Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/iDqcauQOuvtk93powZf4OoxUzBA.roa
File: iDqcauQOuvtk93powZf4OoxUzBA.roa (raw, json)
Hash identifier: 22FkPUpEJJos8r/aBDWSirOXLkXkibxHATBUosQmQ0Y=
Subject key identifier: 88:3A:9C:6A:E4:0E:BA:FB:64:F7:7A:68:C1:97:F8:3A:8C:54:CC:10
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0BED
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/iDqcauQOuvtk93powZf4OoxUzBA.roa
Signing time: Wed 29 Sep 2021 02:50:40 +0000
ROA not before: Wed 29 Sep 2021 02:50:40 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 2001:b000::/21 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3053 (0xbed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:50:40 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=883A9C6AE40EBAFB64F77A68C197F83A8C54CC10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:bc:88:b0:c8:4b:31:20:19:77:62:40:4a:09:
9c:72:2c:61:5d:06:3a:14:fe:2d:8e:ef:16:8f:c5:
ce:bd:8c:c5:10:dc:d1:6e:9e:5e:b2:b2:05:86:8b:
c8:2b:f6:e0:47:9e:6a:9c:e2:5f:42:4f:ce:3c:c4:
90:0f:dc:c4:57:1b:7e:b5:56:14:f1:c2:64:7e:d7:
0b:21:4e:cb:fc:b8:88:83:3d:07:37:e0:15:fa:cf:
0b:8b:89:b4:2e:31:48:1c:67:a3:1b:90:7a:d5:af:
52:9c:46:5a:d2:ca:f2:22:e2:ce:67:1c:69:78:cb:
22:27:c3:24:bd:53:39:81:97:3a:53:1d:9e:9d:63:
9b:0c:c7:36:a7:b9:46:2a:e8:85:ba:df:b9:c5:73:
fe:23:ea:38:80:35:17:6c:18:c7:0e:ea:30:6a:a5:
eb:30:53:d5:c0:ff:cd:6f:c6:e1:17:98:34:f0:ef:
4d:11:74:3a:81:49:4c:8d:65:87:e9:6f:8a:b3:2d:
19:35:50:b0:4d:27:91:af:e1:4d:f6:e4:a1:2f:85:
31:c5:10:6f:27:b2:94:cc:05:d1:78:af:6d:b1:17:
01:9d:6b:c8:ee:ce:50:37:02:8c:ef:50:78:7c:40:
66:af:a0:ee:f0:15:5e:45:c0:cf:56:d2:34:d2:8b:
e1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:3A:9C:6A:E4:0E:BA:FB:64:F7:7A:68:C1:97:F8:3A:8C:54:CC:10
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/iDqcauQOuvtk93powZf4OoxUzBA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv6:
2001:b000::/21
Signature Algorithm: sha256WithRSAEncryption
bd:0f:02:3a:eb:be:7b:85:ed:63:2c:66:30:b2:09:9a:dc:0d:
ef:89:e0:0f:32:b8:d8:1b:55:87:40:bb:25:50:74:cd:95:36:
44:9c:40:12:a9:39:9c:0b:7e:48:b3:50:b7:92:d9:d4:4a:a4:
0c:e0:6e:79:66:57:fc:8e:4a:af:2e:ff:e1:8a:70:87:00:70:
54:84:4a:d2:88:60:52:b8:5b:7f:e9:6c:75:c8:e0:93:a2:a9:
71:b1:fd:0a:c9:8c:38:0a:a0:a1:a8:c2:fa:14:aa:15:00:55:
a0:fb:2f:58:99:c6:07:c8:fe:b1:7e:bd:f6:b0:57:74:5c:45:
42:5a:d3:c9:70:31:bd:80:17:a1:4a:b6:1f:b0:54:5a:cd:44:
43:ea:dd:43:2d:0a:89:ff:13:bc:41:ab:55:ef:f7:65:e3:94:
77:34:82:f4:48:ac:8c:c0:3e:8b:81:79:a9:d1:fa:61:9f:56:
28:5c:4a:92:6b:98:7a:24:f4:05:fd:d5:46:43:91:bb:e2:7a:
7b:2e:90:e5:9a:02:00:bb:36:3d:5e:81:27:06:6b:bb:c8:85:
d9:20:5b:90:b0:d6:b5:21:0e:27:b7:cd:25:5f:7a:43:39:76:
a8:93:6a:6a:c7:8a:d1:71:9a:79:b9:19:75:c4:24:44:02:2e:
29:3f:46:dc
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC+0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUwNDBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg4M0E5QzZBRTQwRUJB
RkI2NEY3N0E2OEMxOTdGODNBOEM1NENDMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDxvIiwyEsxIBl3YkBKCZxyLGFdBjoU/i2O7xaPxc69jMUQ3NFu
nl6ysgWGi8gr9uBHnmqc4l9CT848xJAP3MRXG361VhTxwmR+1wshTsv8uIiDPQc3
4BX6zwuLibQuMUgcZ6MbkHrVr1KcRlrSyvIi4s5nHGl4yyInwyS9UzmBlzpTHZ6d
Y5sMxzanuUYq6IW637nFc/4j6jiANRdsGMcO6jBqpeswU9XA/81vxuEXmDTw700R
dDqBSUyNZYfpb4qzLRk1ULBNJ5Gv4U325KEvhTHFEG8nspTMBdF4r22xFwGda8ju
zlA3AozvUHh8QGavoO7wFV5FwM9W0jTSi+GHAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUiDqcauQOuvtk93powZf4OoxUzBAwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9pRHFjYXVRT3V2dGs5M3Bvd1pm
NE9veFV6QkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAAjAGAwQDIAGw
MA0GCSqGSIb3DQEBCwUAA4IBAQC9DwI66757he1jLGYwsgma3A3vieAPMrjYG1WH
QLslUHTNlTZEnEASqTmcC35Is1C3ktnUSqQM4G55Zlf8jkqvLv/hinCHAHBUhErS
iGBSuFt/6Wx1yOCToqlxsf0KyYw4CqChqML6FKoVAFWg+y9YmcYHyP6xfr32sFd0
XEVCWtPJcDG9gBehSrYfsFRazURD6t1DLQqJ/xO8QatV7/dl45R3NIL0SKyMwD6L
gXmp0fphn1YoXEqSa5h6JPQF/dVGQ5G74np7LpDlmgIAuzY9XoEnBmu7yIXZIFuQ
sNa1IQ4nt80lX3pDOXaok2pqx4rRcZp5uRl1xCREAi4pP0bc
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:55 2023 by rpki-client on console-ams.rpki-client.org