Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Hq4ZDK2GQX5bU-zHuk7DarzJ8UY.roa
File: Hq4ZDK2GQX5bU-zHuk7DarzJ8UY.roa (raw, json)
Hash identifier: DdxulZDl/URBn6D08+ADc0aVEyDd7pD6qjG1kJxDHB4=
Subject key identifier: 1E:AE:19:0C:AD:86:41:7E:5B:53:EC:C7:BA:4E:C3:6A:BC:C9:F1:46
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0DC5
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Hq4ZDK2GQX5bU-zHuk7DarzJ8UY.roa
Signing time: Thu 29 Dec 2022 09:31:50 +0000
ROA not before: Thu 29 Dec 2022 09:31:50 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131636
IP address blocks: 150.116.6.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3525 (0xdc5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Dec 29 09:31:50 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=1EAE190CAD86417E5B53ECC7BA4EC36ABCC9F146
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:38:30:c3:dc:6c:d7:59:d4:bd:9b:db:a9:ae:
b6:a6:33:bc:ca:82:93:b7:fa:79:d9:4e:34:a6:8f:
11:62:51:ec:27:0d:69:66:1d:f6:03:d4:ba:1a:6f:
80:ff:df:84:94:2b:a8:bf:3d:79:84:ef:cc:82:41:
bf:dc:f3:4b:6e:d8:77:af:56:39:e2:5e:2f:40:97:
61:c6:33:0f:30:6b:b2:3a:63:84:50:f9:56:b5:36:
d9:a1:5c:7f:e1:ad:bd:ff:b0:ca:de:09:06:61:f5:
e7:86:f4:bb:35:2c:ea:00:27:4b:f2:77:33:5d:4f:
5f:20:f7:0c:83:13:12:c1:ab:f5:c9:f5:e7:e4:c3:
02:84:8a:c2:1c:d6:f5:26:4a:da:1d:13:f2:fd:13:
1f:df:64:a5:22:a3:2a:36:da:ac:73:34:52:3c:ee:
78:72:d3:8f:85:b7:7e:83:78:66:02:98:80:f9:af:
85:b3:a2:0b:76:e0:d3:87:90:c2:a7:14:07:bd:48:
a7:24:fe:7b:43:7e:3d:f0:49:a9:6e:89:22:96:6e:
41:dc:06:be:3c:f9:e8:f4:4d:7e:63:78:bf:92:bf:
cd:a0:b9:39:e1:88:ed:95:5e:7c:7c:2a:a5:aa:98:
d3:87:38:67:1f:8e:70:31:d7:b1:d5:24:56:0f:9c:
15:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AE:19:0C:AD:86:41:7E:5B:53:EC:C7:BA:4E:C3:6A:BC:C9:F1:46
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Hq4ZDK2GQX5bU-zHuk7DarzJ8UY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.6.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:d1:c1:e9:83:2a:28:3b:cf:01:ca:58:ab:26:ae:c6:fa:52:
58:b4:af:5f:bb:e3:7f:4f:12:e0:76:b0:90:fd:a1:01:5d:af:
c7:8c:49:04:49:8f:45:ae:db:a0:26:ee:91:d0:11:79:f9:b6:
d0:45:2b:4e:a9:23:ed:8b:c5:ce:03:34:e6:1a:f2:da:fb:42:
f9:77:fa:f6:b0:f3:39:03:0e:66:33:fc:1d:71:e7:d1:1f:22:
6d:fa:88:c2:eb:e7:c7:47:59:c3:52:26:27:e2:fd:1d:3e:46:
9c:3b:76:11:b4:4c:b3:0b:01:61:95:a6:df:5e:0f:99:c2:2b:
c6:22:b9:34:8c:13:8a:7c:1d:21:b2:21:c0:17:79:f3:45:71:
ff:07:11:e9:f0:4d:74:27:57:f1:36:0b:2c:7f:6a:0b:a5:21:
84:20:c9:81:01:d9:9d:77:1b:ea:c2:3c:f0:d9:c6:be:ab:20:
e6:65:a2:5a:a2:8f:d5:4b:6f:f5:b6:31:35:0f:12:b3:e2:65:
1e:0a:fe:da:7f:59:2d:7b:41:33:30:80:02:3b:89:58:0f:04:
86:17:c6:29:f5:00:90:76:b2:d8:03:41:d9:39:67:13:1a:44:
13:6b:03:cc:ac:ae:93:71:19:c5:9d:a8:b6:50:7d:98:69:58:
71:1b:6d:f0
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDcUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMxNTBaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDFFQUUxOTBDQUQ4NjQx
N0U1QjUzRUNDN0JBNEVDMzZBQkNDOUYxNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCYODDD3GzXWdS9m9uprramM7zKgpO3+nnZTjSmjxFiUewnDWlm
HfYD1Loab4D/34SUK6i/PXmE78yCQb/c80tu2HevVjniXi9Al2HGMw8wa7I6Y4RQ
+Va1NtmhXH/hrb3/sMreCQZh9eeG9Ls1LOoAJ0vydzNdT18g9wyDExLBq/XJ9efk
wwKEisIc1vUmStodE/L9Ex/fZKUioyo22qxzNFI87nhy04+Ft36DeGYCmID5r4Wz
ogt24NOHkMKnFAe9SKck/ntDfj3wSaluiSKWbkHcBr48+ej0TX5jeL+Sv82guTnh
iO2VXnx8KqWqmNOHOGcfjnAx17HVJFYPnBWrAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUHq4ZDK2GQX5bU+zHuk7DarzJ8UYwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9IcTRaREsyR1FYNWJV
LXpIdWs3RGFyeko4VVkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBlnQGMA0GCSqGSIb3DQEBCwUAA4IBAQBf0cHpgyooO88BylirJq7G+lJYtK9f
u+N/TxLgdrCQ/aEBXa/HjEkESY9FrtugJu6R0BF5+bbQRStOqSPti8XOAzTmGvLa
+0L5d/r2sPM5Aw5mM/wdcefRHyJt+ojC6+fHR1nDUiYn4v0dPkacO3YRtEyzCwFh
labfXg+ZwivGIrk0jBOKfB0hsiHAF3nzRXH/BxHp8E10J1fxNgssf2oLpSGEIMmB
Admddxvqwjzw2ca+qyDmZaJaoo/VS2/1tjE1DxKz4mUeCv7af1kte0EzMIACO4lY
DwSGF8Yp9QCQdrLYA0HZOWcTGkQTawPMrK6TcRnFnai2UH2YaVhxG23w
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org