Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/cuGPZdmgkJJZbBA1ermWYRsM9GQ.roa
File: cuGPZdmgkJJZbBA1ermWYRsM9GQ.roa (raw, json)
Hash identifier: Gnq0XT8NDaKdCIgJd10V0wGN7BR336TmWfzC1YDGu0E=
Subject key identifier: 72:E1:8F:65:D9:A0:90:92:59:6C:10:35:7A:B9:96:61:1B:0C:F4:64
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0AA1
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/cuGPZdmgkJJZbBA1ermWYRsM9GQ.roa
Signing time: Sun 07 Feb 2021 11:38:31 +0000
ROA not before: Sun 07 Feb 2021 11:38:31 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 3462
IP address blocks: 211.20.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2721 (0xaa1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Feb 7 11:38:31 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=72E18F65D9A09092596C10357AB996611B0CF464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9d:27:dd:5c:1e:63:0e:fb:75:c6:75:28:d3:
96:46:69:f8:30:4d:bc:cf:15:3f:2f:b5:5f:8f:73:
88:7b:03:dc:5e:e6:e9:f0:13:55:48:2a:74:cd:26:
cb:05:f3:c7:b9:77:d9:c4:75:63:02:af:16:86:6e:
e7:ea:0c:b6:25:01:68:2c:bc:5b:58:88:6c:ad:9b:
c4:e7:f8:98:09:e2:8b:5a:32:ba:06:41:6b:5a:2d:
b1:26:c5:0e:b4:aa:ae:15:85:0a:e0:b9:c1:6e:e9:
cd:1f:6f:da:d6:d6:f4:0e:b4:c3:b3:70:68:3b:d1:
3c:9d:9b:3d:ed:bc:5b:58:b0:5f:a5:7f:59:c0:d5:
81:8e:4d:03:2b:d1:90:ee:7b:99:fb:ba:3a:25:4f:
b6:bd:75:71:9e:f2:f8:51:97:39:1a:48:78:14:0e:
c8:0e:3b:a8:61:69:cc:0f:de:27:6d:a1:ac:bb:71:
ae:83:1c:6e:5d:f8:52:bf:c2:02:41:3d:16:f2:45:
dc:fa:8e:f8:97:63:2c:db:ea:fd:bf:4d:33:b9:ae:
16:b5:93:88:cc:45:14:4b:aa:27:5c:f1:8d:70:f2:
e8:bb:8b:c2:c5:f2:71:ce:dd:70:44:06:f5:de:e2:
7c:5d:99:13:14:46:24:9c:99:04:af:e9:41:aa:c7:
29:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E1:8F:65:D9:A0:90:92:59:6C:10:35:7A:B9:96:61:1B:0C:F4:64
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/cuGPZdmgkJJZbBA1ermWYRsM9GQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
53:a7:89:d5:33:87:6d:b0:ab:3a:ef:d2:04:cd:c0:06:bf:7d:
68:88:eb:c1:b2:da:27:95:ce:4b:d4:9e:29:9a:4e:1c:e0:0f:
ce:62:db:59:93:8d:0f:d9:12:cc:27:25:95:e9:73:04:b1:13:
7b:35:1e:79:9a:cc:e3:f2:39:1e:7d:6a:94:45:9a:90:f0:72:
f5:6d:fc:b7:c7:ae:c7:47:a7:b4:01:9f:f7:a0:8d:0e:15:2c:
52:a6:fc:2e:cd:80:38:7f:46:96:8d:e2:7b:2c:e3:0b:7d:74:
05:72:4b:61:a4:e5:de:a6:dc:ef:ca:8c:bd:97:bb:67:9d:bf:
16:ea:7f:a8:a1:52:f3:a8:2f:d0:6b:f0:6f:1e:ae:7b:00:ad:
1f:e8:30:af:e2:bd:e8:ec:08:2c:f9:92:43:c1:69:96:20:7f:
89:d5:c0:6d:7b:13:59:53:73:87:de:8a:f6:4e:61:6a:55:10:
35:98:79:8f:db:da:f0:39:4f:4e:fd:23:0d:7d:42:df:4e:48:
aa:cd:bc:97:30:80:8d:8f:6e:24:08:93:e6:7f:b8:06:85:a7:
a8:44:46:9e:69:1d:56:e9:05:ec:77:94:4c:35:bf:03:6e:19:
28:d6:b5:ca:70:2d:4e:47:34:a4:b3:40:3d:16:93:7c:4b:32:
3a:20:77:49
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCqEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTAyMDcx
MTM4MzFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDcyRTE4RjY1RDlBMDkw
OTI1OTZDMTAzNTdBQjk5NjYxMUIwQ0Y0NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDSnSfdXB5jDvt1xnUo05ZGafgwTbzPFT8vtV+Pc4h7A9xe5unw
E1VIKnTNJssF88e5d9nEdWMCrxaGbufqDLYlAWgsvFtYiGytm8Tn+JgJ4otaMroG
QWtaLbEmxQ60qq4VhQrgucFu6c0fb9rW1vQOtMOzcGg70Tydmz3tvFtYsF+lf1nA
1YGOTQMr0ZDue5n7ujolT7a9dXGe8vhRlzkaSHgUDsgOO6hhacwP3idtoay7ca6D
HG5d+FK/wgJBPRbyRdz6jviXYyzb6v2/TTO5rha1k4jMRRRLqidc8Y1w8ui7i8LF
8nHO3XBEBvXe4nxdmRMURiScmQSv6UGqxym5AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUcuGPZdmgkJJZbBA1ermWYRsM9GQwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9jdUdQWmRtZ2tKSlpiQkExZXJt
V1lSc005R1Eucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xQw
DQYJKoZIhvcNAQELBQADggEBAFOnidUzh22wqzrv0gTNwAa/fWiI68Gy2ieVzkvU
nimaThzgD85i21mTjQ/ZEswnJZXpcwSxE3s1HnmazOPyOR59apRFmpDwcvVt/LfH
rsdHp7QBn/egjQ4VLFKm/C7NgDh/RpaN4nss4wt9dAVyS2Gk5d6m3O/KjL2Xu2ed
vxbqf6ihUvOoL9Br8G8ernsArR/oMK/ivejsCCz5kkPBaZYgf4nVwG17E1lTc4fe
ivZOYWpVEDWYeY/b2vA5T079Iw19Qt9OSKrNvJcwgI2PbiQIk+Z/uAaFp6hERp5p
HVbpBex3lEw1vwNuGSjWtcpwLU5HNKSzQD0Wk3xLMjogd0k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org