Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DjQb5RzjazzXMbGdVpVjncNkEZo.roa
File: DjQb5RzjazzXMbGdVpVjncNkEZo.roa (raw, json)
Hash identifier: ie9eBgEOEe/JtpvXTAL8CGh2vIaxI2NHR6PYYZK2aNo=
Subject key identifier: 0E:34:1B:E5:1C:E3:6B:3C:D7:31:B1:9D:56:95:63:9D:C3:64:11:9A
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0DC2
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DjQb5RzjazzXMbGdVpVjncNkEZo.roa
Signing time: Thu 29 Dec 2022 09:31:50 +0000
ROA not before: Thu 29 Dec 2022 09:31:50 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17408
IP address blocks: 150.117.160.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3522 (0xdc2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Dec 29 09:31:50 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=0E341BE51CE36B3CD731B19D5695639DC364119A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a9:a2:60:cf:57:8a:be:e1:62:5e:c1:66:4e:
01:62:8f:6f:78:c4:da:98:03:b0:b7:8d:64:5d:b5:
32:f0:bb:ee:92:27:d4:d9:c1:89:97:b7:4e:02:c6:
d4:95:3d:bb:9b:21:ba:d7:8f:03:8d:46:91:f8:29:
4d:55:b0:45:d5:a0:1c:19:8d:cf:45:31:dd:70:80:
1f:93:04:0d:3c:d5:91:67:99:14:c9:b6:09:0e:be:
0e:3d:8a:3d:95:19:b0:9d:77:a5:cd:a2:48:f5:f6:
5d:49:29:57:49:b5:7e:0c:d1:51:ce:6e:fa:84:31:
0a:6f:7d:5b:c0:94:22:a2:14:1c:23:82:f6:b2:36:
3f:92:f1:68:f1:08:fd:bb:88:45:e6:13:6d:4e:c9:
b5:eb:04:1e:d2:f2:7e:09:ac:62:03:29:b6:f5:b4:
be:29:12:cd:0f:92:49:4d:bd:c1:b7:14:13:92:e6:
f8:02:b0:c2:ba:e1:ce:e8:0b:b5:51:fd:32:48:e6:
5e:04:ea:44:85:fc:e0:a7:9f:fe:0f:9e:ce:44:5e:
b8:88:29:6c:3e:a6:47:2f:ae:d6:ca:17:b0:fd:bb:
de:0d:95:2c:f5:e9:af:05:a3:43:ab:09:8f:07:d9:
42:3c:ff:65:68:89:73:7a:b8:99:3c:e5:80:47:21:
36:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:34:1B:E5:1C:E3:6B:3C:D7:31:B1:9D:56:95:63:9D:C3:64:11:9A
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/DjQb5RzjazzXMbGdVpVjncNkEZo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.160.0/21
Signature Algorithm: sha256WithRSAEncryption
58:b9:66:b8:55:37:26:57:34:66:a1:64:b0:a6:39:e9:f6:2b:
01:10:c2:89:ef:e2:b4:4c:e0:5d:20:69:53:68:6e:01:d1:36:
6c:9f:87:7c:24:70:60:8f:46:9f:61:65:9b:29:35:a2:5e:ed:
f7:31:4f:46:03:70:c3:88:9f:eb:02:5d:e2:29:9d:e7:6e:80:
63:f4:7a:c7:5a:72:d4:cf:7a:ad:df:72:9b:00:17:f6:e1:c0:
0a:3d:2d:e2:26:d6:57:5a:d6:50:8a:72:55:2c:11:d2:2b:57:
b3:d8:1c:7f:75:85:21:57:03:eb:4a:47:8d:05:9d:5f:f4:8c:
7b:3d:8b:05:7c:ac:c1:cb:7d:04:e8:a0:44:d1:52:6c:64:9b:
16:ae:9d:ae:ff:d4:45:15:01:99:e3:f3:5d:2b:6d:67:56:29:
94:67:7f:7d:4d:7f:40:77:f4:9d:73:c4:d2:40:a5:52:8b:33:
6f:21:84:04:c9:f2:ec:da:20:a5:0c:ed:3d:7b:de:f9:c8:bc:
1b:c7:3e:c9:47:55:1f:96:3a:3f:c4:92:1f:50:57:28:ea:97:
79:e5:b9:75:08:85:1c:89:ec:3f:a1:db:20:8f:99:11:c0:2b:
39:c4:52:f1:18:d7:10:19:62:73:81:1b:7b:b5:9d:af:05:41:
e2:53:a1:a9
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDcIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMxNTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDBFMzQxQkU1MUNFMzZC
M0NENzMxQjE5RDU2OTU2MzlEQzM2NDExOUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFqaJgz1eKvuFiXsFmTgFij294xNqYA7C3jWRdtTLwu+6SJ9TZ
wYmXt04CxtSVPbubIbrXjwONRpH4KU1VsEXVoBwZjc9FMd1wgB+TBA081ZFnmRTJ
tgkOvg49ij2VGbCdd6XNokj19l1JKVdJtX4M0VHObvqEMQpvfVvAlCKiFBwjgvay
Nj+S8WjxCP27iEXmE21OybXrBB7S8n4JrGIDKbb1tL4pEs0PkklNvcG3FBOS5vgC
sMK64c7oC7VR/TJI5l4E6kSF/OCnn/4Pns5EXriIKWw+pkcvrtbKF7D9u94NlSz1
6a8Fo0OrCY8H2UI8/2VoiXN6uJk85YBHITaPAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUDjQb5RzjazzXMbGdVpVjncNkEZowHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9EalFiNVJ6amF6elhN
YkdkVnBWam5jTmtFWm8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnWgMA0GCSqGSIb3DQEBCwUAA4IBAQBYuWa4VTcmVzRmoWSwpjnp9isBEMKJ
7+K0TOBdIGlTaG4B0TZsn4d8JHBgj0afYWWbKTWiXu33MU9GA3DDiJ/rAl3iKZ3n
boBj9HrHWnLUz3qt33KbABf24cAKPS3iJtZXWtZQinJVLBHSK1ez2Bx/dYUhVwPr
SkeNBZ1f9Ix7PYsFfKzBy30E6KBE0VJsZJsWrp2u/9RFFQGZ4/NdK21nVimUZ399
TX9Ad/Sdc8TSQKVSizNvIYQEyfLs2iClDO09e975yLwbxz7JR1Ufljo/xJIfUFco
6pd55bl1CIUciew/odsgj5kRwCs5xFLxGNcQGWJzgRt7tZ2vBUHiU6Gp
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org