Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/Ch1XmDMV9t5hcN5aLQtmfYgN6mk.roa
File: Ch1XmDMV9t5hcN5aLQtmfYgN6mk.roa (raw, json)
Hash identifier: 0lY8mr7yip3/Z+XMfrOYx+ch9adnkRuMXZ7zhvd7kfI=
Subject key identifier: 0A:1D:57:98:33:15:F6:DE:61:70:DE:5A:2D:0B:66:7D:88:0D:EA:69
Certificate issuer: /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial: 0336
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/Ch1XmDMV9t5hcN5aLQtmfYgN6mk.roa
Signing time: Thu 15 Sep 2022 02:34:47 +0000
ROA not before: Thu 15 Sep 2022 02:34:47 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 41255
IP address blocks: 103.156.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 822 (0x336)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
Validity
Not Before: Sep 15 02:34:47 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0A1D57983315F6DE6170DE5A2D0B667D880DEA69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:62:2e:57:e9:fb:10:ad:8f:94:3e:9e:ae:55:
8d:14:dc:e0:ea:52:f9:ca:4e:88:26:39:a8:c5:d5:
5d:db:6a:4d:9f:d5:48:92:ec:3b:35:10:66:4d:69:
94:b3:da:7f:4f:fc:54:53:cd:77:fe:c0:18:59:96:
a0:07:d2:d3:3a:26:43:a6:24:63:b9:99:3b:e2:d8:
ec:de:fe:58:cc:4f:c5:22:4e:25:fa:47:c7:00:b0:
fa:29:df:4a:bc:3b:f6:ed:ce:a9:d4:ac:b6:fd:c5:
c8:0b:33:8f:1d:ea:57:e3:82:6b:82:1c:9b:07:67:
6c:19:89:53:14:71:0e:d4:4f:87:9e:2f:a8:27:4e:
c0:e5:f0:dd:00:5c:12:a0:94:1e:77:71:da:67:db:
44:78:e6:7e:8f:9c:3e:9c:ed:89:3e:22:fb:2e:6d:
72:ef:dc:07:d9:49:48:a4:56:88:c0:46:33:d1:7f:
d1:d7:04:fe:e8:33:34:da:fe:67:5f:54:86:51:a3:
28:45:ed:d9:fe:bf:40:3f:04:c7:ca:81:3c:72:43:
da:9f:94:c0:af:5c:da:d0:2a:c6:4b:71:41:1f:ad:
e4:ee:e3:d9:73:af:a8:4d:03:e5:5f:0b:f4:98:f2:
ab:08:27:ed:5d:9a:47:13:b4:9d:d8:ae:34:3e:34:
a6:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1D:57:98:33:15:F6:DE:61:70:DE:5A:2D:0B:66:7D:88:0D:EA:69
X509v3 Authority Key Identifier:
keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/Ch1XmDMV9t5hcN5aLQtmfYgN6mk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.184.0/24
Signature Algorithm: sha256WithRSAEncryption
92:3c:5b:14:98:a3:5e:53:18:20:ec:ea:6e:16:54:41:f3:71:
51:6f:89:93:c4:c8:0b:1f:ec:45:f9:48:fb:c6:94:16:50:38:
4b:9f:63:dd:2a:95:4a:1b:c0:62:f3:59:2b:fd:ca:60:92:9e:
45:a0:7a:72:ac:36:d9:21:64:0d:c9:21:e0:86:4f:1d:22:ff:
c2:c7:55:e9:b2:10:02:46:3f:b8:23:68:e9:b9:6d:2a:27:42:
20:13:df:a3:79:a1:8c:ed:11:7b:d4:b3:98:96:d3:48:f0:83:
76:55:b9:1a:66:ee:53:42:be:2e:5c:24:33:f5:fc:6d:61:0b:
cb:8e:be:5d:69:b2:90:02:c4:14:8d:98:8b:12:e3:ad:f4:fa:
39:f7:fa:84:e6:6e:1e:0d:93:a2:14:0c:d9:2a:8b:71:74:d3:
1c:ee:64:93:1b:9b:ea:01:c0:10:4d:a2:32:9b:85:f4:2a:58:
36:52:8b:36:0b:9d:03:a0:a3:cb:1d:46:99:ab:4a:2c:49:f6:
ac:89:65:73:05:bd:0c:52:53:92:58:f0:88:e6:31:87:c5:22:
e9:69:b0:b6:e7:ec:b7:b3:35:c4:27:f9:9e:33:b0:06:5a:f4:
39:ac:88:62:19:9f:c9:03:bc:ec:8f:0e:aa:16:f1:c1:3d:22:
c8:9e:af:31
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yMjA5MTUw
MjM0NDdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBBMUQ1Nzk4MzMxNUY2
REU2MTcwREU1QTJEMEI2NjdEODgwREVBNjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC0Yi5X6fsQrY+UPp6uVY0U3ODqUvnKTogmOajF1V3bak2f1UiS
7Ds1EGZNaZSz2n9P/FRTzXf+wBhZlqAH0tM6JkOmJGO5mTvi2Oze/ljMT8UiTiX6
R8cAsPop30q8O/btzqnUrLb9xcgLM48d6lfjgmuCHJsHZ2wZiVMUcQ7UT4eeL6gn
TsDl8N0AXBKglB53cdpn20R45n6PnD6c7Yk+IvsubXLv3AfZSUikVojARjPRf9HX
BP7oMzTa/mdfVIZRoyhF7dn+v0A/BMfKgTxyQ9qflMCvXNrQKsZLcUEfreTu49lz
r6hNA+VfC/SY8qsIJ+1dmkcTtJ3YrjQ+NKYLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUCh1XmDMV9t5hcN5aLQtmfYgN6mkwHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MvQ2gxWG1ETVY5dDVoY041
YUxRdG1mWWdONm1rLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGecuDANBgkqhkiG9w0BAQsFAAOCAQEAkjxbFJijXlMYIOzqbhZUQfNxUW+Jk8TI
Cx/sRflI+8aUFlA4S59j3SqVShvAYvNZK/3KYJKeRaB6cqw22SFkDckh4IZPHSL/
wsdV6bIQAkY/uCNo6bltKidCIBPfo3mhjO0Re9SzmJbTSPCDdlW5GmbuU0K+Llwk
M/X8bWELy46+XWmykALEFI2YixLjrfT6Off6hOZuHg2TohQM2SqLcXTTHO5kkxub
6gHAEE2iMpuF9CpYNlKLNgudA6Cjyx1GmatKLEn2rIllcwW9DFJTkljwiOYxh8Ui
6Wmwtufst7M1xCf5njOwBlr0OayIYhmfyQO87I8OqhbxwT0iyJ6vMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:30 2024 by rpki-client on console-fra.rpki-client.org