Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/a3HzO9FWlp8EpwL9SksmfZ15SIg.roa
File: a3HzO9FWlp8EpwL9SksmfZ15SIg.roa (raw, json)
Hash identifier: 2k3sVExSsAMLbGXbwEOhliRpgZnMVKwdrYCUR1MCddU=
Subject key identifier: 6B:71:F3:3B:D1:56:96:9F:04:A7:02:FD:4A:4B:26:7D:9D:79:48:88
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0AB7
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/a3HzO9FWlp8EpwL9SksmfZ15SIg.roa
Signing time: Thu 15 Sep 2022 02:37:41 +0000
ROA not before: Thu 15 Sep 2022 02:37:41 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9244
IP address blocks: 113.21.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2743 (0xab7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Sep 15 02:37:41 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=6B71F33BD156969F04A702FD4A4B267D9D794888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:db:80:eb:9a:f3:c7:00:0f:ba:32:a6:a6:12:
89:41:d8:e5:ff:a9:88:90:53:05:34:42:6e:44:08:
b3:f2:ba:99:d8:9b:3e:39:73:e0:76:2a:bc:1f:32:
6a:de:80:40:75:ac:6f:de:cc:49:6e:2b:12:39:33:
b4:85:ac:13:42:f3:e7:28:0e:82:a4:4f:a7:a5:a6:
7d:75:d5:95:da:50:ad:d5:e0:e1:f3:7e:55:8b:80:
6a:7d:53:f7:dd:f7:33:20:e8:25:01:3e:0a:bf:a9:
6f:ec:45:ff:7b:aa:77:c7:7f:cd:7a:b0:c4:36:d1:
a7:01:f9:6f:5c:f6:e4:47:14:36:8a:56:7e:ba:30:
91:f5:cd:76:5e:7b:4b:a4:2f:db:f4:7d:78:88:d2:
8d:c4:b3:24:06:93:f1:1a:95:c5:2e:c6:aa:e1:c8:
d5:60:56:36:c3:ba:3f:07:7d:38:de:2b:37:75:e7:
d5:26:3f:93:cc:36:3e:b3:34:f7:38:18:34:38:8c:
06:c2:68:bf:63:de:dd:fd:09:9e:67:f4:a0:49:3b:
f8:1e:37:11:1a:a3:d6:f8:b6:95:01:b3:c4:a3:d5:
35:76:a9:f6:3d:90:86:af:3d:cb:b6:39:15:65:69:
a5:4b:cc:2a:c4:30:8a:ed:e9:7c:55:6e:7e:8f:a9:
78:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:71:F3:3B:D1:56:96:9F:04:A7:02:FD:4A:4B:26:7D:9D:79:48:88
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/a3HzO9FWlp8EpwL9SksmfZ15SIg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.21.173.0/24
Signature Algorithm: sha256WithRSAEncryption
96:0f:10:77:26:ad:2e:9b:26:4c:5e:73:90:05:6d:db:b6:ab:
ae:b7:3a:ed:ce:98:d7:80:43:e7:62:40:5e:b4:c2:df:85:c0:
c1:0a:af:c4:02:2b:e2:3d:d1:aa:b8:2e:78:e3:f0:2a:35:e9:
77:4c:f1:ea:6e:22:c2:5c:54:5d:a0:21:68:c4:c2:d7:fd:93:
ed:b7:bb:59:0c:22:d5:61:9c:3e:d5:ad:2d:cd:c1:c1:53:4a:
2a:7b:4a:36:3c:d0:19:84:0a:c1:81:cc:05:fb:53:9d:a4:56:
79:bb:f7:fe:08:13:f8:4d:01:ec:12:81:28:8b:9f:f9:2e:a5:
b5:56:31:d8:86:f0:a9:09:5e:db:95:d3:ce:1f:1c:f4:fb:59:
93:3f:1c:30:a0:46:17:87:9d:87:4c:1d:f2:ec:fb:66:b4:8a:
09:22:b0:17:0c:df:66:49:96:e6:81:6c:9e:f0:cf:cd:0c:c7:
4e:23:a6:c8:f3:d8:23:59:59:3d:55:e3:db:b8:ad:6a:f6:23:
d9:4f:87:7a:54:92:aa:8c:63:79:26:43:cc:5f:e1:96:6f:6b:
f0:5b:c4:54:7f:c5:dc:a1:a4:6a:0d:cc:e3:17:ec:94:59:1f:
0b:2c:56:f6:f1:5a:3c:a7:bb:ac:2d:45:72:e3:f6:5c:17:38:
d1:9a:d1:70
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCrcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMjA5MTUw
MjM3NDFaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDZCNzFGMzNCRDE1Njk2
OUYwNEE3MDJGRDRBNEIyNjdEOUQ3OTQ4ODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZ24DrmvPHAA+6MqamEolB2OX/qYiQUwU0Qm5ECLPyupnYmz45
c+B2KrwfMmregEB1rG/ezEluKxI5M7SFrBNC8+coDoKkT6elpn111ZXaUK3V4OHz
flWLgGp9U/fd9zMg6CUBPgq/qW/sRf97qnfHf816sMQ20acB+W9c9uRHFDaKVn66
MJH1zXZee0ukL9v0fXiI0o3EsyQGk/EalcUuxqrhyNVgVjbDuj8HfTjeKzd159Um
P5PMNj6zNPc4GDQ4jAbCaL9j3t39CZ5n9KBJO/geNxEao9b4tpUBs8Sj1TV2qfY9
kIavPcu2ORVlaaVLzCrEMIrt6XxVbn6PqXibAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUa3HzO9FWlp8EpwL9SksmfZ15SIgwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL2EzSHpPOUZXbHA4RXB3TDlT
a3NtZloxNVNJZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABx
Fa0wDQYJKoZIhvcNAQELBQADggEBAJYPEHcmrS6bJkxec5AFbdu2q663Ou3OmNeA
Q+diQF60wt+FwMEKr8QCK+I90aq4Lnjj8Co16XdM8epuIsJcVF2gIWjEwtf9k+23
u1kMItVhnD7VrS3NwcFTSip7SjY80BmECsGBzAX7U52kVnm79/4IE/hNAewSgSiL
n/kupbVWMdiG8KkJXtuV084fHPT7WZM/HDCgRheHnYdMHfLs+2a0igkisBcM32ZJ
luaBbJ7wz80Mx04jpsjz2CNZWT1V49u4rWr2I9lPh3pUkqqMY3kmQ8xf4ZZva/Bb
xFR/xdyhpGoNzOMX7JRZHwssVvbxWjynu6wtRXLj9lwXONGa0XA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org