Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/jNIsgr7RieoNKzVe5_-CXCrpP6k.roa
File: jNIsgr7RieoNKzVe5_-CXCrpP6k.roa (raw, json)
Hash identifier: HCk6aPD67QJK+s29EDJmYsZDqMkwdYaXyuPcAfUyXZM=
Subject key identifier: 8C:D2:2C:82:BE:D1:89:EA:0D:2B:35:5E:E7:FF:82:5C:2A:E9:3F:A9
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C22
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/jNIsgr7RieoNKzVe5_-CXCrpP6k.roa
Signing time: Wed 29 Sep 2021 02:50:55 +0000
ROA not before: Wed 29 Sep 2021 02:50:55 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 3462
IP address blocks: 211.20.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3106 (0xc22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:50:55 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=8CD22C82BED189EA0D2B355EE7FF825C2AE93FA9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d5:76:f3:88:f9:e4:1d:e9:06:b9:d3:10:37:
d4:8b:15:32:79:d8:85:fa:44:6e:0e:42:e4:5d:7e:
dc:26:7e:c3:2e:20:02:e4:51:da:b2:07:10:b8:c4:
b8:72:a4:c4:f8:47:c0:4e:67:39:df:31:9b:a4:36:
cc:a8:ce:a6:2d:03:76:0a:7d:c0:19:b8:6f:18:9f:
64:c8:a6:01:81:72:f5:2e:41:d3:63:fb:80:6d:5a:
9b:16:0b:c9:40:81:49:94:72:0a:8a:72:93:de:e3:
9d:0d:05:fd:84:f9:eb:64:be:fd:73:92:df:11:cf:
2c:4c:23:dc:6e:c7:be:37:e3:9c:3b:a1:f7:48:b8:
91:a6:a5:13:63:0a:0b:46:74:01:12:9e:a1:3a:ff:
8d:10:74:d4:c3:df:ff:d2:28:2b:e7:fc:31:61:1b:
52:59:27:2a:03:3c:72:22:dd:42:13:f6:c1:40:3e:
80:8b:04:e6:94:66:2f:c0:13:2b:dc:ce:1a:ec:2b:
e9:a3:65:57:04:69:eb:af:ff:74:e4:7b:3f:7a:e1:
99:63:9c:49:64:92:5b:32:52:c0:41:e6:26:b4:9f:
98:2a:b4:b9:7f:e2:f1:41:94:a6:de:6e:ce:79:62:
d0:98:58:31:e1:26:b1:02:42:06:e8:b4:0d:12:e9:
47:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D2:2C:82:BE:D1:89:EA:0D:2B:35:5E:E7:FF:82:5C:2A:E9:3F:A9
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/jNIsgr7RieoNKzVe5_-CXCrpP6k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:17:49:d6:b0:10:1b:8f:87:56:b0:79:34:8a:63:75:58:5b:
00:9a:07:d5:44:1c:79:d1:76:27:d4:38:d3:ab:76:36:66:17:
ed:f8:a5:37:20:27:ea:7a:77:75:f0:d4:ee:50:72:28:68:9b:
bc:61:ce:fc:a5:0e:2e:1f:8a:c9:7f:c6:a6:51:a5:54:85:3b:
ea:51:71:92:26:54:f2:e4:94:e0:28:f6:0d:37:b8:20:22:58:
af:03:d8:25:38:3d:cf:1c:e8:ad:02:ed:d1:d6:07:8f:c3:78:
be:47:a2:39:ff:d7:13:cb:f7:b7:9f:92:af:60:34:21:58:48:
8a:1d:21:a4:40:84:8d:ac:0b:d1:40:6f:44:c7:08:ff:39:0d:
9f:2a:21:47:a7:5a:09:d6:a7:a5:52:2d:b8:37:54:77:9c:be:
b5:52:53:5d:07:95:68:f9:95:3c:b4:df:b2:b7:8c:8c:d9:81:
c2:1f:1b:24:55:e8:bc:9d:7d:88:c4:d1:a5:0f:27:b3:41:36:
67:2c:f2:1f:38:87:d5:e7:b3:c2:2f:0f:e2:17:e6:70:72:0d:
a7:24:75:94:ef:69:c7:40:13:bb:09:32:8f:e8:37:60:1d:b3:
ae:4c:91:0a:3a:59:f6:bc:0b:0b:25:a0:15:ae:a4:66:9a:ca:
63:5a:b9:23
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICDCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUwNTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDhDRDIyQzgyQkVEMTg5
RUEwRDJCMzU1RUU3RkY4MjVDMkFFOTNGQTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC01XbziPnkHekGudMQN9SLFTJ52IX6RG4OQuRdftwmfsMuIALk
UdqyBxC4xLhypMT4R8BOZznfMZukNsyozqYtA3YKfcAZuG8Yn2TIpgGBcvUuQdNj
+4BtWpsWC8lAgUmUcgqKcpPe450NBf2E+etkvv1zkt8RzyxMI9xux74345w7ofdI
uJGmpRNjCgtGdAESnqE6/40QdNTD3//SKCvn/DFhG1JZJyoDPHIi3UIT9sFAPoCL
BOaUZi/AEyvczhrsK+mjZVcEaeuv/3Tkez964ZljnElkklsyUsBB5ia0n5gqtLl/
4vFBlKbebs55YtCYWDHhJrECQgbotA0S6Ue5AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUjNIsgr7RieoNKzVe5/+CXCrpP6kwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9qTklzZ3I3Umllb05LelZlNV8t
Q1hDcnBQNmsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMA0xQw
DQYJKoZIhvcNAQELBQADggEBAEgXSdawEBuPh1aweTSKY3VYWwCaB9VEHHnRdifU
ONOrdjZmF+34pTcgJ+p6d3Xw1O5Qcihom7xhzvylDi4fisl/xqZRpVSFO+pRcZIm
VPLklOAo9g03uCAiWK8D2CU4Pc8c6K0C7dHWB4/DeL5Hojn/1xPL97efkq9gNCFY
SIodIaRAhI2sC9FAb0THCP85DZ8qIUenWgnWp6VSLbg3VHecvrVSU10HlWj5lTy0
37K3jIzZgcIfGyRV6LydfYjE0aUPJ7NBNmcs8h84h9Xns8IvD+IX5nByDackdZTv
acdAE7sJMo/oN2Ads65MkQo6Wfa8CwsloBWupGaaymNauSM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org