Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/HLCATV/3GTSTOceNCh0yESinjAimOYBhPE.roa
File: 3GTSTOceNCh0yESinjAimOYBhPE.roa (raw, json)
Hash identifier: AgXn6XgeQ5d20o7oGIh05Nhwlj8eU5ETzE6ryg/WxoY=
Subject key identifier: DC:64:D2:4C:E7:1E:34:28:74:C8:44:A2:9E:30:22:98:E6:01:84:F1
Certificate issuer: /CN=28CB5CCFC90738D224CAEAC15E1C251000446BAA
Certificate serial: 09D6
Authority key identifier: 28:CB:5C:CF:C9:07:38:D2:24:CA:EA:C1:5E:1C:25:10:00:44:6B:AA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KMtcz8kHONIkyurBXhwlEABEa6o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/HLCATV/3GTSTOceNCh0yESinjAimOYBhPE.roa
Signing time: Thu 15 Sep 2022 02:49:10 +0000
ROA not before: Thu 15 Sep 2022 02:49:10 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9676
IP address blocks: 211.76.80.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2518 (0x9d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28CB5CCFC90738D224CAEAC15E1C251000446BAA
Validity
Not Before: Sep 15 02:49:10 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DC64D24CE71E342874C844A29E302298E60184F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:48:ca:b8:20:84:38:d0:06:71:58:ce:45:af:
d0:f6:24:c2:da:c9:a9:f6:db:77:bf:c5:6e:46:c2:
3b:07:49:e6:06:ed:7d:59:c5:99:08:cb:74:fa:0e:
bb:12:8c:f6:f9:bf:eb:47:63:5a:52:18:3b:ae:2c:
93:f5:8a:15:18:87:b3:c8:68:6c:b2:c4:26:0b:50:
cf:67:a3:59:26:ae:1e:c3:6a:0d:fd:ed:14:46:68:
be:f7:9e:00:89:ff:b2:ae:66:9e:10:61:8b:55:e9:
73:30:4f:a4:72:7d:eb:55:19:95:0f:37:bd:95:34:
af:97:43:68:49:12:c3:51:a6:18:4f:c7:78:66:d8:
37:ab:1d:de:64:85:5c:e2:14:a2:68:a0:19:97:59:
02:7e:9e:9c:2d:6a:30:b7:67:91:ab:77:27:40:75:
00:16:1c:90:80:fc:60:b1:1f:34:b3:56:b6:ab:c4:
a7:6e:80:bc:26:b4:bd:c4:4a:38:e6:e0:fc:f9:57:
9c:64:eb:45:37:57:3e:a7:65:6b:13:b5:6b:a6:27:
72:14:5f:e1:62:c0:43:4b:23:ef:f2:2a:ad:2c:60:
d5:9c:d0:a6:51:69:ed:e5:60:78:5a:0f:30:24:6d:
a6:60:4c:95:0a:fb:1a:ce:28:23:c5:a9:18:34:67:
ae:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:64:D2:4C:E7:1E:34:28:74:C8:44:A2:9E:30:22:98:E6:01:84:F1
X509v3 Authority Key Identifier:
keyid:28:CB:5C:CF:C9:07:38:D2:24:CA:EA:C1:5E:1C:25:10:00:44:6B:AA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HLCATV/KMtcz8kHONIkyurBXhwlEABEa6o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KMtcz8kHONIkyurBXhwlEABEa6o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/HLCATV/3GTSTOceNCh0yESinjAimOYBhPE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.76.80.0/20
Signature Algorithm: sha256WithRSAEncryption
0a:08:9c:a5:d3:35:3e:50:dd:97:e7:56:95:90:9f:b6:04:eb:
be:6d:83:9b:30:f6:4d:1d:8d:49:ab:42:f5:61:57:ac:54:10:
32:fe:4d:8e:b7:eb:d9:aa:e7:16:0b:13:d1:35:2d:36:45:94:
c4:c1:39:06:d6:5b:43:9c:44:fd:c9:39:3d:b2:8a:fd:8c:51:
8a:3c:a0:78:9d:7d:da:85:13:ea:68:33:36:9b:79:b5:27:f5:
58:54:01:d7:c2:c4:e3:ad:23:29:5a:85:24:33:9f:99:f8:a5:
f4:49:05:b1:79:0b:f9:ff:ba:25:21:27:73:f5:c9:6f:8d:f8:
80:c2:5a:fa:10:d4:8c:cf:16:5a:c4:20:6e:ba:52:d0:32:bb:
0e:21:60:28:b5:eb:01:e7:ad:2c:94:c0:30:94:2f:3d:1f:4c:
92:d3:a4:f8:a7:4d:6c:68:84:08:1e:ce:01:62:cf:71:22:89:
71:f1:a0:d5:2a:ce:20:8f:7e:f6:d6:dc:ce:2c:4e:85:4a:0d:
99:28:c0:9f:ed:c8:da:71:2b:49:b8:d9:74:34:5e:c6:6e:7c:
5c:4f:fc:61:62:c5:da:82:03:87:5c:d1:5b:a7:4e:c6:a8:0c:
28:ab:0c:74:46:4a:6d:f2:9d:94:15:5f:4d:73:af:ed:f9:2b:
b5:0a:ce:a5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCdYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjhD
QjVDQ0ZDOTA3MzhEMjI0Q0FFQUMxNUUxQzI1MTAwMDQ0NkJBQTAeFw0yMjA5MTUw
MjQ5MTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERDNjREMjRDRTcxRTM0
Mjg3NEM4NDRBMjlFMzAyMjk4RTYwMTg0RjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCgSMq4IIQ40AZxWM5Fr9D2JMLayan223e/xW5GwjsHSeYG7X1Z
xZkIy3T6DrsSjPb5v+tHY1pSGDuuLJP1ihUYh7PIaGyyxCYLUM9no1kmrh7Dag39
7RRGaL73ngCJ/7KuZp4QYYtV6XMwT6RyfetVGZUPN72VNK+XQ2hJEsNRphhPx3hm
2DerHd5khVziFKJooBmXWQJ+npwtajC3Z5GrdydAdQAWHJCA/GCxHzSzVrarxKdu
gLwmtL3ESjjm4Pz5V5xk60U3Vz6nZWsTtWumJ3IUX+FiwENLI+/yKq0sYNWc0KZR
ae3lYHhaDzAkbaZgTJUK+xrOKCPFqRg0Z64fAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3GTSTOceNCh0yESinjAimOYBhPEwHwYDVR0jBBgwFoAUKMtcz8kHONIkyurB
XhwlEABEa6owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvSExDQVRW
L0tNdGN6OGtIT05Ja3l1ckJYaHdsRUFCRWE2by5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvS010Y3o4a0hPTklreXVyQlhod2xFQUJFYTZvLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvSExDQVRWLzNHVFNUT2NlTkNoMHlFU2lu
akFpbU9ZQmhQRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBATT
TFAwDQYJKoZIhvcNAQELBQADggEBAAoInKXTNT5Q3ZfnVpWQn7YE675tg5sw9k0d
jUmrQvVhV6xUEDL+TY6369mq5xYLE9E1LTZFlMTBOQbWW0OcRP3JOT2yiv2MUYo8
oHidfdqFE+poMzabebUn9VhUAdfCxOOtIylahSQzn5n4pfRJBbF5C/n/uiUhJ3P1
yW+N+IDCWvoQ1IzPFlrEIG66UtAyuw4hYCi16wHnrSyUwDCULz0fTJLTpPinTWxo
hAgezgFiz3EiiXHxoNUqziCPfvbW3M4sToVKDZkowJ/tyNpxK0m42XQ0XsZufFxP
/GFixdqCA4dc0VunTsaoDCirDHRGSm3ynZQVX01zr+35K7UKzqU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:09 2024 by rpki-client on console-ams.rpki-client.org