Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BCnl6XzQm4TUpsP86LHXUsGuAvE.roa
File: BCnl6XzQm4TUpsP86LHXUsGuAvE.roa (raw, json)
Hash identifier: Fno+CSpDFyIJFR1LifHPU4VbQn7VrYYGQGWqnIfDaLk=
Subject key identifier: 04:29:E5:E9:7C:D0:9B:84:D4:A6:C3:FC:E8:B1:D7:52:C1:AE:02:F1
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0D61
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BCnl6XzQm4TUpsP86LHXUsGuAvE.roa
Signing time: Thu 15 Sep 2022 02:39:00 +0000
ROA not before: Thu 15 Sep 2022 02:39:00 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18419
IP address blocks: 150.117.32.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3425 (0xd61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 15 02:39:00 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0429E5E97CD09B84D4A6C3FCE8B1D752C1AE02F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d9:ca:31:4c:bb:fe:fe:7a:1b:da:d8:36:2b:
6c:64:5d:c1:ca:61:9e:fa:9c:c5:18:51:29:a1:76:
f9:0a:81:6a:9d:c6:68:85:cb:c0:2a:bf:e8:4f:95:
2a:9d:ef:99:bf:86:42:56:1b:e6:62:6b:ea:07:b2:
ac:c3:33:69:54:d0:03:7c:47:35:05:c6:3b:20:a8:
5f:6e:d9:13:9d:f4:27:c1:e5:b8:c3:8b:75:1f:2b:
82:69:54:13:cf:53:e9:c6:1e:0b:71:84:43:13:f2:
c0:c0:d2:50:45:b6:fa:28:7a:5b:fb:cc:e2:43:a1:
b6:83:31:12:46:15:17:75:07:85:09:c5:a8:dd:a0:
b9:fc:d3:cc:8f:f6:8e:5c:a3:b8:e8:9b:de:09:02:
5f:6d:b9:17:39:45:17:8e:76:8a:ba:3f:56:79:d3:
eb:2e:b7:0f:77:bf:39:20:ed:de:18:4b:f7:2f:c1:
ea:f3:76:5a:2b:35:46:0c:af:23:b1:35:92:74:b4:
ba:4b:5f:a5:8b:88:f8:12:22:81:5e:52:46:28:24:
49:71:98:1b:6c:26:2e:6f:a3:85:48:05:cc:36:16:
1d:99:9b:b0:34:f9:5c:a7:ca:0f:25:54:36:13:78:
bc:9b:e1:12:d4:a0:58:a6:c8:d3:d4:25:43:e2:8f:
a3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:29:E5:E9:7C:D0:9B:84:D4:A6:C3:FC:E8:B1:D7:52:C1:AE:02:F1
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/BCnl6XzQm4TUpsP86LHXUsGuAvE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.32.0/20
Signature Algorithm: sha256WithRSAEncryption
2b:a8:5e:7e:77:77:7d:bc:ce:af:19:07:e7:f5:4e:d0:86:bf:
3e:e8:86:fd:f4:e9:3d:62:43:6b:c5:e8:00:5e:7a:fe:84:13:
46:ca:cc:b7:d8:3e:2a:d0:7a:bc:02:b3:8c:2e:74:fc:28:dc:
02:3e:b8:ce:78:2e:3f:ee:11:d6:c1:b3:36:72:cf:54:49:dd:
a7:7d:c4:3d:f1:6e:35:d1:38:a3:3b:9a:fb:6c:95:f3:c3:ed:
c9:5e:9a:16:1e:9e:38:f2:47:5a:33:1a:04:f6:6f:d7:31:32:
a3:6b:53:0d:22:9a:ad:b0:ff:fd:eb:4e:36:25:49:18:17:66:
cf:c7:89:a4:cb:44:c2:b4:70:22:89:24:60:b8:de:11:bb:c7:
51:50:6a:dd:d2:23:d5:6f:33:4c:91:30:d3:ca:81:b8:43:59:
1a:ad:ad:10:3b:19:23:50:5a:69:1f:43:27:2b:46:4f:9c:bf:
91:d7:60:8a:d8:13:d5:e4:3e:3d:f9:fb:6d:20:81:71:c8:35:
ab:0d:34:fb:39:47:39:dd:4d:b7:d8:88:e1:92:35:44:ee:21:
67:d7:fa:e9:99:1a:bb:f5:76:81:77:64:a7:d1:6b:ee:75:93:
57:be:28:28:54:e7:11:e6:74:89:51:d5:86:56:0a:cf:41:eb:
22:87:65:db
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjA5MTUw
MjM5MDBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDA0MjlFNUU5N0NEMDlC
ODRENEE2QzNGQ0U4QjFENzUyQzFBRTAyRjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC32coxTLv+/nob2tg2K2xkXcHKYZ76nMUYUSmhdvkKgWqdxmiF
y8Aqv+hPlSqd75m/hkJWG+Zia+oHsqzDM2lU0AN8RzUFxjsgqF9u2ROd9CfB5bjD
i3UfK4JpVBPPU+nGHgtxhEMT8sDA0lBFtvooelv7zOJDobaDMRJGFRd1B4UJxajd
oLn808yP9o5co7jom94JAl9tuRc5RReOdoq6P1Z50+sutw93vzkg7d4YS/cvwerz
dlorNUYMryOxNZJ0tLpLX6WLiPgSIoFeUkYoJElxmBtsJi5vo4VIBcw2Fh2Zm7A0
+Vynyg8lVDYTeLyb4RLUoFimyNPUJUPij6MJAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUBCnl6XzQm4TUpsP86LHXUsGuAvEwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9CQ25sNlh6UW00VFVw
c1A4NkxIWFVzR3VBdkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQElnUgMA0GCSqGSIb3DQEBCwUAA4IBAQArqF5+d3d9vM6vGQfn9U7Qhr8+6Ib9
9Ok9YkNrxegAXnr+hBNGysy32D4q0Hq8ArOMLnT8KNwCPrjOeC4/7hHWwbM2cs9U
Sd2nfcQ98W410TijO5r7bJXzw+3JXpoWHp448kdaMxoE9m/XMTKja1MNIpqtsP/9
6042JUkYF2bPx4mky0TCtHAiiSRguN4Ru8dRUGrd0iPVbzNMkTDTyoG4Q1kara0Q
OxkjUFppH0MnK0ZPnL+R12CK2BPV5D49+fttIIFxyDWrDTT7OUc53U232IjhkjVE
7iFn1/rpmRq79XaBd2Sn0WvudZNXvigoVOcR5nSJUdWGVgrPQesih2Xb
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:38:01 2025 by rpki-client