Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/2JNxkyeBMH51QAMV4pkFQA1lSAk.roa
File: 2JNxkyeBMH51QAMV4pkFQA1lSAk.roa (raw, json)
Hash identifier: WPUgG0gwLYcDRaB3S9IOWn/4esVHgKGPAkh//cvmp9Y=
Subject key identifier: D8:93:71:93:27:81:30:7E:75:40:03:15:E2:99:05:40:0D:65:48:09
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0852
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/2JNxkyeBMH51QAMV4pkFQA1lSAk.roa
Signing time: Tue 29 Sep 2020 10:02:19 +0000
ROA not before: Tue 29 Sep 2020 10:02:19 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17213
IP address blocks: 150.116.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2130 (0x852)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 29 10:02:19 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D89371932781307E75400315E29905400D654809
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dd:8e:ea:27:58:9d:9a:40:a1:06:7e:f4:cb:
1a:9b:98:59:52:cb:a3:6c:b9:62:40:3c:07:8a:a9:
86:6f:98:e6:ed:f1:98:e1:29:10:7f:89:05:b6:13:
2b:c0:9b:5b:28:71:fe:ed:fc:e2:4c:e4:94:a7:11:
be:78:30:16:7e:77:bb:de:d0:82:12:2f:11:32:39:
90:e9:a6:f9:b1:71:54:78:70:c1:66:dd:6f:18:7a:
4a:db:04:d5:cf:52:17:e2:56:e1:10:a3:22:79:b4:
5b:a7:98:72:1e:41:63:a9:fc:30:b2:28:f4:8b:0c:
be:6a:35:88:21:55:44:e1:8a:29:a5:e4:bd:49:46:
a0:4d:22:3d:5e:3a:a8:62:42:18:6d:84:26:bf:f4:
5a:00:4a:7a:b2:ac:99:13:3f:c7:4e:42:27:84:f5:
3e:b1:e0:85:3d:eb:31:92:9f:f3:04:d3:69:34:a1:
3f:dd:7e:2e:b4:36:06:5c:01:86:2f:c3:88:c8:86:
77:e9:fa:36:ac:a3:bc:8c:64:9a:7a:51:f3:cd:54:
02:84:7a:19:c7:e6:16:49:f8:e8:aa:e9:e4:40:75:
52:e5:e8:45:a9:27:8c:13:fa:0c:66:ed:2c:c0:37:
e9:65:8d:b0:02:59:9a:36:4d:ec:f1:65:7f:e4:3d:
33:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:93:71:93:27:81:30:7E:75:40:03:15:E2:99:05:40:0D:65:48:09
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/2JNxkyeBMH51QAMV4pkFQA1lSAk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.88.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:15:aa:a0:3f:0f:2d:cf:a4:b1:75:24:1c:12:c9:60:f4:16:
a8:33:06:1a:a5:58:25:16:ec:23:90:bc:84:1c:8c:a9:3b:21:
56:b0:11:6e:99:30:05:9e:8a:4e:3e:fb:45:e7:c8:65:56:d1:
24:65:53:da:49:b4:e6:d1:df:e3:05:ba:eb:b6:6e:cb:3c:be:
44:80:e8:4f:76:ab:1c:44:9f:21:02:f8:72:3d:fc:f4:21:53:
85:7e:5d:de:2f:d8:d5:b7:b7:0c:d5:ff:96:fc:29:75:32:e8:
ea:b8:58:6f:a7:8f:93:72:84:80:fd:e9:d3:5d:29:6d:68:10:
e4:e8:dc:a7:c1:42:69:75:f1:80:b1:9f:c1:bc:77:e0:33:03:
96:44:8f:39:a3:3f:ca:fc:46:6f:af:64:7c:18:c3:b1:2d:25:
1d:9f:1c:97:53:fe:c3:b5:18:c2:8e:18:42:11:e4:ba:05:dc:
69:51:a0:79:27:9c:a8:aa:36:5a:16:6c:bb:b1:00:16:4a:b5:
00:c6:ff:2e:48:c7:d8:89:c6:33:be:e6:89:cc:34:c7:d8:55:
b5:13:99:65:e6:f4:31:c2:37:c4:33:0d:ad:81:74:ac:76:7b:
bb:b7:de:58:f6:d0:d4:de:33:0b:ed:f8:ca:9f:9f:c0:5f:21:
81:2c:68:2d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCFIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMDA5Mjkx
MDAyMTlaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQ4OTM3MTkzMjc4MTMw
N0U3NTQwMDMxNUUyOTkwNTQwMEQ2NTQ4MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB3Y7qJ1idmkChBn70yxqbmFlSy6NsuWJAPAeKqYZvmObt8Zjh
KRB/iQW2EyvAm1socf7t/OJM5JSnEb54MBZ+d7ve0IISLxEyOZDppvmxcVR4cMFm
3W8YekrbBNXPUhfiVuEQoyJ5tFunmHIeQWOp/DCyKPSLDL5qNYghVUThiiml5L1J
RqBNIj1eOqhiQhhthCa/9FoASnqyrJkTP8dOQieE9T6x4IU96zGSn/ME02k0oT/d
fi60NgZcAYYvw4jIhnfp+jaso7yMZJp6UfPNVAKEehnH5hZJ+Oiq6eRAdVLl6EWp
J4wT+gxm7SzAN+lljbACWZo2TezxZX/kPTMBAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU2JNxkyeBMH51QAMV4pkFQA1lSAkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy8ySk54a3llQk1INTFR
QU1WNHBrRlFBMWxTQWsucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQClnRYMA0GCSqGSIb3DQEBCwUAA4IBAQBfFaqgPw8tz6SxdSQcEslg9BaoMwYa
pVglFuwjkLyEHIypOyFWsBFumTAFnopOPvtF58hlVtEkZVPaSbTm0d/jBbrrtm7L
PL5EgOhPdqscRJ8hAvhyPfz0IVOFfl3eL9jVt7cM1f+W/Cl1MujquFhvp4+TcoSA
/enTXSltaBDk6NynwUJpdfGAsZ/BvHfgMwOWRI85oz/K/EZvr2R8GMOxLSUdnxyX
U/7DtRjCjhhCEeS6BdxpUaB5J5yoqjZaFmy7sQAWSrUAxv8uSMfYicYzvuaJzDTH
2FW1E5ll5vQxwjfEMw2tgXSsdnu7t95Y9tDU3jML7fjKn5/AXyGBLGgt
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org