Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DQWL/JH3Lx_sN9u1-2TFg1fcEpXd8IAI.roa
File: JH3Lx_sN9u1-2TFg1fcEpXd8IAI.roa (raw, json)
Hash identifier: 8+9SWGMNZyzN6gyi0yS/Rf9mn+da9c8jlXs9Bwm7KyU=
Subject key identifier: 24:7D:CB:C7:FB:0D:F6:ED:7E:D9:31:60:D5:F7:04:A5:77:7C:20:02
Certificate issuer: /CN=7CBA374F4F7A0D1E6CB59F8A7B564066C67DD19D
Certificate serial: 055B
Authority key identifier: 7C:BA:37:4F:4F:7A:0D:1E:6C:B5:9F:8A:7B:56:40:66:C6:7D:D1:9D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DQWL/JH3Lx_sN9u1-2TFg1fcEpXd8IAI.roa
Signing time: Thu 04 Nov 2021 01:48:03 +0000
ROA not before: Thu 04 Nov 2021 01:48:03 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131678
IP address blocks: 103.149.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1371 (0x55b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7CBA374F4F7A0D1E6CB59F8A7B564066C67DD19D
Validity
Not Before: Nov 4 01:48:03 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=247DCBC7FB0DF6ED7ED93160D5F704A5777C2002
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:fd:f5:1b:4d:b4:32:f8:e8:7f:c0:f6:6c:66:
b1:2c:30:01:52:12:1e:df:fd:1b:ad:33:19:9d:2a:
9e:dc:38:13:03:c0:05:ae:e9:d2:48:fd:19:d1:a2:
8f:cb:e8:5a:28:68:90:97:70:c3:01:46:5f:5d:6c:
34:f0:ad:52:b8:07:54:55:2c:8c:38:28:08:7d:15:
32:5a:56:42:34:fc:1d:3c:35:1b:cd:b8:18:a5:94:
35:7e:da:c4:dc:64:77:10:16:be:f5:af:df:fd:b1:
57:ee:45:ab:8c:cb:6c:e3:7b:0b:98:e1:13:2b:82:
9d:7d:2d:69:4c:f6:b9:93:70:cd:93:5a:bf:f3:9a:
55:e2:54:ac:0e:3e:88:84:9e:f2:cf:89:54:96:0d:
a5:eb:8b:dd:61:e1:a8:c3:1e:fa:ee:f2:4a:c6:29:
4d:a6:c5:a4:5d:20:5c:78:37:de:7c:2d:c3:21:a5:
ad:d6:c2:8c:ca:ec:bd:e9:a8:8d:51:4c:1e:25:47:
76:47:dc:ef:35:99:f0:fc:58:f8:bf:91:cd:b9:e1:
41:11:34:69:3f:d1:b0:6b:26:8f:e0:03:af:c7:45:
ae:60:d9:bd:03:e2:1d:94:eb:bf:d2:c0:b6:a1:a4:
ed:24:ba:09:e0:93:d9:18:2c:c0:45:a7:b2:27:ba:
02:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:7D:CB:C7:FB:0D:F6:ED:7E:D9:31:60:D5:F7:04:A5:77:7C:20:02
X509v3 Authority Key Identifier:
keyid:7C:BA:37:4F:4F:7A:0D:1E:6C:B5:9F:8A:7B:56:40:66:C6:7D:D1:9D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DQWL/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/fLo3T096DR5stZ-Ke1ZAZsZ90Z0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DQWL/JH3Lx_sN9u1-2TFg1fcEpXd8IAI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.149.66.0/24
Signature Algorithm: sha256WithRSAEncryption
98:6f:08:30:96:53:f4:c1:68:c9:ae:5c:fa:f2:e5:79:97:0d:
43:cb:df:b9:25:a9:51:26:ae:61:a0:79:57:ea:da:46:cd:c3:
ea:e5:4f:98:62:33:14:09:b0:27:45:45:a4:07:57:37:86:78:
27:3d:ff:55:ce:14:29:7d:a5:b2:d9:fd:82:4e:ba:e0:27:83:
d3:9e:3e:90:37:cb:58:6e:6f:ab:c7:96:47:82:6a:64:0b:f1:
10:63:a6:29:f9:8b:f4:1e:19:ca:1a:dd:b6:ab:55:55:c2:9d:
33:b5:5a:3b:99:c6:b3:70:0c:2c:fb:88:21:1d:84:18:a9:d8:
ca:8e:cd:a8:11:75:27:55:e1:99:01:ab:5f:4f:b9:f4:49:f4:
ca:72:5e:a9:a4:87:69:3b:a7:68:5f:ca:e8:5a:b9:81:9d:7b:
15:13:62:58:14:1f:f5:43:0e:e6:5a:d0:62:5d:7c:08:28:4d:
25:b8:66:8f:3f:05:30:14:98:c4:97:eb:0b:ca:e8:02:8b:b0:
47:0d:76:cd:95:36:8e:7d:92:37:3a:df:73:24:a1:bf:03:5e:
bc:86:7a:a8:33:93:66:03:a9:4b:a1:a8:da:46:39:a0:40:91:
bd:03:a2:59:2c:32:72:bf:c4:08:04:ca:de:fb:86:19:e1:f5:
fd:df:f7:85
-----BEGIN CERTIFICATE-----
MIIEzjCCA7agAwIBAgICBVswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0NC
QTM3NEY0RjdBMEQxRTZDQjU5RjhBN0I1NjQwNjZDNjdERDE5RDAeFw0yMTExMDQw
MTQ4MDNaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI0N0RDQkM3RkIwREY2
RUQ3RUQ5MzE2MEQ1RjcwNEE1Nzc3QzIwMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDW/fUbTbQy+Oh/wPZsZrEsMAFSEh7f/RutMxmdKp7cOBMDwAWu
6dJI/RnRoo/L6FooaJCXcMMBRl9dbDTwrVK4B1RVLIw4KAh9FTJaVkI0/B08NRvN
uBillDV+2sTcZHcQFr71r9/9sVfuRauMy2zjewuY4RMrgp19LWlM9rmTcM2TWr/z
mlXiVKwOPoiEnvLPiVSWDaXri91h4ajDHvru8krGKU2mxaRdIFx4N958LcMhpa3W
wozK7L3pqI1RTB4lR3ZH3O81mfD8WPi/kc254UERNGk/0bBrJo/gA6/HRa5g2b0D
4h2U67/SwLahpO0kugngk9kYLMBFp7InugIdAgMBAAGjggHqMIIB5jAdBgNVHQ4E
FgQUJH3Lx/sN9u1+2TFg1fcEpXd8IAIwHwYDVR0jBBgwFoAUfLo3T096DR5stZ+K
e1ZAZsZ90Z0wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBaBgNVHR8EUzBRME+g
TaBLhklyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFFXTC9m
TG8zVDA5NkRSNXN0Wi1LZTFaQVpzWjkwWjAuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
L2ZMbzNUMDk2RFI1c3RaLUtlMVpBWnNaOTBaMC5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGaBggrBgEFBQcBCwSBjTCBijBVBggrBgEFBQcwC4ZJcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0RRV0wvSkgzTHhfc045dTEtMlRGZzFmY0Vw
WGQ4SUFJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3L3Jy
ZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeVQjAN
BgkqhkiG9w0BAQsFAAOCAQEAmG8IMJZT9MFoya5c+vLleZcNQ8vfuSWpUSauYaB5
V+raRs3D6uVPmGIzFAmwJ0VFpAdXN4Z4Jz3/Vc4UKX2lstn9gk664CeD054+kDfL
WG5vq8eWR4JqZAvxEGOmKfmL9B4ZyhrdtqtVVcKdM7VaO5nGs3AMLPuIIR2EGKnY
yo7NqBF1J1XhmQGrX0+59En0ynJeqaSHaTunaF/K6Fq5gZ17FRNiWBQf9UMO5lrQ
Yl18CChNJbhmjz8FMBSYxJfrC8roAouwRw12zZU2jn2SNzrfcyShvwNevIZ6qDOT
ZgOpS6Go2kY5oECRvQOiWSwycr/ECATK3vuGGeH1/d/3hQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org