Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/KKZre9BB9lPeow7GPLa195coxEo.roa
File: KKZre9BB9lPeow7GPLa195coxEo.roa (raw, json)
Hash identifier: Zo8ymmEivYDC4jvEH4oj7WR+xcuUz4kewVOOb3E2r5Q=
Subject key identifier: 28:A6:6B:7B:D0:41:F6:53:DE:A3:0E:C6:3C:B6:B5:F7:97:28:C4:4A
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0D61
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/KKZre9BB9lPeow7GPLa195coxEo.roa
Signing time: Thu 15 Sep 2022 02:39:23 +0000
ROA not before: Thu 15 Sep 2022 02:39:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 150.116.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3425 (0xd61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 15 02:39:23 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=28A66B7BD041F653DEA30EC63CB6B5F79728C44A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ed:49:a6:54:d0:60:65:f0:e5:c9:26:ba:42:
5c:7d:41:75:2b:98:91:71:b0:aa:27:09:93:45:ed:
29:29:ab:b9:64:23:29:2e:e1:c2:8d:f1:33:cb:3b:
1b:b5:e9:f4:73:bc:08:0b:20:58:c9:21:3e:8b:e0:
2e:9b:29:d5:c0:ac:f7:8b:cc:f9:71:dc:5d:cf:a8:
cf:f1:94:0b:55:73:c1:07:43:83:f5:15:3d:cd:b0:
56:1e:e1:ac:d2:31:7e:2f:4f:82:57:26:38:7c:66:
d8:99:09:32:55:7f:21:be:57:09:fa:f7:a9:57:ea:
90:4a:90:93:23:38:6a:d5:f9:29:53:76:33:96:1f:
cb:86:e1:cc:07:8c:a8:6a:a5:55:ba:89:6b:a9:8d:
8f:f5:89:ff:71:ed:8c:d2:69:d1:f4:35:ca:fe:f7:
00:cd:3f:5a:bd:9a:c7:47:0b:e2:a0:fa:e1:21:56:
90:f9:fd:1a:f8:b4:11:da:bf:7c:dd:26:be:22:ad:
75:c7:6d:0a:a0:91:20:d9:74:4c:d3:e3:21:bc:37:
2b:95:84:89:f0:24:5b:24:1d:ef:0f:a5:ff:cb:3f:
d9:55:0d:7c:ec:d0:c6:aa:b9:5a:ea:f6:31:59:d3:
03:e1:7e:b4:66:e2:ae:50:a1:ec:7e:29:43:16:51:
91:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A6:6B:7B:D0:41:F6:53:DE:A3:0E:C6:3C:B6:B5:F7:97:28:C4:4A
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/KKZre9BB9lPeow7GPLa195coxEo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.88.0/22
Signature Algorithm: sha256WithRSAEncryption
80:57:29:ac:a6:fa:d3:a9:71:f3:26:3d:b1:3d:34:3b:fb:2b:
7c:e8:3d:b4:b8:4b:b4:e1:1a:8d:dc:7e:2e:8f:1b:e7:20:0d:
01:c5:9e:5a:73:d1:1e:39:79:72:70:3f:8c:4a:a5:fd:27:48:
6a:65:24:bb:b3:ac:3b:fa:4d:85:cf:f3:d3:e4:6b:2a:e9:30:
6d:c1:14:be:af:a6:93:de:99:dc:6a:d4:d1:84:ef:1c:20:33:
ca:de:6a:39:7e:71:b5:28:bb:55:73:3f:40:d3:2a:99:02:d2:
10:23:bb:d1:2a:28:dd:b7:cc:97:97:88:ef:d6:a6:3c:1e:0c:
fb:fa:92:63:82:10:5f:ae:8a:7e:c6:1c:de:bd:cf:88:74:07:
3a:14:0e:fa:ac:eb:a1:7e:bd:85:07:56:85:ed:85:15:fb:15:
48:86:a4:33:71:b9:25:95:32:91:f0:a0:7c:07:f6:cf:f4:7c:
39:f3:bd:08:ee:8c:be:74:c1:41:2e:ea:56:b7:49:88:b5:81:
98:a3:88:c8:d8:eb:74:e4:99:57:ef:04:1a:c7:8b:4b:df:45:
33:6b:af:4f:f5:5d:88:68:da:cd:b5:0a:41:93:7e:3e:2b:ca:
f8:bf:e1:c7:ce:b4:40:e0:46:fe:c7:20:60:c3:4f:4d:8c:6d:
d2:f2:74:87
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjA5MTUw
MjM5MjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDI4QTY2QjdCRDA0MUY2
NTNERUEzMEVDNjNDQjZCNUY3OTcyOEM0NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDX7UmmVNBgZfDlySa6Qlx9QXUrmJFxsKonCZNF7Skpq7lkIyku
4cKN8TPLOxu16fRzvAgLIFjJIT6L4C6bKdXArPeLzPlx3F3PqM/xlAtVc8EHQ4P1
FT3NsFYe4azSMX4vT4JXJjh8ZtiZCTJVfyG+Vwn696lX6pBKkJMjOGrV+SlTdjOW
H8uG4cwHjKhqpVW6iWupjY/1if9x7YzSadH0Ncr+9wDNP1q9msdHC+Kg+uEhVpD5
/Rr4tBHav3zdJr4irXXHbQqgkSDZdEzT4yG8NyuVhInwJFskHe8Ppf/LP9lVDXzs
0MaquVrq9jFZ0wPhfrRm4q5Qoex+KUMWUZHDAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUKKZre9BB9lPeow7GPLa195coxEowHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9LS1pyZTlCQjlsUGVv
dzdHUExhMTk1Y294RW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQClnRYMA0GCSqGSIb3DQEBCwUAA4IBAQCAVymspvrTqXHzJj2xPTQ7+yt86D20
uEu04RqN3H4ujxvnIA0BxZ5ac9EeOXlycD+MSqX9J0hqZSS7s6w7+k2Fz/PT5Gsq
6TBtwRS+r6aT3pncatTRhO8cIDPK3mo5fnG1KLtVcz9A0yqZAtIQI7vRKijdt8yX
l4jv1qY8Hgz7+pJjghBfrop+xhzevc+IdAc6FA76rOuhfr2FB1aF7YUV+xVIhqQz
cbkllTKR8KB8B/bP9Hw5870I7oy+dMFBLupWt0mItYGYo4jI2Ot05JlX7wQax4tL
30Uza69P9V2IaNrNtQpBk34+K8r4v+HHzrRA4Eb+xyBgw09NjG3S8nSH
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org