Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/APPIER/r7cIYOAnXbWrbZ5Q1r1Vn96MAPQ.roa
File: r7cIYOAnXbWrbZ5Q1r1Vn96MAPQ.roa (raw, json)
Hash identifier: amFFmVSvTcP/nr3q0MRFlLe8wK7ublqOeMLa2JNAN8k=
Subject key identifier: AF:B7:08:60:E0:27:5D:B5:AB:6D:9E:50:D6:BD:55:9F:DE:8C:00:F4
Certificate issuer: /CN=4640D988EC8146BA430596012122D1A1CFC1C36B
Certificate serial: 0931
Authority key identifier: 46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/r7cIYOAnXbWrbZ5Q1r1Vn96MAPQ.roa
Signing time: Wed 29 Sep 2021 02:53:06 +0000
ROA not before: Wed 29 Sep 2021 02:53:06 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 20473
IP address blocks: 103.122.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2353 (0x931)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4640D988EC8146BA430596012122D1A1CFC1C36B
Validity
Not Before: Sep 29 02:53:06 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=AFB70860E0275DB5AB6D9E50D6BD559FDE8C00F4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d2:c2:64:f1:b9:02:ce:88:f3:3c:6d:a3:2d:
b7:4b:cc:59:79:c9:18:e1:e3:c1:02:2e:93:48:bf:
02:d0:1d:1f:50:24:56:44:d3:e5:2a:0b:f5:ba:00:
f5:25:a2:44:a6:e4:72:a6:dd:38:61:11:6f:53:cc:
60:22:6d:cf:7a:33:93:b8:76:da:25:93:26:a2:d4:
d4:5e:2f:b8:82:8b:b9:21:15:7c:96:50:a1:d6:26:
bb:b5:3f:7e:db:41:98:7d:b5:a3:92:36:49:6a:b3:
7d:7f:6c:fa:e9:1b:88:7b:8e:b8:70:11:25:2c:54:
d3:ba:9d:2a:62:39:a8:12:51:7b:0b:26:b2:75:12:
cf:b4:b7:3f:26:3f:3f:b6:d7:07:63:47:8c:b7:db:
de:41:aa:b5:d2:c9:6c:11:45:84:7c:94:32:1f:1b:
92:a8:05:b2:aa:8c:32:6e:90:2f:4b:ab:27:d3:8e:
98:c5:1a:fd:c2:2a:48:9e:cb:76:1d:66:c1:2c:f4:
29:9b:29:0f:69:72:b5:aa:b4:38:82:d7:d7:58:b6:
62:e3:0a:99:c8:c8:31:89:3f:6d:86:98:35:ce:81:
eb:41:40:e4:2b:05:43:85:eb:a4:19:12:b8:cd:68:
0a:e7:24:6f:65:bf:a2:df:02:5c:a0:0f:8c:48:e5:
98:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B7:08:60:E0:27:5D:B5:AB:6D:9E:50:D6:BD:55:9F:DE:8C:00:F4
X509v3 Authority Key Identifier:
keyid:46:40:D9:88:EC:81:46:BA:43:05:96:01:21:22:D1:A1:CF:C1:C3:6B
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/RkDZiOyBRrpDBZYBISLRoc_Bw2s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/RkDZiOyBRrpDBZYBISLRoc_Bw2s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/APPIER/r7cIYOAnXbWrbZ5Q1r1Vn96MAPQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.122.17.0/24
Signature Algorithm: sha256WithRSAEncryption
02:64:b6:1c:49:7d:7d:b9:35:8c:0e:8a:cc:48:bd:ae:77:83:
75:f8:e7:2a:b0:89:ef:e7:94:b0:5b:33:b2:de:65:e4:b1:27:
49:d5:1c:8c:c5:91:c6:97:59:46:aa:09:f9:79:17:c1:f7:49:
d4:bb:4f:2e:38:2e:a8:f6:b7:ca:43:11:08:12:b2:97:74:bd:
74:20:a9:0b:90:c7:b9:91:b1:02:c8:b1:de:4d:3f:fa:67:5f:
83:be:d5:c3:9f:50:76:85:00:e6:a9:f5:cd:93:2b:33:62:7a:
fa:51:44:0c:76:8d:2e:9b:9a:60:ee:71:31:98:e7:94:e7:89:
40:f3:b9:bc:82:e6:39:40:2f:51:d1:b7:91:ad:8b:33:dd:82:
0d:1e:fa:a4:45:80:9d:ee:96:90:cd:24:2e:38:f0:f0:df:05:
a4:4d:f9:fd:1f:c8:13:00:e6:36:f7:11:60:e5:33:50:56:70:
9c:6a:32:ac:79:60:0f:e8:4f:c6:7b:63:aa:74:00:25:6d:39:
1d:3f:91:5a:39:c2:c6:35:b8:60:6d:d0:67:62:99:f8:2e:d1:
4a:8a:5a:99:d0:9b:e2:e8:c8:f6:62:07:7a:35:39:cd:04:ba:
06:29:12:e5:66:25:7a:1f:f0:dc:8e:70:bb:37:ce:4e:19:62:
0e:75:96:68
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCTEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDY0
MEQ5ODhFQzgxNDZCQTQzMDU5NjAxMjEyMkQxQTFDRkMxQzM2QjAeFw0yMTA5Mjkw
MjUzMDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEFGQjcwODYwRTAyNzVE
QjVBQjZEOUU1MEQ2QkQ1NTlGREU4QzAwRjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX0sJk8bkCzojzPG2jLbdLzFl5yRjh48ECLpNIvwLQHR9QJFZE
0+UqC/W6APUlokSm5HKm3ThhEW9TzGAibc96M5O4dtolkyai1NReL7iCi7khFXyW
UKHWJru1P37bQZh9taOSNklqs31/bPrpG4h7jrhwESUsVNO6nSpiOagSUXsLJrJ1
Es+0tz8mPz+21wdjR4y3295BqrXSyWwRRYR8lDIfG5KoBbKqjDJukC9LqyfTjpjF
Gv3CKkiey3YdZsEs9CmbKQ9pcrWqtDiC19dYtmLjCpnIyDGJP22GmDXOgetBQOQr
BUOF66QZErjNaArnJG9lv6LfAlygD4xI5ZijAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUr7cIYOAnXbWrbZ5Q1r1Vn96MAPQwHwYDVR0jBBgwFoAURkDZiOyBRrpDBZYB
ISLRoc/Bw2swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVS
L1JrRFppT3lCUnJwREJaWUJJU0xSb2NfQncycy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvUmtEWmlPeUJScnBEQlpZQklTTFJvY19CdzJzLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvQVBQSUVSL3I3Y0lZT0FuWGJXcmJaNVEx
cjFWbjk2TUFQUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn
ehEwDQYJKoZIhvcNAQELBQADggEBAAJkthxJfX25NYwOisxIva53g3X45yqwie/n
lLBbM7LeZeSxJ0nVHIzFkcaXWUaqCfl5F8H3SdS7Ty44Lqj2t8pDEQgSspd0vXQg
qQuQx7mRsQLIsd5NP/pnX4O+1cOfUHaFAOap9c2TKzNievpRRAx2jS6bmmDucTGY
55TniUDzubyC5jlAL1HRt5GtizPdgg0e+qRFgJ3ulpDNJC448PDfBaRN+f0fyBMA
5jb3EWDlM1BWcJxqMqx5YA/oT8Z7Y6p0ACVtOR0/kVo5wsY1uGBt0Gdimfgu0UqK
WpnQm+LoyPZiB3o1Oc0EugYpEuVmJXof8NyOcLs3zk4ZYg51lmg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:02 2024 by rpki-client on console-ams.rpki-client.org