Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CGNET/3rpMlqoEQtN4Dboelz2CPBbtJlk.roa
File: 3rpMlqoEQtN4Dboelz2CPBbtJlk.roa (raw, json)
Hash identifier: lqMTQWZqHliFM5AJg89vgs/YbeC0JIG3ErYcbmXYowQ=
Subject key identifier: DE:BA:4C:96:AA:04:42:D3:78:0D:BA:1E:97:3D:82:3C:16:ED:26:59
Certificate issuer: /CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Certificate serial: 0B68
Authority key identifier: 5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/3rpMlqoEQtN4Dboelz2CPBbtJlk.roa
Signing time: Fri 16 Dec 2022 04:15:45 +0000
ROA not before: Fri 16 Dec 2022 04:15:45 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18429
IP address blocks: 103.224.200.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2920 (0xb68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5D1E3F3C8BA89DC1310410345F50C10076181261
Validity
Not Before: Dec 16 04:15:45 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=DEBA4C96AA0442D3780DBA1E973D823C16ED2659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d8:9a:4d:73:28:db:a9:c1:6d:0b:2e:d2:44:
7b:d3:ad:99:93:17:85:54:94:07:e4:de:50:01:32:
0b:f3:16:a7:a2:95:37:73:2c:86:3a:d3:28:14:bc:
c6:7f:ff:6a:41:1e:a9:82:76:b0:db:42:52:ff:f4:
39:e0:35:65:2a:87:1a:21:81:a4:93:70:c1:80:56:
a8:de:9a:d1:a5:f4:08:c4:3e:97:43:40:79:7e:7e:
60:0a:48:e1:1c:0f:1d:71:df:72:8b:85:d0:90:c0:
24:04:d6:c6:92:b9:f0:d5:9e:f0:b7:c2:0d:ab:e8:
09:40:c0:33:0d:f9:ec:22:5c:d6:92:bd:e1:60:14:
fd:f7:ea:99:1a:e0:5b:ad:46:d3:e1:11:1a:18:17:
b8:1a:4e:a4:54:7f:b1:0a:22:a1:c5:f9:c7:28:6e:
27:0a:ef:72:f3:c4:22:8c:88:71:af:58:b2:9f:96:
8c:4f:41:25:bc:4d:54:a5:39:3c:08:36:4a:d0:9f:
9a:2c:d6:c9:a3:f6:5a:66:b5:67:fd:86:36:87:25:
d2:ec:80:8c:1b:77:25:0a:70:cd:e9:cd:53:bb:81:
06:33:87:f5:86:ba:98:3f:8e:e5:bb:77:02:15:4a:
71:81:d0:92:67:24:b4:00:ee:a9:ef:61:c7:7e:95:
45:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BA:4C:96:AA:04:42:D3:78:0D:BA:1E:97:3D:82:3C:16:ED:26:59
X509v3 Authority Key Identifier:
keyid:5D:1E:3F:3C:8B:A8:9D:C1:31:04:10:34:5F:50:C1:00:76:18:12:61
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/XR4_PIuoncExBBA0X1DBAHYYEmE.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XR4_PIuoncExBBA0X1DBAHYYEmE.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CGNET/3rpMlqoEQtN4Dboelz2CPBbtJlk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.224.200.0/22
Signature Algorithm: sha256WithRSAEncryption
48:88:79:8d:cf:21:cc:90:b2:70:ea:f6:8e:b9:fc:06:82:ad:
bc:03:81:b2:c3:2b:b0:7d:82:f2:6a:e1:0c:c7:cb:f3:16:18:
cf:ad:93:36:80:8d:1f:4e:9b:1a:c1:15:4f:ac:89:10:0f:04:
8c:2c:6c:33:53:fd:c7:36:8d:ee:7c:53:8a:4b:b4:c9:d9:c1:
23:b0:3a:89:00:80:3f:79:a8:0b:80:05:c9:ff:68:63:e2:d7:
5c:aa:d1:3e:1b:92:11:c1:82:08:32:eb:09:aa:22:43:e0:5c:
6a:b2:08:2c:ee:5f:59:03:4b:bd:db:a5:57:b2:bf:74:89:0b:
ed:f8:11:1c:e2:69:5d:c6:38:5a:45:2c:50:66:ec:56:1d:a7:
b9:f6:f7:8d:f8:d0:c6:fb:0a:b4:b8:3f:53:a5:e4:25:75:d3:
f7:70:74:21:19:23:8c:cb:57:12:7e:78:03:de:1b:47:3d:1a:
6f:4b:58:56:eb:03:36:86:90:ac:0d:dc:d3:8a:b4:11:7c:f6:
25:4b:7d:8b:f2:b5:7d:d1:82:38:c9:0b:c0:f2:1e:a2:75:cb:
53:31:5d:13:55:4e:e0:2b:65:4b:d3:c4:aa:78:cf:92:7c:63:
44:c5:9d:f9:a0:be:71:d2:fe:1e:e7:ec:30:1f:71:cc:ea:3b:
72:9a:57:58
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICC2gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUQx
RTNGM0M4QkE4OURDMTMxMDQxMDM0NUY1MEMxMDA3NjE4MTI2MTAeFw0yMjEyMTYw
NDE1NDVaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKERFQkE0Qzk2QUEwNDQy
RDM3ODBEQkExRTk3M0Q4MjNDMTZFRDI2NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC32JpNcyjbqcFtCy7SRHvTrZmTF4VUlAfk3lABMgvzFqeilTdz
LIY60ygUvMZ//2pBHqmCdrDbQlL/9DngNWUqhxohgaSTcMGAVqjemtGl9AjEPpdD
QHl+fmAKSOEcDx1x33KLhdCQwCQE1saSufDVnvC3wg2r6AlAwDMN+ewiXNaSveFg
FP336pka4FutRtPhERoYF7gaTqRUf7EKIqHF+ccobicK73LzxCKMiHGvWLKfloxP
QSW8TVSlOTwINkrQn5os1smj9lpmtWf9hjaHJdLsgIwbdyUKcM3pzVO7gQYzh/WG
upg/juW7dwIVSnGB0JJnJLQA7qnvYcd+lUU1AgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQU3rpMlqoEQtN4Dboelz2CPBbtJlkwHwYDVR0jBBgwFoAUXR4/PIuoncExBBA0
X1DBAHYYEmEwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0dORVQv
WFI0X1BJdW9uY0V4QkJBMFgxREJBSFlZRW1FLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9YUjRfUEl1b25jRXhCQkEwWDFEQkFIWVlFbUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DR05FVC8zcnBNbHFvRVF0TjREYm9lbHoy
Q1BCYnRKbGsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ+DI
MA0GCSqGSIb3DQEBCwUAA4IBAQBIiHmNzyHMkLJw6vaOufwGgq28A4GywyuwfYLy
auEMx8vzFhjPrZM2gI0fTpsawRVPrIkQDwSMLGwzU/3HNo3ufFOKS7TJ2cEjsDqJ
AIA/eagLgAXJ/2hj4tdcqtE+G5IRwYIIMusJqiJD4Fxqsggs7l9ZA0u926VXsr90
iQvt+BEc4mldxjhaRSxQZuxWHae59veN+NDG+wq0uD9TpeQlddP3cHQhGSOMy1cS
fngD3htHPRpvS1hW6wM2hpCsDdzTirQRfPYlS32L8rV90YI4yQvA8h6idctTMV0T
VU7gK2VL08SqeM+SfGNExZ35oL5x0v4e5+wwH3HM6jtymldY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org