Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALI/7To_xW_i0bdoNQc1VFUxBiX079o.roa
File: 7To_xW_i0bdoNQc1VFUxBiX079o.roa (raw, json)
Hash identifier: wmtfMh6w46rqNJhbk5+vzo0gVnqHBIQan6gv4/ieUTQ=
Subject key identifier: ED:3A:3F:C5:6F:E2:D1:B7:68:35:07:35:54:55:31:06:25:F4:EF:DA
Certificate issuer: /CN=C46656F8C9D72547BCA79848DC6A2E6B0FC3E2B2
Certificate serial: 1009
Authority key identifier: C4:66:56:F8:C9:D7:25:47:BC:A7:98:48:DC:6A:2E:6B:0F:C3:E2:B2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/xGZW-MnXJUe8p5hI3Gouaw_D4rI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/7To_xW_i0bdoNQc1VFUxBiX079o.roa
Signing time: Wed 29 Sep 2021 02:49:28 +0000
ROA not before: Wed 29 Sep 2021 02:49:28 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18046
IP address blocks: 103.130.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4105 (0x1009)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=C46656F8C9D72547BCA79848DC6A2E6B0FC3E2B2
Validity
Not Before: Sep 29 02:49:28 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=ED3A3FC56FE2D1B7683507355455310625F4EFDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:3f:ea:8f:42:8f:dd:30:a3:41:de:db:e3:dd:
7e:f2:ed:a2:77:78:a3:85:e5:1e:a7:1a:a9:52:5d:
77:c7:9e:65:84:f3:28:f5:e1:a2:ee:ee:cd:20:b7:
c3:6b:b8:a0:3a:e4:f1:4b:4d:d7:25:e5:4d:80:6b:
0b:5b:19:13:58:e4:c0:7d:c8:00:d6:62:d2:91:d7:
80:af:48:c0:a3:b7:c6:5c:f4:d8:33:5c:e2:86:2f:
40:7e:5e:59:ec:50:56:35:89:86:4b:71:bb:ed:22:
32:dd:02:a8:f9:06:9b:69:e3:bc:0d:27:eb:8d:ca:
ca:fb:39:d8:79:88:3e:d8:b7:65:b5:2b:83:13:00:
0e:51:70:f2:07:f3:0e:75:f0:54:c9:05:4d:c7:7f:
c6:7f:25:f6:b9:58:95:2c:25:29:6e:ed:b5:29:6d:
93:17:c1:52:33:ab:b9:57:ef:3b:20:83:61:cf:91:
e8:a0:cf:91:e7:f8:cd:27:e6:83:5e:85:9a:2a:79:
84:4b:68:36:85:61:f0:be:d1:fa:ee:0b:fd:23:40:
b2:9c:99:ec:27:1e:a8:13:d6:f9:c0:a8:d6:00:26:
9c:8c:44:f5:1d:ce:78:02:b0:9d:11:a4:65:8c:14:
2a:0b:0d:a7:7f:e5:18:14:40:56:d0:34:82:d1:39:
e1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:3A:3F:C5:6F:E2:D1:B7:68:35:07:35:54:55:31:06:25:F4:EF:DA
X509v3 Authority Key Identifier:
keyid:C4:66:56:F8:C9:D7:25:47:BC:A7:98:48:DC:6A:2E:6B:0F:C3:E2:B2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/xGZW-MnXJUe8p5hI3Gouaw_D4rI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/xGZW-MnXJUe8p5hI3Gouaw_D4rI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALI/7To_xW_i0bdoNQc1VFUxBiX079o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.130.40.0/22
Signature Algorithm: sha256WithRSAEncryption
58:1e:0f:56:fd:ca:e3:ac:40:b5:2a:16:fe:e6:1f:f4:5a:cc:
9b:a4:d0:34:af:5c:94:11:d2:96:9a:91:f8:93:b9:da:26:c3:
0f:09:f8:c0:ba:cd:7d:b5:59:60:d4:74:c3:1a:73:e0:7c:ce:
05:a7:3c:0b:58:1c:6c:c6:bd:57:dd:2d:32:63:da:52:35:0d:
c4:87:c3:e3:a3:42:0d:b5:3a:5e:aa:1f:16:9b:a6:78:d0:82:
51:5f:59:93:f9:43:d8:b7:dd:84:6f:6c:79:73:ac:92:df:49:
9f:76:3c:cd:db:99:3e:a2:04:7e:de:63:2e:69:d0:df:01:a4:
aa:c6:4d:62:36:5b:49:e2:50:47:82:06:a0:42:3e:ec:35:47:
5d:fb:fc:bb:82:3e:e8:09:77:57:8b:6a:63:6b:99:5e:fc:3e:
a6:59:ce:30:3d:98:94:d4:bd:ed:4c:3e:31:af:69:8c:bf:aa:
02:be:09:f7:2c:0f:0b:ff:1b:42:1d:e6:ef:4b:68:47:18:21:
c5:a4:a6:9a:30:76:9e:bc:51:0d:7b:9e:96:0e:44:59:0f:1f:
d5:2c:1f:af:7b:7a:bf:0d:ae:cf:55:86:34:da:13:a5:ea:ae:
5d:8d:1d:37:e4:02:6d:22:ec:08:7a:db:3b:1b:9a:69:49:83:
51:d7:8a:d7
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICEAkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQzQ2
NjU2RjhDOUQ3MjU0N0JDQTc5ODQ4REM2QTJFNkIwRkMzRTJCMjAeFw0yMTA5Mjkw
MjQ5MjhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEVEM0EzRkM1NkZFMkQx
Qjc2ODM1MDczNTU0NTUzMTA2MjVGNEVGREEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD1P+qPQo/dMKNB3tvj3X7y7aJ3eKOF5R6nGqlSXXfHnmWE8yj1
4aLu7s0gt8NruKA65PFLTdcl5U2AawtbGRNY5MB9yADWYtKR14CvSMCjt8Zc9Ngz
XOKGL0B+XlnsUFY1iYZLcbvtIjLdAqj5Bptp47wNJ+uNysr7Odh5iD7Yt2W1K4MT
AA5RcPIH8w518FTJBU3Hf8Z/Jfa5WJUsJSlu7bUpbZMXwVIzq7lX7zsgg2HPkeig
z5Hn+M0n5oNehZoqeYRLaDaFYfC+0fruC/0jQLKcmewnHqgT1vnAqNYAJpyMRPUd
zngCsJ0RpGWMFCoLDad/5RgUQFbQNILROeGjAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU7To/xW/i0bdoNQc1VFUxBiX079owHwYDVR0jBBgwFoAUxGZW+MnXJUe8p5hI
3Gouaw/D4rIwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxJL3hH
WlctTW5YSlVlOHA1aEkzR291YXdfRDRySS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
eEdaVy1NblhKVWU4cDVoSTNHb3Vhd19ENHJJLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvQUxJLzdUb194V19pMGJkb05RYzFWRlV4QmlY
MDc5by5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJngigwDQYJ
KoZIhvcNAQELBQADggEBAFgeD1b9yuOsQLUqFv7mH/RazJuk0DSvXJQR0paakfiT
udomww8J+MC6zX21WWDUdMMac+B8zgWnPAtYHGzGvVfdLTJj2lI1DcSHw+OjQg21
Ol6qHxabpnjQglFfWZP5Q9i33YRvbHlzrJLfSZ92PM3bmT6iBH7eYy5p0N8BpKrG
TWI2W0niUEeCBqBCPuw1R137/LuCPugJd1eLamNrmV78PqZZzjA9mJTUve1MPjGv
aYy/qgK+CfcsDwv/G0Id5u9LaEcYIcWkppowdp68UQ17npYORFkPH9UsH697er8N
rs9VhjTaE6Xqrl2NHTfkAm0i7Ah62zsbmmlJg1HXitc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:43 2023 by rpki-client on console-ams.rpki-client.org