Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/iH1Mb70AkTXFDZDsaB5heJZ0l8E.roa
File: iH1Mb70AkTXFDZDsaB5heJZ0l8E.roa (raw, json)
Hash identifier: CfjX49U8NtwifDZy9Y4ikvii1ZeQvoMAA/s0ODwr9NI=
Subject key identifier: 88:7D:4C:6F:BD:00:91:35:C5:0D:90:EC:68:1E:61:78:96:74:97:C1
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C36
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/iH1Mb70AkTXFDZDsaB5heJZ0l8E.roa
Signing time: Wed 29 Sep 2021 02:51:01 +0000
ROA not before: Wed 29 Sep 2021 02:51:01 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 59.120.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3126 (0xc36)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:51:01 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=887D4C6FBD009135C50D90EC681E6178967497C1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0f:f9:df:b8:71:8b:61:c1:5f:d9:c3:2f:13:
1a:1e:61:aa:da:d5:b2:12:d6:5d:19:6b:de:b1:6a:
54:e1:06:85:65:b0:89:f1:d1:0e:b7:28:d4:aa:99:
54:18:78:1a:d8:12:6f:04:c0:de:db:e3:98:5b:f1:
95:44:af:c0:5f:5d:e2:37:4d:a6:c6:6f:51:b8:8e:
a4:42:6b:59:6f:a8:a4:76:2f:90:c2:ab:4a:8e:2f:
88:8b:0d:e7:94:48:47:9c:80:b0:0b:e8:18:41:b4:
27:bb:3e:e0:27:56:39:7b:54:d8:89:84:8b:31:26:
df:ad:55:31:2b:3d:81:b8:e5:09:ec:e1:2b:47:fa:
d9:24:4f:3f:35:08:62:1a:4b:f4:a6:83:62:cc:aa:
e7:97:4d:42:ee:0a:a6:93:e0:a4:b9:48:b8:f3:f9:
0c:4d:23:b3:2b:4c:aa:39:a1:96:8e:2b:9f:6f:43:
80:c4:e1:89:6d:f3:93:64:4d:64:0f:ff:81:f7:1d:
4b:0a:01:71:bb:66:c0:54:e8:32:71:df:5f:8d:07:
f6:93:bc:23:25:9a:ee:04:bb:c3:4b:df:61:c6:67:
c7:63:0a:37:d5:e0:7b:a9:7c:10:2a:a4:d1:6d:3e:
a5:f2:3c:c4:c7:ad:ed:99:40:96:e7:f0:35:dd:86:
ec:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7D:4C:6F:BD:00:91:35:C5:0D:90:EC:68:1E:61:78:96:74:97:C1
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/iH1Mb70AkTXFDZDsaB5heJZ0l8E.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
59.120.0.0/14
Signature Algorithm: sha256WithRSAEncryption
30:10:79:d2:b1:08:db:4f:0d:f3:c6:b8:ae:fc:57:76:58:e2:
54:e9:25:05:8b:74:4a:41:65:8e:6b:ca:4d:b1:56:04:6c:e8:
a1:d8:b5:8d:a0:d2:1b:cb:d3:aa:98:7f:d2:aa:ee:f7:1b:1d:
91:05:bc:3a:25:65:db:f1:24:c3:d1:44:9c:62:67:51:7c:b6:
21:cb:aa:05:d5:07:30:10:8a:a1:48:0e:b4:e6:66:6a:bf:16:
26:20:f5:38:c3:c4:7c:a4:35:72:5e:af:b1:45:9f:96:32:71:
3e:ce:a6:f9:5c:98:0a:ed:ba:fe:fc:5f:66:92:e3:15:57:2d:
51:95:68:e8:8b:b2:d4:52:19:91:8c:7b:2a:8b:4a:ac:25:78:
cb:05:72:55:a4:8f:dd:b5:95:71:d1:c2:37:34:8b:3d:82:ba:
f7:d6:4f:a6:24:67:19:9b:6f:e6:d0:0e:9e:48:4b:9d:97:ff:
9f:c0:3f:67:66:6b:c7:5e:bd:c0:af:22:0f:21:03:35:f2:3b:
f8:c3:78:a4:45:71:bc:54:32:17:4b:21:ad:4e:3c:ba:5b:d0:
af:3f:f3:75:99:84:8a:57:70:7b:6b:55:69:33:cb:cf:ab:97:
1d:07:1c:ef:c4:11:35:0b:20:0f:b3:fe:20:81:70:f3:87:5a:
43:61:5f:93
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDDYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg4N0Q0QzZGQkQwMDkx
MzVDNTBEOTBFQzY4MUU2MTc4OTY3NDk3QzEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDfD/nfuHGLYcFf2cMvExoeYara1bIS1l0Za96xalThBoVlsInx
0Q63KNSqmVQYeBrYEm8EwN7b45hb8ZVEr8BfXeI3TabGb1G4jqRCa1lvqKR2L5DC
q0qOL4iLDeeUSEecgLAL6BhBtCe7PuAnVjl7VNiJhIsxJt+tVTErPYG45Qns4StH
+tkkTz81CGIaS/Smg2LMqueXTULuCqaT4KS5SLjz+QxNI7MrTKo5oZaOK59vQ4DE
4Ylt85NkTWQP/4H3HUsKAXG7ZsBU6DJx31+NB/aTvCMlmu4Eu8NL32HGZ8djCjfV
4HupfBAqpNFtPqXyPMTHre2ZQJbn8DXdhuxhAgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUiH1Mb70AkTXFDZDsaB5heJZ0l8EwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9pSDFNYjcwQWtUWEZEWkRzYUI1
aGVKWjBsOEUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCO3gw
DQYJKoZIhvcNAQELBQADggEBADAQedKxCNtPDfPGuK78V3ZY4lTpJQWLdEpBZY5r
yk2xVgRs6KHYtY2g0hvL06qYf9Kq7vcbHZEFvDolZdvxJMPRRJxiZ1F8tiHLqgXV
BzAQiqFIDrTmZmq/FiYg9TjDxHykNXJer7FFn5YycT7OpvlcmArtuv78X2aS4xVX
LVGVaOiLstRSGZGMeyqLSqwleMsFclWkj921lXHRwjc0iz2CuvfWT6YkZxmbb+bQ
Dp5IS52X/5/AP2dma8devcCvIg8hAzXyO/jDeKRFcbxUMhdLIa1OPLpb0K8/83WZ
hIpXcHtrVWkzy8+rlx0HHO/EETULIA+z/iCBcPOHWkNhX5M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org