Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APPIER/phJYoeflGYIkICVcmOrKGVYFVf8.roa
File: phJYoeflGYIkICVcmOrKGVYFVf8.roa (raw, json)
Hash identifier: RBHG2nQ1Xdqo9HnbbKckr55pmYCoJllYDdkuglUKvRA=
Subject key identifier: A6:12:58:A1:E7:E5:19:82:24:20:25:5C:98:EA:CA:19:56:05:55:FF
Certificate issuer: /CN=4640D988EC8146BA430596012122D1A1CFC1C36B
Certificate serial: 0890
Authority key identifier: 46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/phJYoeflGYIkICVcmOrKGVYFVf8.roa
Signing time: Sun 07 Feb 2021 12:58:41 +0000
ROA not before: Sun 07 Feb 2021 12:58:41 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 20473
IP address blocks: 103.122.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2192 (0x890)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4640D988EC8146BA430596012122D1A1CFC1C36B
Validity
Not Before: Feb 7 12:58:41 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=A61258A1E7E519822420255C98EACA19560555FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0b:5e:38:a3:a1:39:85:f0:4b:19:5f:93:c6:
cf:e1:13:68:da:50:32:1a:fa:e3:c7:e7:66:cc:f0:
f1:06:15:84:6e:f2:8f:d4:22:5a:c6:1a:f0:c2:0a:
06:ba:2e:40:59:76:71:82:e7:41:66:13:da:bf:1a:
bb:7b:fa:a6:c7:18:33:a1:4b:51:ec:fd:4d:38:db:
14:ff:b8:fd:38:d1:15:64:af:ae:90:70:71:9a:62:
fb:74:08:e0:a7:6c:c5:41:de:ed:2a:ae:55:cc:6a:
5a:e0:98:99:a6:9c:7a:9a:d6:d5:a3:eb:0b:58:2f:
a1:bb:ce:d3:b7:c2:6d:a1:77:c8:aa:33:db:cb:f8:
53:3f:eb:10:b1:ee:6a:8e:0c:5a:f4:25:0b:84:ec:
c9:c3:c6:df:0d:0d:7d:84:91:c8:44:e4:13:c7:62:
75:df:22:4d:bd:d6:8d:9e:49:7e:5a:25:11:fd:ae:
b9:52:18:f3:da:13:c8:61:1d:dc:fd:92:0f:53:18:
7f:4d:33:b6:8e:8e:74:bb:31:ed:6d:25:53:c3:c3:
53:fd:a0:30:1e:04:e8:1d:b1:fe:f9:47:84:73:e4:
97:95:1b:d2:c1:48:88:bf:ee:49:0a:d6:9a:9f:95:
e3:fd:e7:79:74:85:47:f1:fd:79:33:a7:f7:ab:3b:
25:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:12:58:A1:E7:E5:19:82:24:20:25:5C:98:EA:CA:19:56:05:55:FF
X509v3 Authority Key Identifier:
keyid:46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/phJYoeflGYIkICVcmOrKGVYFVf8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.17.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:9f:a0:af:4c:fb:3a:19:00:54:e4:6d:6e:5f:9d:8f:5e:16:
1b:5e:09:db:f1:21:f8:0a:f6:fc:5c:20:ff:f1:ff:13:eb:a7:
69:4f:f9:65:16:6f:13:5d:f5:c7:5b:1c:12:2b:9c:c5:2d:64:
1c:4e:50:ab:77:72:7a:e8:db:03:fc:91:92:b6:68:f9:0f:48:
f3:5d:45:03:d3:e1:a6:37:e5:6b:6f:be:b9:2a:c1:3d:0b:40:
a1:83:a9:2e:5a:08:ec:d2:ed:5f:3a:11:78:e1:a5:52:90:d5:
51:4a:60:c5:69:a3:a7:49:86:55:4a:0a:13:09:03:56:51:3f:
2a:b4:8f:2f:63:ec:ce:aa:b5:90:32:cc:3d:31:c9:9e:8e:13:
f0:87:90:23:36:53:a8:2a:56:fe:85:e5:ed:b9:80:34:e1:93:
0c:46:41:61:cd:df:a6:65:13:cc:9e:fc:32:d6:9c:3d:aa:34:
31:a4:1d:26:6b:7b:e4:81:5a:a8:6b:80:f1:24:b5:76:bc:19:
90:4d:a8:82:8d:af:c9:8a:c3:20:77:1e:e2:c6:d3:29:0b:ec:
31:2d:fe:bf:d1:bd:e5:e6:d4:5a:52:32:bc:c5:08:58:e0:74:
d7:93:b0:65:37:41:db:d0:b8:77:3f:9e:35:1a:95:0e:1c:5a:
75:ad:2f:e5
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCJAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDY0
MEQ5ODhFQzgxNDZCQTQzMDU5NjAxMjEyMkQxQTFDRkMxQzM2QjAeFw0yMTAyMDcx
MjU4NDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEE2MTI1OEExRTdFNTE5
ODIyNDIwMjU1Qzk4RUFDQTE5NTYwNTU1RkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChC144o6E5hfBLGV+Txs/hE2jaUDIa+uPH52bM8PEGFYRu8o/U
IlrGGvDCCga6LkBZdnGC50FmE9q/Grt7+qbHGDOhS1Hs/U042xT/uP040RVkr66Q
cHGaYvt0COCnbMVB3u0qrlXMalrgmJmmnHqa1tWj6wtYL6G7ztO3wm2hd8iqM9vL
+FM/6xCx7mqODFr0JQuE7MnDxt8NDX2EkchE5BPHYnXfIk291o2eSX5aJRH9rrlS
GPPaE8hhHdz9kg9TGH9NM7aOjnS7Me1tJVPDw1P9oDAeBOgdsf75R4Rz5JeVG9LB
SIi/7kkK1pqfleP953l0hUfx/Xkzp/erOyWfAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUphJYoeflGYIkICVcmOrKGVYFVf8wHwYDVR0jBBgwFoAURkDZiOyBRrpDBZYB
ISLRoc/Bw2swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVS
L1JrRFppT3lCUnJwREJaWUJJU0xSb2NfQncycy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvUmtEWmlPeUJScnBEQlpZQklTTFJvY19CdzJzLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVSL3BoSllvZWZsR1lJa0lDVmNt
T3JLR1ZZRlZmOC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
ehEwDQYJKoZIhvcNAQELBQADggEBALCfoK9M+zoZAFTkbW5fnY9eFhteCdvxIfgK
9vxcIP/x/xPrp2lP+WUWbxNd9cdbHBIrnMUtZBxOUKt3cnro2wP8kZK2aPkPSPNd
RQPT4aY35WtvvrkqwT0LQKGDqS5aCOzS7V86EXjhpVKQ1VFKYMVpo6dJhlVKChMJ
A1ZRPyq0jy9j7M6qtZAyzD0xyZ6OE/CHkCM2U6gqVv6F5e25gDThkwxGQWHN36Zl
E8ye/DLWnD2qNDGkHSZre+SBWqhrgPEktXa8GZBNqIKNr8mKwyB3HuLG0ykL7DEt
/r/RveXm1FpSMrzFCFjgdNeTsGU3QdvQuHc/njUalQ4cWnWtL+U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:32 2024 by rpki-client on console-fra.rpki-client.org