:67:79:b6:
31:20:e2:26:1b:87:3d:3e:20:d2:b9:24:a7:74:87:e6:ce:e7:
dd:97:53:c2:f4:61:16:ec:94:e3:04:d1:6d:8d:7b:c0:c6:87:
e4:b1:99:51:41:59:5b:f2:80:12:43:92:98:0c:62:2a:84:dd:
dd:71:1f:f5:c8:f9:fb:57:21:d1:c7:85:7b:00:ea:0e:ec:d5:
f1:51:5f:e2
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDD8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDQ2Mjc5REM3RjA0N0RG
RjBEQzM0MzlERUI1RTQ0QTA4NDI2RjhFODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1eMJi5hQ1ai76jOWlvc2wVr2RiBWVQrHQCsYXDbLaTpRlQBPF
zRCYN919m4Qbl3HGl7Dcb0a8csLeOURqGhY6uKnMPlpYgeJaB/8N8Z8l0ZJlvGau
6TTMewkYwfYxNQpyk8lYdZjXhmWd7ZBMHCGWVvzTG+xg+6vi00hOdvZT+lQbKGWX
WsXgYB41b/VT8zdMdCzZLtA7kAzI9hJCS+tos1m0fuNJK4+FnFNy9tiDN7WIia3l
a+51ViQ9lNANWk5Ywk0bC1TmL7qqKzXibZ0P0CpkQi2RAkXavgfEFGx0NB9ifyi3
gxnnhlFFbKj9jMNNVLFkWRk/yAMQhyl7S7lpAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQURiedx/BH3/DcNDneteRKCEJvjoUwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9SaWVkeF9CSDNfRGNORG5ldGVS
S0NFSnZqb1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCPeAw
DQYJKoZIhvcNAQELBQADggEBADmyTmfQvAB2ZI+gwRm/0C8M6XlQdyt0nA3qF9xS
H+5r017hxFL4UB12VNKwbL5BvvkV9v1xjywyq4He8pm6sTFa0TqWak16ghB7ycB4
xzhCBtOBcPcpLRj3/5TpW1hFpQPvdkAxSre3BC7i76Pu01J29WuUrYv6SSv1VAcq
TxgC0hOOdeeLNOShXH2egqsAOq0u6vl4lyWKTUaQcXagHD4hANAlsllij7Glm+gd
OvUl5Gd5tjEg4iYbhz0+INK5JKd0h+bO592XU8L0YRbslOME0W2Ne8DGh+SxmVFB
WVvygBJDkpgMYiqE3d1xH/XI+ftXIdHHhXsA6g7s1fFRX+I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org