Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/h_TG42HYIsFkwqbtJfCNsJsoCLA.roa
File: h_TG42HYIsFkwqbtJfCNsJsoCLA.roa (raw, json)
Hash identifier: gO4WYMYkg8YElfZ9qj+NOcDGu/D0jfDE2EERcxCVHkE=
Subject key identifier: 87:F4:C6:E3:61:D8:22:C1:64:C2:A6:ED:25:F0:8D:B0:9B:28:08:B0
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C79
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/h_TG42HYIsFkwqbtJfCNsJsoCLA.roa
Signing time: Wed 29 Sep 2021 02:51:18 +0000
ROA not before: Wed 29 Sep 2021 02:51:18 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 221.120.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3193 (0xc79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:51:18 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=87F4C6E361D822C164C2A6ED25F08DB09B2808B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:83:6d:c7:b9:f8:1a:36:ca:32:26:42:35:1c:
87:7d:c9:ac:bc:84:ea:8f:5e:b3:d7:fc:b0:27:94:
b8:fa:10:98:2d:4a:ee:de:9e:f0:28:82:ca:49:00:
02:5c:27:f0:e5:45:16:37:86:a5:fa:9d:a0:4a:3e:
03:3f:b5:91:61:ac:d3:3b:40:95:b0:9e:3c:fb:c5:
84:cb:e0:86:25:50:8d:96:16:bf:9e:c1:fa:55:93:
fe:24:a7:d3:2f:21:cc:61:a2:d3:71:09:28:b7:09:
1c:90:4d:e2:94:df:58:13:82:54:97:1e:07:e0:fd:
a2:03:66:22:3b:c0:79:e1:e6:3d:2d:e9:ff:b6:42:
f9:8e:b0:62:41:59:da:c3:71:79:49:ba:26:76:91:
2e:cc:bc:c0:17:c5:3f:2b:f9:2d:ec:f5:1b:77:39:
97:d3:b0:3c:3b:67:60:58:28:75:f8:1a:4b:ff:d1:
ab:e8:01:53:a7:35:24:fb:6c:36:a6:39:ed:b2:24:
c2:86:dd:64:87:5b:88:0c:8d:02:be:6f:8a:cd:2e:
d5:ff:6f:47:ca:4b:f3:2b:22:5f:3a:5a:1b:80:55:
a1:8f:a6:bb:e1:26:bd:07:f5:89:1a:05:6e:be:7f:
cb:68:4b:df:87:2b:ba:95:a1:35:b5:d6:98:c5:43:
9d:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F4:C6:E3:61:D8:22:C1:64:C2:A6:ED:25:F0:8D:B0:9B:28:08:B0
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/h_TG42HYIsFkwqbtJfCNsJsoCLA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
221.120.21.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:86:8c:1b:08:9d:c6:fb:93:be:a6:e1:10:21:87:13:5c:9d:
a5:b5:a7:72:fe:d9:b1:af:f5:0d:84:7a:e4:c0:45:7b:12:ec:
8e:ee:92:92:90:79:f5:b0:66:58:21:9b:e6:46:ce:9e:d0:b1:
d2:f7:aa:48:20:00:80:30:b5:64:7b:6f:b3:ca:e0:3c:cc:9f:
c4:84:e5:2b:69:fa:e9:e7:d3:0c:eb:ae:80:6a:8c:d7:c6:8f:
31:50:86:e0:5e:43:34:da:04:8e:49:0b:bf:94:c4:41:4f:c7:
ce:89:a4:cb:84:9f:52:0d:57:3a:fb:da:37:c9:78:40:21:6e:
24:76:0f:6f:ed:ca:ae:e9:19:3b:c5:87:72:e5:c9:c5:a8:2a:
b0:5f:94:86:44:c7:90:73:6a:86:1f:97:3c:c9:a8:da:9c:ec:
76:d7:19:8c:8a:55:96:9f:3b:0d:b0:5c:19:b5:7c:31:72:a1:
53:50:9a:9d:cd:06:18:58:6f:62:b9:95:d5:45:52:c9:6c:02:
51:68:25:58:c7:69:12:33:ac:57:1f:9e:b4:66:0a:a8:79:0e:
a1:1e:2d:d6:27:90:be:88:0b:21:cc:67:5e:08:c3:6b:2f:14:
0f:24:2f:97:30:2c:e1:da:79:27:d7:48:e2:7b:1f:7d:6b:32:
44:df:0c:d3
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDHkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMThaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg3RjRDNkUzNjFEODIy
QzE2NEMyQTZFRDI1RjA4REIwOUIyODA4QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3g23HufgaNsoyJkI1HId9yay8hOqPXrPX/LAnlLj6EJgtSu7e
nvAogspJAAJcJ/DlRRY3hqX6naBKPgM/tZFhrNM7QJWwnjz7xYTL4IYlUI2WFr+e
wfpVk/4kp9MvIcxhotNxCSi3CRyQTeKU31gTglSXHgfg/aIDZiI7wHnh5j0t6f+2
QvmOsGJBWdrDcXlJuiZ2kS7MvMAXxT8r+S3s9Rt3OZfTsDw7Z2BYKHX4Gkv/0avo
AVOnNST7bDamOe2yJMKG3WSHW4gMjQK+b4rNLtX/b0fKS/MrIl86WhuAVaGPprvh
Jr0H9YkaBW6+f8toS9+HK7qVoTW11pjFQ51bAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUh/TG42HYIsFkwqbtJfCNsJsoCLAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9oX1RHNDJIWUlzRmt3cWJ0SmZD
TnNKc29DTEEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3XgV
MA0GCSqGSIb3DQEBCwUAA4IBAQCyhowbCJ3G+5O+puEQIYcTXJ2ltady/tmxr/UN
hHrkwEV7EuyO7pKSkHn1sGZYIZvmRs6e0LHS96pIIACAMLVke2+zyuA8zJ/EhOUr
afrp59MM666AaozXxo8xUIbgXkM02gSOSQu/lMRBT8fOiaTLhJ9SDVc6+9o3yXhA
IW4kdg9v7cqu6Rk7xYdy5cnFqCqwX5SGRMeQc2qGH5c8yajanOx21xmMilWWnzsN
sFwZtXwxcqFTUJqdzQYYWG9iuZXVRVLJbAJRaCVYx2kSM6xXH560ZgqoeQ6hHi3W
J5C+iAshzGdeCMNrLxQPJC+XMCzh2nkn10jiex99azJE3wzT
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org