Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/HSL7YySsoVEMGW0swe3fOyepz70.roa
File: HSL7YySsoVEMGW0swe3fOyepz70.roa (raw, json)
Hash identifier: J4lWj08WuaNq6NFBcWpSWCk2VytNMOPgYtlkSiqJbtU=
Subject key identifier: 1D:22:FB:63:24:AC:A1:51:0C:19:6D:2C:C1:ED:DF:3B:27:A9:CF:BD
Certificate issuer: /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial: 0336
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/HSL7YySsoVEMGW0swe3fOyepz70.roa
Signing time: Thu 15 Sep 2022 02:34:45 +0000
ROA not before: Thu 15 Sep 2022 02:34:45 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 983
IP address blocks: 103.156.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 822 (0x336)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
Validity
Not Before: Sep 15 02:34:45 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1D22FB6324ACA1510C196D2CC1EDDF3B27A9CFBD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:15:f1:5d:15:0a:c9:e4:de:28:d7:cb:74:0a:
3c:4a:c5:76:6e:db:9b:71:9d:85:9a:84:f9:e7:38:
02:0a:39:f3:d6:eb:9b:bd:b6:cf:dc:d1:5f:8e:67:
92:6d:5d:8e:62:fa:e7:54:cd:31:72:c4:30:c1:41:
e2:39:53:75:8f:fa:99:ef:37:05:52:6b:f7:2f:74:
9b:7b:2d:69:9a:42:9b:01:2d:ab:25:a7:09:12:40:
c9:6e:12:c8:d8:ff:ca:9a:5e:e0:17:b0:40:43:d1:
35:82:b1:34:60:b3:e1:8f:e5:bf:84:e2:12:9f:48:
3b:68:3c:6b:a5:f9:72:ca:53:c2:9c:53:e0:9c:cd:
1c:aa:b2:6a:5a:e7:e7:43:33:dd:f6:31:89:f4:c1:
3a:95:ab:bf:f8:a9:bc:d9:92:6a:17:28:ff:d0:66:
e2:37:d7:ee:20:84:e6:78:25:84:4f:23:10:12:d9:
08:11:c8:8e:d9:cb:d9:75:7f:a2:9c:53:d8:0e:e6:
bc:1e:da:12:d6:a7:46:6f:13:f5:af:12:67:e6:65:
5b:26:f3:f7:34:79:f2:6a:8a:a9:3b:26:69:71:fd:
b6:72:f4:d5:4c:f7:c3:4e:70:24:1f:4b:96:db:be:
71:d3:ac:e8:ce:82:59:78:34:89:bf:b9:37:e9:24:
48:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:22:FB:63:24:AC:A1:51:0C:19:6D:2C:C1:ED:DF:3B:27:A9:CF:BD
X509v3 Authority Key Identifier:
keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/HSL7YySsoVEMGW0swe3fOyepz70.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.184.0/24
Signature Algorithm: sha256WithRSAEncryption
22:67:b1:45:42:92:fc:66:0f:12:54:1a:9e:92:dd:36:97:88:
e0:30:4e:c2:13:a4:8f:d4:43:36:8d:d0:f9:56:30:d5:f1:cf:
42:bc:ed:ad:5e:38:f7:dc:02:41:cc:34:64:04:22:e3:b7:a6:
54:46:6c:c3:85:47:f0:e6:b1:bc:8e:3d:d5:99:7e:f9:f1:ae:
6e:0c:9f:f5:a1:9d:8a:29:60:a7:a8:47:15:a2:d6:92:d8:4d:
62:a5:0d:f6:10:89:4d:40:68:8c:0a:06:b8:05:a2:2a:83:1e:
74:8f:3b:fe:37:8e:05:0e:dc:2f:a6:db:23:e7:2c:80:3d:f6:
5b:d9:e7:db:ab:87:bf:b2:de:4d:37:9d:ab:49:7b:a0:83:a1:
4a:08:e8:47:cf:f9:df:00:63:b9:dc:27:be:b4:b5:d0:c5:e9:
7b:fb:0a:91:51:5d:b0:f7:f3:e3:69:86:ff:2b:36:6e:a9:e1:
21:9b:fb:5c:37:8f:a4:83:16:e2:f7:7d:1f:a9:1d:a8:c1:29:
ae:88:20:76:78:d7:3e:5f:84:b7:98:86:8a:30:73:01:17:bf:
51:f9:b6:e7:57:a7:2a:12:02:f0:41:a9:cf:d6:d8:1b:3f:ad:
a9:c4:00:78:e3:9a:ef:d9:4c:d0:e8:f6:28:97:d8:9e:de:5b:
20:f3:ae:ca
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAzYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yMjA5MTUw
MjM0NDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFEMjJGQjYzMjRBQ0Ex
NTEwQzE5NkQyQ0MxRURERjNCMjdBOUNGQkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdFfFdFQrJ5N4o18t0CjxKxXZu25txnYWahPnnOAIKOfPW65u9
ts/c0V+OZ5JtXY5i+udUzTFyxDDBQeI5U3WP+pnvNwVSa/cvdJt7LWmaQpsBLasl
pwkSQMluEsjY/8qaXuAXsEBD0TWCsTRgs+GP5b+E4hKfSDtoPGul+XLKU8KcU+Cc
zRyqsmpa5+dDM932MYn0wTqVq7/4qbzZkmoXKP/QZuI31+4ghOZ4JYRPIxAS2QgR
yI7Zy9l1f6KcU9gO5rwe2hLWp0ZvE/WvEmfmZVsm8/c0efJqiqk7Jmlx/bZy9NVM
98NOcCQfS5bbvnHTrOjOgll4NIm/uTfpJEjLAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUHSL7YySsoVEMGW0swe3fOyepz70wHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MvSFNMN1l5U3NvVkVNR1cw
c3dlM2ZPeWVwejcwLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGecuDANBgkqhkiG9w0BAQsFAAOCAQEAImexRUKS/GYPElQanpLdNpeI4DBOwhOk
j9RDNo3Q+VYw1fHPQrztrV4499wCQcw0ZAQi47emVEZsw4VH8OaxvI491Zl++fGu
bgyf9aGdiilgp6hHFaLWkthNYqUN9hCJTUBojAoGuAWiKoMedI87/jeOBQ7cL6bb
I+csgD32W9nn26uHv7LeTTedq0l7oIOhSgjoR8/53wBjudwnvrS10MXpe/sKkVFd
sPfz42mG/ys2bqnhIZv7XDePpIMW4vd9H6kdqMEproggdnjXPl+Et5iGijBzARe/
Ufm251enKhIC8EGpz9bYGz+tqcQAeOOa79lM0Oj2KJfYnt5bIPOuyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:58 2024 by rpki-client on console-ams.rpki-client.org