Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HINET/o5fmbwH4gsPCtU9EMmuRkeHTfOg.roa
File: o5fmbwH4gsPCtU9EMmuRkeHTfOg.roa (raw, json)
Hash identifier: 17n4nuskxfgfmSCRDWUF0+vsgGG5ATIYRZS05fJ4g/I=
Subject key identifier: A3:97:E6:6F:01:F8:82:C3:C2:B5:4F:44:32:6B:91:91:E1:D3:7C:E8
Certificate issuer: /CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Certificate serial: 0982
Authority key identifier: 58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/o5fmbwH4gsPCtU9EMmuRkeHTfOg.roa
Signing time: Sun 07 Feb 2021 11:47:34 +0000
ROA not before: Sun 07 Feb 2021 11:47:34 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9680
IP address blocks: 168.95.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2434 (0x982)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5876E4B8DFAA224C019D246931FC3CD7A4FEED2A
Validity
Not Before: Feb 7 11:47:34 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A397E66F01F882C3C2B54F44326B9191E1D37CE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:94:da:07:88:ce:c3:4f:a7:b8:e7:63:b8:8e:
70:cf:96:be:8b:a7:50:cd:0e:ee:fc:b7:19:65:e5:
c2:36:d8:f4:35:be:70:4a:99:11:ef:4f:d8:15:6a:
6b:40:90:00:8d:ea:e2:cc:31:ff:07:50:29:cf:1f:
f5:25:9c:7e:d0:9b:42:5d:e2:b6:70:00:c9:2f:ba:
a9:f0:ea:d6:16:ca:33:28:6f:2b:05:65:92:81:1e:
4b:fe:a4:9c:4f:1c:93:dd:84:f6:2b:3b:d2:a6:09:
f2:51:0a:85:3a:b2:21:22:1d:2b:f5:d1:83:25:97:
10:1f:b5:bb:dd:8d:4c:83:21:58:6e:a5:82:c5:22:
48:7a:ca:d5:1e:f4:ea:0e:d6:43:e3:7c:b4:89:fa:
4c:7b:be:3d:48:10:0c:70:df:bc:20:d3:51:79:36:
16:f1:09:39:3c:ff:74:9f:03:18:ad:8e:14:79:9a:
7c:48:3c:b3:01:a4:e9:e3:d3:f7:c6:7a:8d:80:12:
74:1a:ef:ff:2e:7a:32:02:c8:b2:79:04:31:82:31:
8d:24:f2:ec:8b:b6:5d:40:72:08:c7:d7:7d:4a:25:
a5:75:ec:6d:75:41:dc:07:cc:36:0c:53:26:d5:66:
cb:21:47:54:08:c5:6e:ff:cd:68:d0:3e:9a:f8:ed:
6d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:97:E6:6F:01:F8:82:C3:C2:B5:4F:44:32:6B:91:91:E1:D3:7C:E8
X509v3 Authority Key Identifier:
keyid:58:76:E4:B8:DF:AA:22:4C:01:9D:24:69:31:FC:3C:D7:A4:FE:ED:2A
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/WHbkuN-qIkwBnSRpMfw816T-7So.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/WHbkuN-qIkwBnSRpMfw816T-7So.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HINET/o5fmbwH4gsPCtU9EMmuRkeHTfOg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
168.95.245.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:27:c1:65:be:dd:2b:0a:a3:2b:a1:41:ba:0f:bd:bd:96:91:
87:45:43:0e:db:08:f5:37:5c:a4:f2:04:f6:4e:70:3c:0f:99:
0e:e7:34:91:7e:23:32:a1:fb:a0:a3:cc:82:cb:c5:be:82:6e:
7b:d1:c0:fe:a6:ee:28:b3:55:67:89:83:11:47:00:f4:ba:39:
b9:70:83:47:95:8b:01:f5:33:25:a1:6b:84:b9:85:c8:f8:ac:
ba:e4:bf:54:8d:c9:f2:79:65:a5:00:d7:5e:39:c8:39:5e:6b:
68:91:89:56:5c:ce:15:c6:5f:51:fc:7e:69:33:68:6a:96:66:
14:ee:c0:9b:b4:d6:64:dd:17:64:db:5a:bc:c5:79:05:40:c9:
a5:41:4c:94:d6:3d:55:ea:76:8f:cf:e1:69:2e:2f:a8:13:5a:
cf:1b:f7:ff:82:14:3b:f3:f1:15:30:96:06:bd:9b:88:95:3b:
5a:a8:5c:d3:14:1d:a1:03:00:ee:f6:68:79:68:76:b6:32:96:
5d:e7:1c:66:5a:e5:77:27:ad:40:36:65:e5:ce:e1:54:dc:35:
9f:81:00:7f:87:63:e3:0b:95:af:5f:af:86:3a:9c:73:ee:5c:
fc:9d:e9:67:88:88:ec:b5:4a:02:ac:5a:15:44:8d:3a:e4:60:
dd:aa:76:7e
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCYIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTg3
NkU0QjhERkFBMjI0QzAxOUQyNDY5MzFGQzNDRDdBNEZFRUQyQTAeFw0yMTAyMDcx
MTQ3MzRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEEzOTdFNjZGMDFGODgy
QzNDMkI1NEY0NDMyNkI5MTkxRTFEMzdDRTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5lNoHiM7DT6e452O4jnDPlr6Lp1DNDu78txll5cI22PQ1vnBK
mRHvT9gVamtAkACN6uLMMf8HUCnPH/UlnH7Qm0Jd4rZwAMkvuqnw6tYWyjMobysF
ZZKBHkv+pJxPHJPdhPYrO9KmCfJRCoU6siEiHSv10YMllxAftbvdjUyDIVhupYLF
Ikh6ytUe9OoO1kPjfLSJ+kx7vj1IEAxw37wg01F5NhbxCTk8/3SfAxitjhR5mnxI
PLMBpOnj0/fGeo2AEnQa7/8uejICyLJ5BDGCMY0k8uyLtl1AcgjH131KJaV17G11
QdwHzDYMUybVZsshR1QIxW7/zWjQPpr47W0lAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUo5fmbwH4gsPCtU9EMmuRkeHTfOgwHwYDVR0jBBgwFoAUWHbkuN+qIkwBnSRp
Mfw816T+7SowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSElORVQv
V0hia3VOLXFJa3dCblNScE1mdzgxNlQtN1NvLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9XSGJrdU4tcUlrd0JuU1JwTWZ3ODE2VC03U28uY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ISU5FVC9vNWZtYndINGdzUEN0VTlFTW11
UmtlSFRmT2cucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqF/1
MA0GCSqGSIb3DQEBCwUAA4IBAQAvJ8Flvt0rCqMroUG6D729lpGHRUMO2wj1N1yk
8gT2TnA8D5kO5zSRfiMyofugo8yCy8W+gm570cD+pu4os1VniYMRRwD0ujm5cINH
lYsB9TMloWuEuYXI+Ky65L9UjcnyeWWlANdeOcg5XmtokYlWXM4Vxl9R/H5pM2hq
lmYU7sCbtNZk3Rdk21q8xXkFQMmlQUyU1j1V6naPz+FpLi+oE1rPG/f/ghQ78/EV
MJYGvZuIlTtaqFzTFB2hAwDu9mh5aHa2MpZd5xxmWuV3J61ANmXlzuFU3DWfgQB/
h2PjC5WvX6+GOpxz7lz8nelniIjstUoCrFoVRI065GDdqnZ+
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:37 2024 by rpki-client on console-fra.rpki-client.org