Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/TTNS/CfOb9gJNac6z5ic_TE4vTyR4xqk.roa
File: CfOb9gJNac6z5ic_TE4vTyR4xqk.roa (raw, json)
Hash identifier: ftckh2OXwK8qOPmIbKA8EcOH3VpG1re3IQvBD1oeT74=
Subject key identifier: 09:F3:9B:F6:02:4D:69:CE:B3:E6:27:3F:4C:4E:2F:4F:24:78:C6:A9
Certificate issuer: /CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94
Certificate serial: 03
Authority key identifier: 29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/CfOb9gJNac6z5ic_TE4vTyR4xqk.roa
Signing time: Tue 05 Jul 2022 07:56:40 +0000
ROA not before: Tue 05 Jul 2022 07:56:40 +0000
ROA not after: Wed 05 Jul 2023 07:49:58 +0000
asID: 31972
IP address blocks: 103.159.206.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3 (0x3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=298ED2FD6AD5C5B5687DF614A275C2FC848D4E94
Validity
Not Before: Jul 5 07:56:40 2022 GMT
Not After : Jul 5 07:49:58 2023 GMT
Subject: CN=09F39BF6024D69CEB3E6273F4C4E2F4F2478C6A9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:16:64:47:e1:f7:cc:56:f5:02:ba:7b:19:a9:
3a:fa:0a:bb:b8:47:7c:52:16:9b:7d:a1:13:a7:e2:
17:64:40:c4:af:5e:53:a1:69:bf:7e:6c:f7:2d:41:
65:ec:da:e4:15:23:9b:d5:d6:92:da:de:d9:77:ef:
45:3e:8f:e3:c9:e2:e0:b3:7e:62:4a:6f:27:6b:41:
a4:97:e6:7b:02:af:b1:8a:74:a1:55:1e:2e:8a:a1:
34:93:c4:e9:de:f4:22:3d:44:8c:59:3f:c7:25:13:
e2:5f:15:08:a4:ab:07:68:a1:cb:db:83:3a:50:d3:
5e:db:38:98:28:4e:7b:aa:12:b2:02:89:82:18:e0:
d5:19:6e:a3:eb:e4:3a:69:fb:91:cb:3a:1d:20:11:
1f:c6:87:0d:eb:85:36:17:5d:42:09:10:d2:c7:71:
81:b1:b5:78:1d:0a:0f:e5:14:31:6f:84:e2:9b:24:
85:fb:e7:fd:fb:26:87:ba:6a:14:de:07:d7:e1:d7:
c6:bf:34:d6:80:21:ba:d1:99:ae:5a:6a:45:21:d4:
92:78:e0:77:da:d3:f4:0c:76:cc:7d:44:cb:1b:67:
29:9e:11:56:77:d9:38:ce:a6:54:50:7c:2e:17:ef:
a3:1a:85:df:4b:80:4c:1e:f3:fb:85:33:13:5d:09:
36:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:F3:9B:F6:02:4D:69:CE:B3:E6:27:3F:4C:4E:2F:4F:24:78:C6:A9
X509v3 Authority Key Identifier:
keyid:29:8E:D2:FD:6A:D5:C5:B5:68:7D:F6:14:A2:75:C2:FC:84:8D:4E:94
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/KY7S_WrVxbVoffYUonXC_ISNTpQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/KY7S_WrVxbVoffYUonXC_ISNTpQ.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/TTNS/CfOb9gJNac6z5ic_TE4vTyR4xqk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.159.206.0/23
Signature Algorithm: sha256WithRSAEncryption
d0:c8:1b:a0:f4:3a:59:52:05:f6:67:5c:6e:63:06:92:ea:14:
3a:1a:9d:09:d6:8d:7b:37:e0:01:df:d3:01:6c:e5:bd:54:3f:
55:c6:ce:96:1b:16:29:34:f2:e0:d4:1e:c7:05:d2:6b:d2:aa:
05:f2:88:71:48:6c:f1:16:3c:24:bc:01:0f:e4:09:3a:4d:e2:
c1:6f:93:2d:3f:33:5a:cc:1f:d3:30:00:4d:65:f4:c8:f4:0e:
5b:e9:3c:97:89:a7:61:c7:f0:6e:95:e8:e8:33:8f:e6:5b:93:
2e:ba:fc:8d:df:bc:6f:d0:a9:fb:1d:f1:5b:18:93:77:6b:9d:
67:3b:a1:50:7c:50:f6:e4:79:4a:d7:a2:6c:f1:d1:90:ef:c4:
b1:6f:0f:45:3e:2b:d4:79:eb:01:a5:8a:e6:18:06:65:38:d3:
9e:7a:dc:be:ac:f4:13:2c:d5:83:da:19:75:c7:37:3c:9b:4d:
b3:06:dc:9b:dc:ea:16:9c:2b:70:53:24:c8:3a:57:b1:a0:cb:
1d:10:68:06:27:89:10:cd:2d:04:f6:9a:37:88:62:3e:db:b1:
c8:4c:8b:09:0f:fd:dc:d9:e9:00:b1:16:f9:1c:c3:41:8b:68:
72:5e:2b:5a:0d:84:7f:d9:1f:af:4f:1f:1a:23:d5:a2:31:d0:
d9:15:68:e2
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyOThF
RDJGRDZBRDVDNUI1Njg3REY2MTRBMjc1QzJGQzg0OEQ0RTk0MB4XDTIyMDcwNTA3
NTY0MFoXDTIzMDcwNTA3NDk1OFowMzExMC8GA1UEAxMoMDlGMzlCRjYwMjRENjlD
RUIzRTYyNzNGNEM0RTJGNEYyNDc4QzZBOTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMcWZEfh98xW9QK6exmpOvoKu7hHfFIWm32hE6fiF2RAxK9eU6Fp
v35s9y1BZeza5BUjm9XWktre2XfvRT6P48ni4LN+YkpvJ2tBpJfmewKvsYp0oVUe
LoqhNJPE6d70Ij1EjFk/xyUT4l8VCKSrB2ihy9uDOlDTXts4mChOe6oSsgKJghjg
1Rluo+vkOmn7kcs6HSARH8aHDeuFNhddQgkQ0sdxgbG1eB0KD+UUMW+E4pskhfvn
/fsmh7pqFN4H1+HXxr801oAhutGZrlpqRSHUknjgd9rT9Ax2zH1EyxtnKZ4RVnfZ
OM6mVFB8LhfvoxqF30uATB7z+4UzE10JNm8CAwEAAaOCAeowggHmMB0GA1UdDgQW
BBQJ85v2Ak1pzrPmJz9MTi9PJHjGqTAfBgNVHSMEGDAWgBQpjtL9atXFtWh99hSi
dcL8hI1OlDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9UVE5TL0tZ
N1NfV3JWeGJWb2ZmWVVvblhDX0lTTlRwUS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
S1k3U19XclZ4YlZvZmZZVW9uWENfSVNOVHBRLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvVFROUy9DZk9iOWdKTmFjNno1aWNfVEU0dlR5
UjR4cWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ5/OMA0G
CSqGSIb3DQEBCwUAA4IBAQDQyBug9DpZUgX2Z1xuYwaS6hQ6Gp0J1o17N+AB39MB
bOW9VD9Vxs6WGxYpNPLg1B7HBdJr0qoF8ohxSGzxFjwkvAEP5Ak6TeLBb5MtPzNa
zB/TMABNZfTI9A5b6TyXiadhx/BulejoM4/mW5MuuvyN37xv0Kn7HfFbGJN3a51n
O6FQfFD25HlK16Js8dGQ78Sxbw9FPivUeesBpYrmGAZlONOeety+rPQTLNWD2hl1
xzc8m02zBtyb3OoWnCtwUyTIOlexoMsdEGgGJ4kQzS0E9po3iGI+27HITIsJD/3c
2ekAsRb5HMNBi2hyXitaDYR/2R+vTx8aI9WiMdDZFWji
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:22 2024 by rpki-client on console-ams.rpki-client.org