Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/H5e53du1nWUW2397oG-s22ogtrA.roa
File: H5e53du1nWUW2397oG-s22ogtrA.roa (raw, json)
Hash identifier: opti+7YrspQsn7p6ITxC+00sPpuEQqhRlSlqhQuY9SI=
Subject key identifier: 1F:97:B9:DD:DB:B5:9D:65:16:DB:7F:7B:A0:6F:AC:DB:6A:20:B6:B0
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0C22
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/H5e53du1nWUW2397oG-s22ogtrA.roa
Signing time: Wed 29 Sep 2021 02:39:04 +0000
ROA not before: Wed 29 Sep 2021 02:39:04 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18049
IP address blocks: 43.240.152.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3106 (0xc22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 29 02:39:04 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=1F97B9DDDBB59D6516DB7F7BA06FACDB6A20B6B0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:6b:6c:c3:e4:53:47:de:2e:ac:42:c5:68:a0:
62:66:9f:05:be:83:16:c0:d7:a7:3b:4b:40:eb:a6:
be:3d:55:db:0c:d0:04:36:ef:b3:26:8a:35:ed:9d:
87:4a:c2:7b:ba:fb:f9:41:05:64:11:68:3f:03:03:
8e:f6:da:7b:41:9f:7f:3a:aa:26:cc:b3:e0:2b:08:
0a:d7:7e:30:20:59:d9:72:8d:1a:ee:05:7a:7c:38:
fc:ee:de:84:6d:a1:2f:4a:5d:3f:38:02:e3:e9:17:
a2:62:fa:59:f3:42:ba:f1:e0:74:d8:6d:92:cc:39:
4d:1d:5a:6c:91:fd:5c:93:cd:c3:bc:df:d8:84:49:
83:42:24:ba:24:d2:27:8e:52:7e:a5:0e:dd:5a:11:
5e:da:b2:dc:58:53:3b:87:da:41:a9:b2:9f:d6:fd:
0e:6f:7f:1e:e8:5a:cb:79:f0:7f:09:15:64:0f:76:
16:47:d3:e9:6c:57:d9:bd:cb:60:09:1a:3f:14:89:
e3:3a:55:97:02:ff:e6:78:00:5e:76:6d:69:bc:ad:
29:92:f1:54:91:6b:ac:ba:0d:e0:b0:de:36:32:b4:
32:98:6b:c7:a7:c6:ec:fa:ba:9d:2a:12:2c:0c:68:
60:e6:24:cf:fa:62:53:9b:3f:30:79:dc:9a:1c:aa:
95:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:97:B9:DD:DB:B5:9D:65:16:DB:7F:7B:A0:6F:AC:DB:6A:20:B6:B0
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/H5e53du1nWUW2397oG-s22ogtrA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.152.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:bb:5b:96:96:6a:13:9e:10:5a:09:3a:e0:42:7e:43:78:7d:
0c:ca:a7:bc:17:c5:87:fe:13:f8:57:da:6c:9f:ca:48:65:38:
52:32:af:08:b7:14:da:81:4a:69:f9:3c:6e:06:2e:fe:8c:c0:
c4:13:d1:56:6d:7a:7b:3e:ee:a9:77:b1:1d:76:9b:2f:06:e4:
5a:d7:4d:7d:e4:51:2c:30:cc:d7:db:fc:ae:43:7f:29:f8:dc:
5d:62:91:27:cc:6a:84:e9:42:2b:3a:f8:20:5d:c0:20:d2:45:
0d:99:a7:9c:5b:15:79:48:05:b1:9d:29:d9:06:5e:19:6d:f8:
4d:d3:b0:1d:13:77:81:15:fd:1f:7c:c7:cc:8e:06:91:2c:5a:
66:53:63:a5:68:2d:19:30:74:7e:78:74:6c:a7:2c:14:5a:1d:
12:4a:5e:4c:d6:5b:51:87:5e:3a:f1:c5:4b:67:da:64:15:bd:
35:8b:b4:d0:f1:2b:a6:e6:9b:84:d1:74:45:a0:21:b1:ee:d6:
3c:68:50:be:4f:01:f3:98:25:d0:a1:16:0c:89:30:e0:6b:04:
51:81:5b:35:d9:e6:06:fd:ff:e7:ea:c2:8b:1e:1a:a5:4b:55:
49:22:0a:75:40:63:56:e9:b5:d5:5a:53:b0:2a:be:cb:75:13:
18:04:25:71
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTA5Mjkw
MjM5MDRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDFGOTdCOUREREJCNTlE
NjUxNkRCN0Y3QkEwNkZBQ0RCNkEyMEI2QjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDea2zD5FNH3i6sQsVooGJmnwW+gxbA16c7S0Drpr49VdsM0AQ2
77MmijXtnYdKwnu6+/lBBWQRaD8DA4722ntBn386qibMs+ArCArXfjAgWdlyjRru
BXp8OPzu3oRtoS9KXT84AuPpF6Ji+lnzQrrx4HTYbZLMOU0dWmyR/VyTzcO839iE
SYNCJLok0ieOUn6lDt1aEV7astxYUzuH2kGpsp/W/Q5vfx7oWst58H8JFWQPdhZH
0+lsV9m9y2AJGj8UieM6VZcC/+Z4AF52bWm8rSmS8VSRa6y6DeCw3jYytDKYa8en
xuz6up0qEiwMaGDmJM/6YlObPzB53JocqpXHAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUH5e53du1nWUW2397oG+s22ogtrAwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9INWU1M2R1MW5XVVcy
Mzk3b0ctczIyb2d0ckEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCK/CYMA0GCSqGSIb3DQEBCwUAA4IBAQClu1uWlmoTnhBaCTrgQn5DeH0Myqe8
F8WH/hP4V9psn8pIZThSMq8ItxTagUpp+TxuBi7+jMDEE9FWbXp7Pu6pd7Eddpsv
BuRa10195FEsMMzX2/yuQ38p+NxdYpEnzGqE6UIrOvggXcAg0kUNmaecWxV5SAWx
nSnZBl4ZbfhN07AdE3eBFf0ffMfMjgaRLFpmU2OlaC0ZMHR+eHRspywUWh0SSl5M
1ltRh1468cVLZ9pkFb01i7TQ8Sum5puE0XRFoCGx7tY8aFC+TwHzmCXQoRYMiTDg
awRRgVs12eYG/f/n6sKLHhqlS1VJIgp1QGNW6bXVWlOwKr7LdRMYBCVx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org