Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/Thc9Oh4cfprj3wKU7e3K7wjzXtg.roa
File: Thc9Oh4cfprj3wKU7e3K7wjzXtg.roa (raw, json)
Hash identifier: 6LzZ2KqdmhFy7uDAuwwRVLcMH83fMnKMCsCW7xvdIt4=
Subject key identifier: 4E:17:3D:3A:1E:1C:7E:9A:E3:DF:02:94:ED:ED:CA:EF:08:F3:5E:D8
Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Certificate serial: 0A38
Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Thc9Oh4cfprj3wKU7e3K7wjzXtg.roa
Signing time: Wed 29 Sep 2021 02:51:23 +0000
ROA not before: Wed 29 Sep 2021 02:51:23 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131660
IP address blocks: 168.95.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2616 (0xa38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Validity
Not Before: Sep 29 02:51:23 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=4E173D3A1E1C7E9AE3DF0294EDEDCAEF08F35ED8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:15:9d:3e:5c:93:80:21:d9:fe:e6:1e:71:48:
4f:61:26:05:dc:a8:d5:94:24:d3:4a:50:9c:53:72:
78:50:f9:31:91:60:95:dc:98:46:d9:54:5b:6b:ad:
0b:9e:97:2d:38:84:bc:41:7a:fd:8e:17:19:39:95:
28:95:b7:66:75:93:12:c5:6b:91:b0:14:7a:69:d3:
82:40:8b:f0:e3:51:b0:00:34:8b:ca:5e:c8:b1:73:
f2:0f:1c:05:84:72:93:aa:63:67:63:15:67:7d:e6:
b7:4f:99:99:fc:32:9f:ef:ff:6e:4d:67:32:b9:ca:
00:5c:b2:69:81:19:1f:1c:55:68:5a:9c:05:d0:25:
92:30:a2:a0:2c:8b:75:a7:90:32:a0:d2:a5:04:62:
01:ca:70:7d:e4:f0:77:5a:0a:3e:4b:63:32:59:7b:
92:7f:26:29:93:b9:6a:91:1a:f0:4b:61:97:f9:4c:
ba:9c:da:79:dc:05:61:3b:48:88:92:7d:7c:af:f3:
41:03:cb:34:06:4f:b2:2b:88:50:7e:fa:2b:78:e5:
b4:bb:e7:de:81:d7:d7:c2:18:a2:c2:c1:5e:5c:17:
f4:c5:61:8d:1a:dc:47:c0:77:67:38:f8:20:64:56:
98:13:57:ee:7d:d2:35:a5:1b:dc:f1:47:71:33:6e:
25:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:17:3D:3A:1E:1C:7E:9A:E3:DF:02:94:ED:ED:CA:EF:08:F3:5E:D8
X509v3 Authority Key Identifier:
keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/Thc9Oh4cfprj3wKU7e3K7wjzXtg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
168.95.246.0/24
Signature Algorithm: sha256WithRSAEncryption
29:45:12:c4:46:6d:f7:a3:bf:0f:0b:5c:83:7b:1a:9d:da:35:
1e:4a:e5:e3:87:e0:85:1e:48:da:48:f9:bb:3d:27:b9:05:e4:
2a:b8:76:f1:2b:9d:62:cc:a8:b7:b4:77:c5:8c:8c:ea:94:e4:
2a:de:74:05:98:9a:7a:13:84:6f:24:02:fb:66:e5:86:f1:3a:
7e:ca:8e:24:a2:5f:e5:29:d3:f6:82:1c:bf:16:d2:8e:77:fa:
0d:72:96:c1:1d:84:0c:f1:3a:9c:66:60:9d:e0:72:86:31:0c:
ee:79:86:16:f5:52:0e:55:d2:62:3d:e1:87:9d:3e:12:2a:50:
4f:a3:a6:42:79:e3:f2:67:ef:55:5b:3a:a6:51:46:33:1f:39:
b3:cd:14:1b:c7:7d:78:ee:f3:68:ad:f7:ec:55:f9:0a:04:1f:
b2:c1:05:39:68:59:b7:d6:84:b0:6f:03:2c:cc:11:1f:c6:4e:
83:2b:11:d9:30:16:89:4c:ff:fa:f1:1d:89:3c:5c:6a:8b:94:
aa:97:3a:b2:a9:3d:f3:75:ad:ef:9d:82:71:0c:d2:ec:d8:b5:
84:a2:c6:56:32:71:c5:c9:e5:43:d5:98:31:ee:5e:fe:fd:d0:
f3:6e:56:17:07:ed:ac:67:70:8c:8a:8d:11:bf:f6:6d:eb:34:
71:94:4d:09
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCjgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3
NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yMTA5Mjkw
MjUxMjNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDRFMTczRDNBMUUxQzdF
OUFFM0RGMDI5NEVERURDQUVGMDhGMzVFRDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNFZ0+XJOAIdn+5h5xSE9hJgXcqNWUJNNKUJxTcnhQ+TGRYJXc
mEbZVFtrrQuely04hLxBev2OFxk5lSiVt2Z1kxLFa5GwFHpp04JAi/DjUbAANIvK
Xsixc/IPHAWEcpOqY2djFWd95rdPmZn8Mp/v/25NZzK5ygBcsmmBGR8cVWhanAXQ
JZIwoqAsi3WnkDKg0qUEYgHKcH3k8HdaCj5LYzJZe5J/JimTuWqRGvBLYZf5TLqc
2nncBWE7SIiSfXyv80EDyzQGT7IriFB++it45bS7596B19fCGKLCwV5cF/TFYY0a
3EfAd2c4+CBkVpgTV+590jWlG9zxR3EzbiWVAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUThc9Oh4cfprj3wKU7e3K7wjzXtgwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp
Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9UaGM5T2g0Y2Zwcmozd0tVN2Uz
Szd3anpYdGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqF/2
MA0GCSqGSIb3DQEBCwUAA4IBAQApRRLERm33o78PC1yDexqd2jUeSuXjh+CFHkja
SPm7PSe5BeQquHbxK51izKi3tHfFjIzqlOQq3nQFmJp6E4RvJAL7ZuWG8Tp+yo4k
ol/lKdP2ghy/FtKOd/oNcpbBHYQM8TqcZmCd4HKGMQzueYYW9VIOVdJiPeGHnT4S
KlBPo6ZCeePyZ+9VWzqmUUYzHzmzzRQbx3147vNorffsVfkKBB+ywQU5aFm31oSw
bwMszBEfxk6DKxHZMBaJTP/68R2JPFxqi5SqlzqyqT3zda3vnYJxDNLs2LWEosZW
MnHFyeVD1Zgx7l7+/dDzblYXB+2sZ3CMio0Rv/Zt6zRxlE0J
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:55 2023 by rpki-client on console-ams.rpki-client.org