Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/a4jeiq1yu0uvofGZVOmbUnftN7g.roa
File: a4jeiq1yu0uvofGZVOmbUnftN7g.roa (raw, json)
Hash identifier: lMQrpLzttQb8A4nnYcObpMywSvSkxSNx5wQhRFvJurk=
Subject key identifier: 6B:88:DE:8A:AD:72:BB:4B:AF:A1:F1:99:54:E9:9B:52:77:ED:37:B8
Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Certificate serial: 0C2F
Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/a4jeiq1yu0uvofGZVOmbUnftN7g.roa
Signing time: Fri 01 Sep 2023 08:57:28 +0000
ROA not before: Fri 01 Sep 2023 08:57:28 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131660
IP address blocks: 168.95.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3119 (0xc2f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Validity
Not Before: Sep 1 08:57:28 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=6B88DE8AAD72BB4BAFA1F19954E99B5277ED37B8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:87:f9:e7:7a:64:79:51:16:2c:37:2c:18:f6:
94:4a:ed:f6:5e:29:e0:5f:27:a2:e1:fd:55:6e:09:
b8:e0:72:7d:4c:16:4f:70:da:94:bd:af:6c:22:7b:
23:e2:ad:1b:e9:27:76:76:c0:2e:f0:36:4d:91:69:
1f:7a:5c:d0:47:a5:de:61:8c:ef:df:56:0e:77:f1:
97:ff:a0:b8:7b:57:33:d3:d6:60:3e:33:79:55:c6:
64:0d:7a:35:0d:b5:bb:f2:7b:4c:92:ad:59:07:45:
e4:6e:42:f1:85:77:72:b0:ba:04:0f:72:f1:02:5a:
8f:de:ff:8c:3d:a3:75:29:5e:de:4e:71:ff:4b:e9:
39:ee:6c:5e:e7:8a:91:93:bd:a1:bf:fb:a3:b2:41:
2c:c5:fc:da:af:9e:9f:69:bb:7a:d5:c6:cb:61:a9:
86:f7:c0:5f:47:6d:1e:6c:76:e5:a7:6e:0a:f6:2f:
8c:e1:29:88:ac:eb:fb:5b:59:81:b0:83:ac:30:86:
12:0d:a4:ce:f7:b7:fc:64:0d:e1:44:d5:99:41:b6:
45:5d:03:3f:ed:f8:bf:cb:ee:9d:6c:31:61:c6:23:
ef:80:31:ef:98:ca:0c:29:9e:bc:f6:24:86:2b:44:
9b:70:9a:16:7e:0a:73:98:52:f7:a7:80:92:f2:48:
e2:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:88:DE:8A:AD:72:BB:4B:AF:A1:F1:99:54:E9:9B:52:77:ED:37:B8
X509v3 Authority Key Identifier:
keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/a4jeiq1yu0uvofGZVOmbUnftN7g.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
168.95.245.0/24
Signature Algorithm: sha256WithRSAEncryption
14:eb:7a:aa:61:65:e0:28:21:27:b3:c4:6a:63:53:1f:c5:a6:
6f:32:55:31:4e:03:2f:e1:7b:04:e0:f9:a1:30:6e:cb:01:80:
2a:d6:90:f7:54:6d:50:e5:95:59:8c:05:22:4d:5f:7c:a5:0d:
c7:5f:28:47:59:ca:41:1f:f4:9f:ea:44:fd:55:64:62:b3:4a:
2e:01:ba:59:98:51:a2:bb:0d:a3:c6:5a:05:70:e7:cd:ff:c2:
ed:37:5f:90:be:f5:f9:ed:e1:1e:62:ea:53:de:bc:c0:3d:32:
8b:fd:6d:5f:38:e1:7a:0d:95:03:0e:11:20:0a:6f:b3:8c:6e:
a4:a0:d6:e7:df:ad:e5:77:38:79:4b:37:a7:c4:65:25:f5:d2:
bb:f6:f6:4c:26:6b:86:9e:21:8d:1c:a7:e1:fe:1c:32:25:13:
fe:83:2d:eb:8e:47:89:fd:27:a2:c8:f8:9d:66:e8:3e:8d:18:
11:24:95:53:bb:02:a8:00:c1:43:a0:b6:f3:90:e8:aa:a8:5f:
07:d3:06:0c:16:72:23:60:c4:58:08:b5:3a:11:4c:05:c1:51:
67:aa:a6:82:59:13:5f:6b:a5:bb:54:c5:67:d0:cf:74:53:41:
c5:19:d0:45:ee:6b:57:1e:e8:ff:b4:c4:f5:c8:97:9f:55:da:
1e:7c:7a:2f
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDC8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3
NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yMzA5MDEw
ODU3MjhaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDZCODhERThBQUQ3MkJC
NEJBRkExRjE5OTU0RTk5QjUyNzdFRDM3QjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCfh/nnemR5URYsNywY9pRK7fZeKeBfJ6Lh/VVuCbjgcn1MFk9w
2pS9r2wieyPirRvpJ3Z2wC7wNk2RaR96XNBHpd5hjO/fVg538Zf/oLh7VzPT1mA+
M3lVxmQNejUNtbvye0ySrVkHReRuQvGFd3KwugQPcvECWo/e/4w9o3UpXt5Ocf9L
6TnubF7nipGTvaG/+6OyQSzF/Nqvnp9pu3rVxsthqYb3wF9HbR5sduWnbgr2L4zh
KYis6/tbWYGwg6wwhhINpM73t/xkDeFE1ZlBtkVdAz/t+L/L7p1sMWHGI++AMe+Y
ygwpnrz2JIYrRJtwmhZ+CnOYUvengJLySOJxAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUa4jeiq1yu0uvofGZVOmbUnftN7gwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp
Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9hNGplaXExeXUwdXZvZkdaVk9t
YlVuZnRON2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqF/1
MA0GCSqGSIb3DQEBCwUAA4IBAQAU63qqYWXgKCEns8RqY1MfxaZvMlUxTgMv4XsE
4PmhMG7LAYAq1pD3VG1Q5ZVZjAUiTV98pQ3HXyhHWcpBH/Sf6kT9VWRis0ouAbpZ
mFGiuw2jxloFcOfN/8LtN1+QvvX57eEeYupT3rzAPTKL/W1fOOF6DZUDDhEgCm+z
jG6koNbn363ldzh5SzenxGUl9dK79vZMJmuGniGNHKfh/hwyJRP+gy3rjkeJ/Sei
yPidZug+jRgRJJVTuwKoAMFDoLbzkOiqqF8H0wYMFnIjYMRYCLU6EUwFwVFnqqaC
WRNfa6W7VMVn0M90U0HFGdBF7mtXHuj/tMT1yJefVdoefHov
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:23:19 2025 by rpki-client