Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/nQIXoHR0ZwMbAVMI9IjLxu6l9Vc.roa
File: nQIXoHR0ZwMbAVMI9IjLxu6l9Vc.roa (raw, json)
Hash identifier: 1QDPShDfrntkXNLTEC+zNx2Pa8ItUp3aYiW6eMXpjHU=
Subject key identifier: 9D:02:17:A0:74:74:67:03:1B:01:53:08:F4:88:CB:C6:EE:A5:F5:57
Certificate issuer: /CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Certificate serial: 0C73
Authority key identifier: C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nQIXoHR0ZwMbAVMI9IjLxu6l9Vc.roa
Signing time: Wed 29 Sep 2021 02:51:17 +0000
ROA not before: Wed 29 Sep 2021 02:51:17 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131660
IP address blocks: 114.25.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3187 (0xc73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C49E7B6F951B112F9106A96FE7F8774EAE802509
Validity
Not Before: Sep 29 02:51:17 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=9D0217A0747467031B015308F488CBC6EEA5F557
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ce:9f:4d:29:ac:2b:cb:4d:97:99:4b:c3:97:
dc:8d:4d:70:00:b6:34:63:11:1e:ff:53:45:0b:e4:
23:2f:f5:f1:80:57:69:88:ec:17:a9:89:c4:2e:86:
ac:ae:12:f6:08:54:29:bb:e5:c5:ad:e5:58:8c:c2:
3c:50:ab:5c:1f:93:37:2a:dd:6f:7f:d7:89:77:d3:
4c:9f:16:8b:ad:08:09:25:a0:60:bb:9a:52:a3:d3:
57:29:57:ac:5d:6f:2b:0a:eb:d6:7c:f2:ed:17:7d:
25:b9:9a:28:ec:3d:a8:a6:af:2c:37:5e:ec:a4:7b:
43:2b:01:36:a9:4a:29:a4:2b:12:6c:92:4e:93:4a:
da:8c:56:c3:94:c7:f2:8d:07:7f:ee:af:f0:b6:1e:
16:ee:ba:53:d7:a3:8f:12:2c:86:84:34:18:19:0b:
8c:3e:12:8b:bb:28:23:e6:84:81:37:a2:ce:69:9b:
5c:e8:63:7f:06:e0:08:83:a0:64:3f:b3:d4:6d:0b:
72:46:61:3d:1d:3d:bb:27:76:10:91:96:23:a7:2f:
a4:54:63:95:51:b6:34:60:14:fa:e7:c0:55:d9:02:
8a:05:7a:4e:6d:85:12:84:88:d2:a5:be:a3:b7:e2:
b1:20:00:6a:e2:73:a3:45:35:1c:34:e7:97:15:68:
df:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:02:17:A0:74:74:67:03:1B:01:53:08:F4:88:CB:C6:EE:A5:F5:57
X509v3 Authority Key Identifier:
keyid:C4:9E:7B:6F:95:1B:11:2F:91:06:A9:6F:E7:F8:77:4E:AE:80:25:09
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/xJ57b5UbES-RBqlv5_h3Tq6AJQk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xJ57b5UbES-RBqlv5_h3Tq6AJQk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/nQIXoHR0ZwMbAVMI9IjLxu6l9Vc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.25.250.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:05:aa:e6:4e:54:84:4b:f4:7f:ff:aa:13:b9:36:16:5a:8d:
57:6a:cb:69:46:16:a8:6d:22:57:09:b6:43:c3:06:8e:a3:d7:
0f:10:3d:01:41:09:b6:4b:60:82:46:48:dd:1f:8a:dd:4a:17:
70:8a:30:f3:e6:63:38:d1:67:e0:b9:17:a1:2d:6f:b2:8a:29:
ee:9e:64:6a:66:c7:c6:c1:ee:ae:a9:6e:78:4b:7c:6a:7c:5e:
cb:4e:eb:46:58:c3:54:77:3b:8e:ff:0c:fd:38:8f:0d:b2:d5:
7d:9a:49:e4:d2:e1:01:e6:4c:6e:eb:6c:f7:e2:44:f2:34:61:
62:e6:02:27:35:77:7a:19:e9:1a:b4:66:ec:60:83:f3:ce:0c:
09:63:59:a7:13:35:bf:51:5f:72:5f:07:bc:1a:93:95:03:79:
e0:a8:c1:81:9a:46:59:88:9e:fc:b5:cf:ce:bb:c4:9f:6f:fb:
e3:a5:4d:4f:65:d5:18:fa:f0:4b:7f:f7:9c:ea:49:08:ce:65:
dc:37:23:c2:bd:83:95:64:50:d4:c0:7f:95:bb:86:c0:fd:aa:
c2:37:bd:a2:05:ee:3e:2c:ad:b1:26:24:82:80:52:25:ed:42:
e6:bb:f4:63:70:5b:3b:f3:81:39:90:5a:47:0c:3f:a4:e5:68:
0e:76:d0:32
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICDHMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ5
RTdCNkY5NTFCMTEyRjkxMDZBOTZGRTdGODc3NEVBRTgwMjUwOTAeFw0yMTA5Mjkw
MjUxMTdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDlEMDIxN0EwNzQ3NDY3
MDMxQjAxNTMwOEY0ODhDQkM2RUVBNUY1NTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9zp9NKawry02XmUvDl9yNTXAAtjRjER7/U0UL5CMv9fGAV2mI
7BepicQuhqyuEvYIVCm75cWt5ViMwjxQq1wfkzcq3W9/14l300yfFoutCAkloGC7
mlKj01cpV6xdbysK69Z88u0XfSW5mijsPaimryw3Xuyke0MrATapSimkKxJskk6T
StqMVsOUx/KNB3/ur/C2HhbuulPXo48SLIaENBgZC4w+Eou7KCPmhIE3os5pm1zo
Y38G4AiDoGQ/s9RtC3JGYT0dPbsndhCRliOnL6RUY5VRtjRgFPrnwFXZAooFek5t
hRKEiNKlvqO34rEgAGric6NFNRw055cVaN/HAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUnQIXoHR0ZwMbAVMI9IjLxu6l9VcwHwYDVR0jBBgwFoAUxJ57b5UbES+RBqlv
5/h3Tq6AJQkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
eEo1N2I1VWJFUy1SQnFsdjVfaDNUcTZBSlFrLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS94SjU3YjVVYkVTLVJCcWx2NV9oM1RxNkFKUWsuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9uUUlYb0hSMFp3TWJBVk1JOUlq
THh1Nmw5VmMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAchn6
MA0GCSqGSIb3DQEBCwUAA4IBAQC6BarmTlSES/R//6oTuTYWWo1XastpRhaobSJX
CbZDwwaOo9cPED0BQQm2S2CCRkjdH4rdShdwijDz5mM40WfguRehLW+yiinunmRq
ZsfGwe6uqW54S3xqfF7LTutGWMNUdzuO/wz9OI8NstV9mknk0uEB5kxu62z34kTy
NGFi5gInNXd6GekatGbsYIPzzgwJY1mnEzW/UV9yXwe8GpOVA3ngqMGBmkZZiJ78
tc/Ou8Sfb/vjpU1PZdUY+vBLf/ec6kkIzmXcNyPCvYOVZFDUwH+Vu4bA/arCN72i
Be4+LK2xJiSCgFIl7ULmu/RjcFs784E5kFpHDD+k5WgOdtAy
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org