Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/MbgwjCndZDXjjnIeB9zarRkPklQ.roa
File: MbgwjCndZDXjjnIeB9zarRkPklQ.roa (raw, json)
Hash identifier: UGHokIizcldyZsw4+A8UEZ7TgLMNaWv5lHgkLqPPqJU=
Subject key identifier: 31:B8:30:8C:29:DD:64:35:E3:8E:72:1E:07:DC:DA:AD:19:0F:92:54
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0840
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/MbgwjCndZDXjjnIeB9zarRkPklQ.roa
Signing time: Tue 29 Sep 2020 10:02:14 +0000
ROA not before: Tue 29 Sep 2020 10:02:14 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131627
IP address blocks: 150.116.168.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2112 (0x840)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 29 10:02:14 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=31B8308C29DD6435E38E721E07DCDAAD190F9254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d5:a6:0c:2a:eb:f3:81:fa:ae:9f:09:d7:f3:
73:26:95:7d:5c:24:52:c2:a2:e9:fc:50:9b:12:63:
e8:0d:18:05:7e:f8:d2:20:30:ee:a2:f5:79:1e:db:
1c:fc:36:89:c8:4b:1c:f0:39:37:4d:da:6a:de:af:
2a:4b:f8:fc:02:ad:3d:74:38:93:b6:84:43:95:91:
05:40:10:23:24:bd:9a:0d:10:9e:f8:8e:fc:96:12:
71:15:67:e7:bc:42:55:1a:5f:1d:74:1f:1c:60:35:
29:86:25:d8:25:3d:7f:57:a3:71:a8:33:58:67:98:
be:93:98:36:2e:aa:9b:e1:84:50:29:7e:85:4b:70:
ac:d5:81:fa:f7:7b:09:69:26:a1:94:94:59:56:4a:
af:e0:d4:67:6d:54:a2:b0:6d:ce:7a:7e:39:55:a4:
a2:cc:76:5a:21:90:46:84:f1:fb:0d:d7:ca:26:b2:
b8:5e:5d:6d:de:c1:d2:a0:fd:02:64:a4:1c:5f:68:
70:59:93:5a:af:78:e4:ed:d8:6e:de:5f:6c:e4:0f:
99:68:0f:fa:63:c7:5d:7c:6e:74:36:f6:0e:c2:2c:
f5:84:e7:d2:4e:6c:c0:78:81:7a:5e:ee:1b:64:36:
c2:bf:3b:b6:b6:83:09:b7:86:5c:52:3e:ee:9d:63:
be:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:B8:30:8C:29:DD:64:35:E3:8E:72:1E:07:DC:DA:AD:19:0F:92:54
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/MbgwjCndZDXjjnIeB9zarRkPklQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.168.0/23
Signature Algorithm: sha256WithRSAEncryption
06:e2:ea:4b:07:fb:58:1b:34:0e:29:2d:a2:d0:41:25:0b:b8:
dd:15:40:9e:ef:6b:bb:84:74:61:ed:b4:f8:4b:00:17:1e:ba:
a9:e7:69:66:2d:88:ee:59:4f:24:8a:ea:70:c1:75:61:63:6e:
22:05:f3:c9:00:7c:74:d2:e1:b2:a0:61:25:75:ea:4b:e5:c1:
b1:d8:0f:24:de:92:2e:6e:2c:d4:e8:f0:b4:36:0d:9a:65:f0:
da:44:46:f2:02:5d:30:e3:00:59:f4:3b:22:19:73:9b:7f:7f:
07:10:32:97:2d:60:14:36:28:08:c0:80:9c:30:6b:a8:3d:20:
c8:e1:31:71:52:9e:ac:5a:ec:74:b4:89:8f:61:38:11:eb:f6:
94:a7:02:c5:ea:18:68:0c:fb:ea:44:29:42:61:a8:e5:a5:68:
78:c8:73:7b:d9:f5:90:42:44:86:75:1b:30:3c:29:e8:77:aa:
d0:a6:56:12:16:e2:80:37:52:64:b3:97:90:28:3f:00:51:af:
6a:2d:1d:55:fd:94:93:cc:52:96:61:d5:37:6d:54:a9:3e:84:
a9:7e:6b:de:6c:ca:f8:c3:cc:87:74:d9:9f:41:c2:32:be:1f:
6f:6e:d7:39:ea:11:91:09:68:74:a3:78:ff:04:b0:25:54:21:
d8:44:fb:23
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCEAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMDA5Mjkx
MDAyMTRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDMxQjgzMDhDMjlERDY0
MzVFMzhFNzIxRTA3RENEQUFEMTkwRjkyNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDB1aYMKuvzgfqunwnX83MmlX1cJFLCoun8UJsSY+gNGAV++NIg
MO6i9Xke2xz8NonISxzwOTdN2mrerypL+PwCrT10OJO2hEOVkQVAECMkvZoNEJ74
jvyWEnEVZ+e8QlUaXx10HxxgNSmGJdglPX9Xo3GoM1hnmL6TmDYuqpvhhFApfoVL
cKzVgfr3ewlpJqGUlFlWSq/g1GdtVKKwbc56fjlVpKLMdlohkEaE8fsN18omsrhe
XW3ewdKg/QJkpBxfaHBZk1qveOTt2G7eX2zkD5loD/pjx118bnQ29g7CLPWE59JO
bMB4gXpe7htkNsK/O7a2gwm3hlxSPu6dY75lAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUMbgwjCndZDXjjnIeB9zarRkPklQwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9NYmd3akNuZFpEWGpq
bkllQjl6YXJSa1BrbFEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBlnSoMA0GCSqGSIb3DQEBCwUAA4IBAQAG4upLB/tYGzQOKS2i0EElC7jdFUCe
72u7hHRh7bT4SwAXHrqp52lmLYjuWU8kiupwwXVhY24iBfPJAHx00uGyoGEldepL
5cGx2A8k3pIubizU6PC0Ng2aZfDaREbyAl0w4wBZ9DsiGXObf38HEDKXLWAUNigI
wICcMGuoPSDI4TFxUp6sWux0tImPYTgR6/aUpwLF6hhoDPvqRClCYajlpWh4yHN7
2fWQQkSGdRswPCnod6rQplYSFuKAN1Jks5eQKD8AUa9qLR1V/ZSTzFKWYdU3bVSp
PoSpfmvebMr4w8yHdNmfQcIyvh9vbtc56hGRCWh0o3j/BLAlVCHYRPsj
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org