Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/NVhVqvL5VC5PM3yuf1s7mnfGP_U.roa
File: NVhVqvL5VC5PM3yuf1s7mnfGP_U.roa (raw, json)
Hash identifier: s2wmGv+z4LbqbVkE1pwJQidLJc4z3xrQDDM9ZFRRicI=
Subject key identifier: 35:58:55:AA:F2:F9:54:2E:4F:33:7C:AE:7F:5B:3B:9A:77:C6:3F:F5
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0BE7
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/NVhVqvL5VC5PM3yuf1s7mnfGP_U.roa
Signing time: Wed 29 Sep 2021 02:38:50 +0000
ROA not before: Wed 29 Sep 2021 02:38:50 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131627
IP address blocks: 150.116.236.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3047 (0xbe7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 29 02:38:50 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=355855AAF2F9542E4F337CAE7F5B3B9A77C63FF5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:9f:29:e5:8d:b2:7d:8c:c4:b7:e7:ef:36:90:
fd:f6:c7:8a:96:c1:b3:fd:6f:e8:c9:21:83:dd:22:
f9:e5:36:b4:ca:21:ae:d8:0d:a7:3a:d9:60:e2:f1:
18:30:72:73:b0:8c:b5:90:4d:f5:e6:dc:e1:13:e5:
45:4c:c9:41:7c:38:83:ed:30:c2:a6:b8:ff:14:39:
30:b1:9d:9b:87:c7:c3:2f:df:db:3f:3f:6e:fb:f0:
65:24:97:44:28:fa:ad:75:d3:e2:36:7a:4a:72:3d:
20:11:5a:36:3c:cc:4c:9b:7b:d2:c3:4d:1b:fa:d8:
23:6b:48:42:8d:d2:32:c2:98:34:36:b8:5b:a2:55:
30:95:d0:d4:d9:23:fb:41:fd:e9:2d:75:9d:40:67:
5f:ce:53:c7:51:dc:0a:af:2d:0c:e4:d4:15:21:f4:
78:35:ae:9e:48:05:a5:cf:d8:da:10:7a:81:ba:79:
9f:72:43:af:54:bf:47:90:e7:05:d0:7a:2d:83:0f:
80:65:72:b6:20:35:c0:7c:bc:0d:36:cc:d1:ac:5d:
63:cf:a3:64:f7:53:cd:f6:44:46:78:3b:14:23:cf:
bb:92:7e:02:61:b6:ac:29:cd:b0:ca:28:57:8e:1d:
7a:2c:59:05:d6:54:23:ff:f1:51:86:ef:d3:c8:a9:
63:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:58:55:AA:F2:F9:54:2E:4F:33:7C:AE:7F:5B:3B:9A:77:C6:3F:F5
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/NVhVqvL5VC5PM3yuf1s7mnfGP_U.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.236.0/23
Signature Algorithm: sha256WithRSAEncryption
92:98:63:21:64:3a:c4:78:8f:8c:9f:65:92:60:99:f0:14:3e:
d3:3c:96:7f:2e:1e:58:9b:69:3a:07:63:f7:f3:ba:61:b5:83:
68:4c:e6:34:45:b1:d8:45:25:47:f3:66:05:f7:85:0b:09:96:
83:0d:ac:42:4f:5d:89:92:94:df:36:ff:42:92:d1:d0:7a:b1:
aa:3b:93:04:a3:b3:f8:7c:7f:b3:71:39:e9:8c:65:ee:4c:de:
55:c2:59:77:e6:b8:0f:62:c7:69:00:07:29:05:3f:ac:d5:7a:
4e:f8:0b:6c:68:75:88:67:79:85:46:56:b6:f4:89:99:06:06:
28:c7:6b:a0:00:b6:16:ef:92:f8:0f:0d:9e:3e:7d:76:70:66:
8f:ab:5e:30:ab:08:12:1c:b8:dc:a9:67:7a:63:c2:bf:f5:69:
69:ad:7d:97:0c:4b:e9:14:3b:30:5a:ab:6f:35:b4:fb:a9:37:
a2:14:91:35:ef:ff:b6:39:bf:81:52:82:04:82:f2:24:c1:5e:
de:16:24:ff:14:3c:98:cc:53:85:fb:08:ba:8c:5b:51:8e:4a:
8d:b2:a8:ef:9d:3f:70:f1:31:b9:95:ba:0a:c6:d3:c4:be:81:
33:f7:40:49:01:90:89:72:c9:38:65:66:8c:91:e9:35:ce:cd:
a3:1d:2b:34
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC+cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTA5Mjkw
MjM4NTBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM1NTg1NUFBRjJGOTU0
MkU0RjMzN0NBRTdGNUIzQjlBNzdDNjNGRjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvnynljbJ9jMS35+82kP32x4qWwbP9b+jJIYPdIvnlNrTKIa7Y
Dac62WDi8RgwcnOwjLWQTfXm3OET5UVMyUF8OIPtMMKmuP8UOTCxnZuHx8Mv39s/
P2778GUkl0Qo+q110+I2ekpyPSARWjY8zEybe9LDTRv62CNrSEKN0jLCmDQ2uFui
VTCV0NTZI/tB/ektdZ1AZ1/OU8dR3AqvLQzk1BUh9Hg1rp5IBaXP2NoQeoG6eZ9y
Q69Uv0eQ5wXQei2DD4BlcrYgNcB8vA02zNGsXWPPo2T3U832REZ4OxQjz7uSfgJh
tqwpzbDKKFeOHXosWQXWVCP/8VGG79PIqWPBAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUNVhVqvL5VC5PM3yuf1s7mnfGP/UwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9OVmhWcXZMNVZDNVBN
M3l1ZjFzN21uZkdQX1Uucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBlnTsMA0GCSqGSIb3DQEBCwUAA4IBAQCSmGMhZDrEeI+Mn2WSYJnwFD7TPJZ/
Lh5Ym2k6B2P387phtYNoTOY0RbHYRSVH82YF94ULCZaDDaxCT12JkpTfNv9CktHQ
erGqO5MEo7P4fH+zcTnpjGXuTN5Vwll35rgPYsdpAAcpBT+s1XpO+AtsaHWIZ3mF
Rla29ImZBgYox2ugALYW75L4Dw2ePn12cGaPq14wqwgSHLjcqWd6Y8K/9WlprX2X
DEvpFDswWqtvNbT7qTeiFJE17/+2Ob+BUoIEgvIkwV7eFiT/FDyYzFOF+wi6jFtR
jkqNsqjvnT9w8TG5lboKxtPEvoEz90BJAZCJcsk4ZWaMkek1zs2jHSs0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org