Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Oh-gHfXrmvLaq4ATczl8nyaA7M8.roa
File: Oh-gHfXrmvLaq4ATczl8nyaA7M8.roa (raw, json)
Hash identifier: gEtWVd3tyeaFnPgekVO9WSeEsNUZmJj4FAz0Pty9G6c=
Subject key identifier: 3A:1F:A0:1D:F5:EB:9A:F2:DA:AB:80:13:73:39:7C:9F:26:80:EC:CF
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0DFA
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Oh-gHfXrmvLaq4ATczl8nyaA7M8.roa
Signing time: Thu 29 Dec 2022 09:32:06 +0000
ROA not before: Thu 29 Dec 2022 09:32:06 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131627
IP address blocks: 150.116.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3578 (0xdfa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Dec 29 09:32:06 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3A1FA01DF5EB9AF2DAAB801373397C9F2680ECCF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:f3:b9:54:41:35:03:79:7e:04:bb:31:3a:b9:
b3:50:f9:21:0d:f8:6a:60:02:a8:6b:e5:87:98:f4:
35:8d:26:21:ac:3d:4d:56:20:1d:2b:20:d9:8b:70:
3d:5f:96:db:a4:9a:cc:6b:fc:de:09:10:f0:eb:ed:
25:ac:b5:59:4c:62:f6:85:cc:17:c9:2f:ae:97:f1:
5f:11:41:ec:8c:ff:53:31:4f:ec:50:9e:cf:28:f6:
30:59:2e:ea:4b:2f:c0:64:e1:63:a2:9e:62:13:2e:
cd:55:a7:0c:d1:0a:4b:46:92:e1:96:5a:70:a9:db:
61:30:c4:a9:18:72:51:6c:18:25:9e:b3:8e:b3:c2:
00:03:4d:f0:ae:e3:c9:7d:7c:d9:66:84:12:e2:7c:
4d:be:8a:1c:1f:68:fa:9a:fa:b6:70:05:4c:e3:f4:
12:a9:0a:ab:8c:dc:69:eb:3c:af:bf:e0:d9:18:77:
b5:54:6b:18:9b:6b:19:09:f9:61:64:3d:f0:02:78:
ec:8c:3d:4a:9f:bf:85:ac:0a:aa:47:d9:2f:89:b1:
f7:12:17:0c:5d:16:bb:62:62:64:d9:c2:43:e2:ab:
9e:67:f7:64:c3:ea:0a:39:2c:ef:38:1a:ba:9d:d8:
bc:64:15:bd:d0:c9:f6:3b:9d:c3:f9:1e:62:64:36:
b4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:1F:A0:1D:F5:EB:9A:F2:DA:AB:80:13:73:39:7C:9F:26:80:EC:CF
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Oh-gHfXrmvLaq4ATczl8nyaA7M8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.83.0/24
Signature Algorithm: sha256WithRSAEncryption
04:63:08:c6:f5:cf:b1:da:fd:c6:02:89:8e:94:5e:8a:bf:5f:
d2:0f:28:96:ee:ab:f4:a2:7a:ab:10:db:9f:c7:eb:18:0e:98:
00:4c:79:67:e5:b5:d2:31:d8:4d:87:ef:c8:90:dc:68:97:c0:
54:b7:b7:f3:6a:06:4d:b9:df:3c:9e:b0:cc:04:a2:05:2c:44:
1a:9a:8d:89:bf:66:25:fe:ee:d6:8c:a0:70:84:87:62:d8:bf:
b9:e7:5c:6b:55:53:6f:ca:59:a5:98:ac:aa:c7:98:5f:2a:b6:
70:14:7d:30:31:9e:69:ca:eb:1d:2c:6d:74:fa:df:ef:97:00:
30:75:53:71:1c:39:73:ef:bc:21:45:b5:e3:45:da:fb:87:bf:
b7:43:71:97:af:07:87:7a:a4:49:33:fa:bc:48:af:63:ac:25:
11:15:27:75:f9:92:2d:95:ea:b4:0f:ee:53:44:bd:04:42:43:
4c:7c:df:91:21:26:1b:58:eb:92:07:93:71:f3:71:41:cb:c2:
fa:d3:c4:a7:fb:55:bd:5c:ae:c2:85:6d:f2:fd:d8:cc:97:ea:
9d:b5:c3:c1:eb:9e:63:34:f7:73:4e:78:1d:88:89:b2:b5:f7:
9e:62:ac:7c:ee:22:4c:42:ec:ef:ce:fd:3d:da:92:6d:89:3c:
f9:9c:24:97
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDfowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMyMDZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNBMUZBMDFERjVFQjlB
RjJEQUFCODAxMzczMzk3QzlGMjY4MEVDQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDa87lUQTUDeX4EuzE6ubNQ+SEN+GpgAqhr5YeY9DWNJiGsPU1W
IB0rINmLcD1fltukmsxr/N4JEPDr7SWstVlMYvaFzBfJL66X8V8RQeyM/1MxT+xQ
ns8o9jBZLupLL8Bk4WOinmITLs1VpwzRCktGkuGWWnCp22EwxKkYclFsGCWes46z
wgADTfCu48l9fNlmhBLifE2+ihwfaPqa+rZwBUzj9BKpCquM3GnrPK+/4NkYd7VU
axibaxkJ+WFkPfACeOyMPUqfv4WsCqpH2S+JsfcSFwxdFrtiYmTZwkPiq55n92TD
6go5LO84Grqd2LxkFb3QyfY7ncP5HmJkNrSPAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUOh+gHfXrmvLaq4ATczl8nyaA7M8wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9PaC1nSGZYcm12TGFx
NEFUY3psOG55YUE3TTgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAlnRTMA0GCSqGSIb3DQEBCwUAA4IBAQAEYwjG9c+x2v3GAomOlF6Kv1/SDyiW
7qv0onqrENufx+sYDpgATHln5bXSMdhNh+/IkNxol8BUt7fzagZNud88nrDMBKIF
LEQamo2Jv2Yl/u7WjKBwhIdi2L+551xrVVNvylmlmKyqx5hfKrZwFH0wMZ5pyusd
LG10+t/vlwAwdVNxHDlz77whRbXjRdr7h7+3Q3GXrweHeqRJM/q8SK9jrCURFSd1
+ZItleq0D+5TRL0EQkNMfN+RISYbWOuSB5Nx83FBy8L608Sn+1W9XK7ChW3y/djM
l+qdtcPB655jNPdzTngdiImytfeeYqx87iJMQuzvzv092pJtiTz5nCSX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org