Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/9Hl1lSU_Vx7opYWXfPxE0qpAOPI.roa
File: 9Hl1lSU_Vx7opYWXfPxE0qpAOPI.roa (raw, json)
Hash identifier: jy69WwqI11fZEabiftWhx68Iwa2NxKABpW6JD7R0Hmo=
Subject key identifier: F4:79:75:95:25:3F:57:1E:E8:A5:85:97:7C:FC:44:D2:AA:40:38:F2
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0D61
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/9Hl1lSU_Vx7opYWXfPxE0qpAOPI.roa
Signing time: Thu 15 Sep 2022 02:38:59 +0000
ROA not before: Thu 15 Sep 2022 02:38:59 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 223.26.112.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3425 (0xd61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 15 02:38:59 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=F4797595253F571EE8A585977CFC44D2AA4038F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:01:0a:ff:04:e0:5c:0a:13:5c:dc:84:05:c7:
e8:af:ed:c1:1e:14:27:b6:46:27:e2:11:49:ba:5a:
b8:f7:f9:6c:10:34:18:c7:d8:b4:71:b7:ab:65:05:
bb:0b:3e:c9:0f:e2:8c:c7:4e:3b:77:fa:c6:f7:a6:
5e:1b:89:0f:de:45:8a:2a:f1:09:1e:59:8f:94:4b:
65:9e:ea:5b:7b:e0:6e:b9:44:06:51:83:1e:f8:0d:
94:f8:75:85:39:45:28:fd:72:e1:23:17:90:69:4c:
fa:b8:a2:ff:57:bb:29:b1:a2:df:de:bc:64:c0:6c:
58:ed:7a:06:62:20:79:07:79:35:b3:4b:0e:fe:03:
43:10:61:5f:81:42:23:74:a8:dd:d9:e4:98:85:81:
64:81:65:b8:a4:4e:7f:4f:6e:90:39:a6:fe:c7:c2:
d0:4d:9a:1e:cd:ff:f2:b6:b4:b5:71:c1:f2:4b:91:
1d:11:67:3a:46:8e:18:67:31:96:7d:79:45:8e:17:
9f:ea:8d:f7:5d:95:76:5b:c9:1d:f4:ea:1a:dc:a7:
9c:0a:a7:2a:de:32:98:5b:af:46:53:4d:95:b3:a1:
38:95:06:78:53:ac:20:0a:75:3b:ac:6c:80:80:9c:
80:f5:fe:d6:c1:20:13:d8:87:39:51:14:ad:38:44:
ac:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:79:75:95:25:3F:57:1E:E8:A5:85:97:7C:FC:44:D2:AA:40:38:F2
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/9Hl1lSU_Vx7opYWXfPxE0qpAOPI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.26.112.0/20
Signature Algorithm: sha256WithRSAEncryption
59:7e:4d:ee:16:ed:21:65:38:42:c8:f9:e3:45:53:1a:12:5e:
a6:ab:b7:ae:42:7b:d7:25:bb:c0:1f:3f:e0:2f:a7:4f:8d:7e:
1e:12:33:9d:62:54:de:cf:9e:ca:7b:24:b2:b5:0d:47:0a:59:
ad:60:1f:fb:11:d8:03:cb:58:97:b1:ee:02:d5:cb:99:c4:85:
33:14:17:60:4e:39:75:e9:54:c3:8e:77:a5:17:ca:26:2b:d4:
ce:84:4d:01:a4:7c:8f:ee:66:44:34:59:e1:08:05:9c:f5:c2:
b7:4a:66:55:0f:60:40:36:7d:63:bb:7d:29:c9:fa:a1:c6:f4:
c1:ef:cc:07:ff:ea:a9:85:ee:b7:80:74:e8:03:c4:24:84:6c:
e8:eb:29:8e:71:3f:48:47:b2:4c:a3:0a:69:56:f6:94:0a:5c:
6b:be:1d:46:91:50:9e:eb:0b:51:52:97:92:b5:07:32:62:72:
ea:0b:4a:94:3f:6d:7c:06:dc:3b:30:bf:be:22:e4:c4:aa:77:
b8:20:65:17:a3:f1:7a:30:a5:6c:94:84:83:17:4b:8b:cc:d5:
d2:8e:39:d8:e6:08:55:f8:d2:ef:23:df:19:ac:fb:32:5c:bf:
f6:ec:d9:3c:12:4a:6c:1b:69:1f:cc:cc:28:fa:ba:a4:aa:4c:
20:73:1b:f1
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjA5MTUw
MjM4NTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY0Nzk3NTk1MjUzRjU3
MUVFOEE1ODU5NzdDRkM0NEQyQUE0MDM4RjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBAQr/BOBcChNc3IQFx+iv7cEeFCe2RifiEUm6Wrj3+WwQNBjH
2LRxt6tlBbsLPskP4ozHTjt3+sb3pl4biQ/eRYoq8QkeWY+US2We6lt74G65RAZR
gx74DZT4dYU5RSj9cuEjF5BpTPq4ov9Xuymxot/evGTAbFjtegZiIHkHeTWzSw7+
A0MQYV+BQiN0qN3Z5JiFgWSBZbikTn9PbpA5pv7HwtBNmh7N//K2tLVxwfJLkR0R
ZzpGjhhnMZZ9eUWOF5/qjfddlXZbyR306hrcp5wKpyreMphbr0ZTTZWzoTiVBnhT
rCAKdTusbICAnID1/tbBIBPYhzlRFK04RKzhAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU9Hl1lSU/Vx7opYWXfPxE0qpAOPIwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy85SGwxbFNVX1Z4N29w
WVdYZlB4RTBxcEFPUEkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQE3xpwMA0GCSqGSIb3DQEBCwUAA4IBAQBZfk3uFu0hZThCyPnjRVMaEl6mq7eu
QnvXJbvAHz/gL6dPjX4eEjOdYlTez57KeySytQ1HClmtYB/7EdgDy1iXse4C1cuZ
xIUzFBdgTjl16VTDjnelF8omK9TOhE0BpHyP7mZENFnhCAWc9cK3SmZVD2BANn1j
u30pyfqhxvTB78wH/+qphe63gHToA8QkhGzo6ymOcT9IR7JMowppVvaUClxrvh1G
kVCe6wtRUpeStQcyYnLqC0qUP218Btw7ML++IuTEqne4IGUXo/F6MKVslISDF0uL
zNXSjjnY5ghV+NLvI98ZrPsyXL/27Nk8EkpsG2kfzMwo+rqkqkwgcxvx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org