Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/lLJr1XvxODkp5hSitAQyRcJun0s.roa
File: lLJr1XvxODkp5hSitAQyRcJun0s.roa (raw, json)
Hash identifier: 3ZnWuNUleBZPn9nn/uhaFU2asW6jSJONdtSLDCpIy8Y=
Subject key identifier: 94:B2:6B:D5:7B:F1:38:39:29:E6:14:A2:B4:04:32:45:C2:6E:9F:4B
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 085C
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/lLJr1XvxODkp5hSitAQyRcJun0s.roa
Signing time: Tue 29 Sep 2020 09:58:40 +0000
ROA not before: Tue 29 Sep 2020 09:58:40 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 3462
IP address blocks: 118.168.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2140 (0x85c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 09:58:40 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=94B26BD57BF1383929E614A2B4043245C26E9F4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8b:01:ca:7c:e6:42:1d:5e:94:a6:d3:a5:79:
e4:eb:c8:bb:5a:f6:92:5a:0f:4d:6a:e4:56:04:f0:
44:a0:0d:be:0f:99:ab:85:63:d2:22:41:0e:c4:06:
46:9a:6f:91:8b:88:61:0a:bd:39:7d:28:d1:75:d8:
05:8a:63:ac:5d:28:09:3c:fa:08:11:13:5d:a8:ea:
b7:5d:4b:fd:20:27:df:7e:94:f8:44:4f:7d:64:5b:
a4:f9:34:25:ca:bb:ee:5c:4b:82:14:d7:ca:04:8b:
85:6f:46:b9:d9:96:82:16:2a:d8:9c:71:6d:49:a3:
6b:16:f8:69:c9:49:58:d6:23:ab:5a:d1:7a:ad:04:
57:f3:f6:2f:82:91:c5:c5:e4:6e:c9:76:a1:05:0b:
77:3d:2b:2c:be:21:42:61:09:f6:53:61:18:29:14:
be:4d:19:cf:38:c2:ab:b1:ac:44:55:8f:a7:56:e1:
9a:8a:42:7c:a5:3a:85:41:3c:ba:03:ce:ec:15:62:
9e:0c:e3:9f:f6:9c:85:95:88:18:86:0f:00:10:d7:
dd:9e:49:b1:52:34:48:20:63:cf:5e:1d:6e:1a:c6:
8a:00:9b:e2:b3:79:7c:81:db:70:e1:80:f4:d3:6b:
7f:54:83:78:a2:4b:e3:46:e5:27:dc:11:f8:53:bb:
49:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:B2:6B:D5:7B:F1:38:39:29:E6:14:A2:B4:04:32:45:C2:6E:9F:4B
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/lLJr1XvxODkp5hSitAQyRcJun0s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.168.0.0/14
Signature Algorithm: sha256WithRSAEncryption
3b:81:3e:57:19:dc:b4:3d:88:f0:86:3a:a9:00:da:9a:2a:ec:
37:3a:a5:01:d3:4a:c5:72:cd:d8:56:72:d1:0e:4f:c5:40:9a:
d0:49:de:64:0d:36:3b:c1:79:37:de:30:bb:3d:1c:f6:b3:7f:
9d:22:75:39:a2:9a:2e:10:43:31:84:cd:91:e5:3e:e4:30:63:
57:73:e1:25:de:4b:20:11:13:54:ce:74:fb:88:c5:03:64:7b:
3c:75:b9:ee:55:32:ba:c8:d9:6c:19:ac:dc:76:9f:cf:55:41:
59:5c:63:0a:1f:ba:6a:cd:e3:00:5c:e3:bd:40:d2:6e:fd:81:
38:b4:0b:42:75:01:6a:b0:f0:0a:be:dd:b5:9e:02:13:61:46:
f9:94:ee:88:76:e7:43:82:d2:4f:2e:83:01:03:b8:ab:ff:68:
50:d8:29:90:55:d9:5c:3a:be:dd:f1:f8:dd:57:2c:38:3d:74:
fe:eb:1c:2d:ef:7d:00:10:f9:f7:9f:10:10:13:f7:79:69:a8:
10:44:26:b3:f4:3e:ae:0c:7d:86:30:5c:c4:ca:6d:65:59:13:
c0:49:34:cc:9c:96:77:fb:13:c3:17:0d:07:dd:4f:ba:c5:95:
08:4c:cc:ee:92:ec:8e:bc:b6:40:cf:8c:b5:b3:ae:56:7f:16:
2c:5e:2a:0b
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgICCFwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMDA5Mjkw
OTU4NDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDk0QjI2QkQ1N0JGMTM4
MzkyOUU2MTRBMkI0MDQzMjQ1QzI2RTlGNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDViwHKfOZCHV6UptOleeTryLta9pJaD01q5FYE8ESgDb4PmauF
Y9IiQQ7EBkaab5GLiGEKvTl9KNF12AWKY6xdKAk8+ggRE12o6rddS/0gJ99+lPhE
T31kW6T5NCXKu+5cS4IU18oEi4VvRrnZloIWKticcW1Jo2sW+GnJSVjWI6ta0Xqt
BFfz9i+CkcXF5G7JdqEFC3c9Kyy+IUJhCfZTYRgpFL5NGc84wquxrERVj6dW4ZqK
QnylOoVBPLoDzuwVYp4M45/2nIWViBiGDwAQ192eSbFSNEggY89eHW4axooAm+Kz
eXyB23DhgPTTa39Ug3iiS+NG5SfcEfhTu0m1AgMBAAGjggHrMIIB5zAdBgNVHQ4E
FgQUlLJr1XvxODkp5hSitAQyRcJun0swHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9sTEpyMVh2eE9Ea3A1aFNpdEFR
eVJjSnVuMHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMCdqgw
DQYJKoZIhvcNAQELBQADggEBADuBPlcZ3LQ9iPCGOqkA2poq7Dc6pQHTSsVyzdhW
ctEOT8VAmtBJ3mQNNjvBeTfeMLs9HPazf50idTmimi4QQzGEzZHlPuQwY1dz4SXe
SyARE1TOdPuIxQNkezx1ue5VMrrI2WwZrNx2n89VQVlcYwofumrN4wBc471A0m79
gTi0C0J1AWqw8Aq+3bWeAhNhRvmU7oh250OC0k8ugwEDuKv/aFDYKZBV2Vw6vt3x
+N1XLDg9dP7rHC3vfQAQ+fefEBAT93lpqBBEJrP0Pq4MfYYwXMTKbWVZE8BJNMyc
lnf7E8MXDQfdT7rFlQhMzO6S7I68tkDPjLWzrlZ/FixeKgs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org