Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/hs1PxtbVzMYaOHBaoNLvGs9sMJ0.roa
File: hs1PxtbVzMYaOHBaoNLvGs9sMJ0.roa (raw, json)
Hash identifier: ZuLCXYlXHBc+Mhl+TmWGKvI5wKQfPCDXL2AC7r84D2I=
Subject key identifier: 86:CD:4F:C6:D6:D5:CC:C6:1A:38:70:5A:A0:D2:EF:1A:CF:6C:30:9D
Certificate issuer: /CN=57A994BD60555145CB6452DC6A980FC851136BDA
Certificate serial: 0217
Authority key identifier: 57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/hs1PxtbVzMYaOHBaoNLvGs9sMJ0.roa
Signing time: Wed 29 Sep 2021 02:53:41 +0000
ROA not before: Wed 29 Sep 2021 02:53:41 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 60614
IP address blocks: 103.156.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 535 (0x217)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57A994BD60555145CB6452DC6A980FC851136BDA
Validity
Not Before: Sep 29 02:53:41 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=86CD4FC6D6D5CCC61A38705AA0D2EF1ACF6C309D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:5a:51:d5:cb:ed:67:c3:2a:28:36:62:87:2c:
cc:b8:77:79:87:8a:2b:be:01:5f:9c:8d:cb:56:92:
16:6c:f0:5a:1d:4d:45:79:4e:56:58:1f:1f:69:c5:
4e:78:b0:8b:ac:93:3b:2d:df:c2:95:e5:ce:ea:f4:
66:2e:c5:33:4f:f8:05:84:4a:91:8d:32:c1:c3:c6:
89:f8:f6:2c:dd:cd:03:56:65:a8:b0:35:01:1b:b6:
97:78:48:7c:db:06:b4:64:76:22:e9:54:f8:4b:45:
75:0a:cd:d5:aa:8e:aa:85:3c:cc:ad:53:a7:cc:a6:
54:4d:7d:86:27:6e:63:e5:b6:59:e0:1a:34:4e:39:
a4:41:c6:03:00:65:b2:17:f0:b7:d6:23:12:83:91:
bb:a0:bc:66:34:6c:19:6f:8f:bc:77:05:09:05:60:
76:12:7d:0f:a0:60:fd:82:ea:ba:bd:8f:ba:00:2e:
8f:b3:cd:75:9e:13:b7:e7:6f:47:d2:71:ee:b4:95:
ba:ae:47:cf:59:84:f4:2f:c5:8d:72:7c:f7:16:c1:
50:aa:df:1a:fc:ac:4c:03:bc:7e:c9:c8:6b:18:cf:
13:33:90:5a:6f:65:72:bd:05:c2:5f:0d:41:58:90:
a7:1f:dc:b4:de:48:af:49:da:e3:6a:7c:f0:a6:ec:
e7:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CD:4F:C6:D6:D5:CC:C6:1A:38:70:5A:A0:D2:EF:1A:CF:6C:30:9D
X509v3 Authority Key Identifier:
keyid:57:A9:94:BD:60:55:51:45:CB:64:52:DC:6A:98:0F:C8:51:13:6B:DA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/V6mUvWBVUUXLZFLcapgPyFETa9o.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/V6mUvWBVUUXLZFLcapgPyFETa9o.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/ALLPASS/hs1PxtbVzMYaOHBaoNLvGs9sMJ0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.156.185.0/24
Signature Algorithm: sha256WithRSAEncryption
58:5f:a8:55:85:2f:0b:c6:88:ca:88:50:e8:d3:ab:74:49:ed:
33:5b:14:bb:a2:f6:be:3a:2c:92:66:31:27:a9:d1:cf:33:37:
60:00:ca:fb:41:cb:13:f9:de:74:fc:00:40:05:52:24:0e:74:
d4:8d:7f:03:a5:13:15:1b:a9:cc:9b:a4:84:97:1d:c0:26:3b:
3d:bc:e5:36:fb:1f:ae:66:c2:97:6c:62:1a:10:3f:bf:bd:76:
39:ca:a3:8f:d7:60:0f:2a:30:f5:27:87:fb:da:29:83:2b:0c:
f0:70:1d:6b:88:36:61:9c:d2:72:92:cd:e6:dc:ed:0f:7b:f7:
3c:93:94:7c:c2:d7:36:61:50:15:d6:e6:04:c1:4e:42:fb:10:
cd:09:6b:73:22:55:03:1b:e0:6b:1d:f6:f3:f1:38:73:f3:f6:
5d:ea:7f:f1:38:88:2c:0d:c7:2c:2c:79:ee:94:75:ab:d3:86:
82:02:67:5f:e7:ca:be:06:9f:95:58:5a:91:2f:5a:c2:69:d3:
fc:38:e8:c3:1b:68:cb:d9:37:c9:a3:84:b9:4e:d2:b2:5a:aa:
5f:cb:57:6e:6f:47:01:79:3a:5b:5a:8c:32:f5:bf:d8:79:d1:
c5:8a:50:a7:59:68:50:2d:95:09:ab:45:57:e3:28:fc:96:e4:
32:5a:90:16
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICAhcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTdB
OTk0QkQ2MDU1NTE0NUNCNjQ1MkRDNkE5ODBGQzg1MTEzNkJEQTAeFw0yMTA5Mjkw
MjUzNDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDg2Q0Q0RkM2RDZENUND
QzYxQTM4NzA1QUEwRDJFRjFBQ0Y2QzMwOUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6WlHVy+1nwyooNmKHLMy4d3mHiiu+AV+cjctWkhZs8FodTUV5
TlZYHx9pxU54sIuskzst38KV5c7q9GYuxTNP+AWESpGNMsHDxon49izdzQNWZaiw
NQEbtpd4SHzbBrRkdiLpVPhLRXUKzdWqjqqFPMytU6fMplRNfYYnbmPltlngGjRO
OaRBxgMAZbIX8LfWIxKDkbugvGY0bBlvj7x3BQkFYHYSfQ+gYP2C6rq9j7oALo+z
zXWeE7fnb0fSce60lbquR89ZhPQvxY1yfPcWwVCq3xr8rEwDvH7JyGsYzxMzkFpv
ZXK9BcJfDUFYkKcf3LTeSK9J2uNqfPCm7OfJAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUhs1PxtbVzMYaOHBaoNLvGs9sMJ0wHwYDVR0jBBgwFoAUV6mUvWBVUUXLZFLc
apgPyFETa9owGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQUxMUEFT
Uy9WNm1VdldCVlVVWExaRkxjYXBnUHlGRVRhOW8uY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1Y2bVV2V0JWVVVYTFpGTGNhcGdQeUZFVGE5by5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0FMTFBBU1MvaHMxUHh0YlZ6TVlhT0hC
YW9OTHZHczlzTUowLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGecuTANBgkqhkiG9w0BAQsFAAOCAQEAWF+oVYUvC8aIyohQ6NOrdEntM1sUu6L2
vjoskmYxJ6nRzzM3YADK+0HLE/nedPwAQAVSJA501I1/A6UTFRupzJukhJcdwCY7
PbzlNvsfrmbCl2xiGhA/v712Ocqjj9dgDyow9SeH+9opgysM8HAda4g2YZzScpLN
5tztD3v3PJOUfMLXNmFQFdbmBMFOQvsQzQlrcyJVAxvgax328/E4c/P2Xep/8TiI
LA3HLCx57pR1q9OGggJnX+fKvgaflVhakS9awmnT/Djowxtoy9k3yaOEuU7Sslqq
X8tXbm9HAXk6W1qMMvW/2HnRxYpQp1loUC2VCatFV+Mo/JbkMlqQFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:30 2024 by rpki-client on console-fra.rpki-client.org