Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Q9CLDkFgL_fr5Pet79ZDN7TJKHs.roa
File: Q9CLDkFgL_fr5Pet79ZDN7TJKHs.roa (raw, json)
Hash identifier: l3EKSnMAneew6u0ece5FqzUavxPGMkgY8vQ5SQnzsSU=
Subject key identifier: 43:D0:8B:0E:41:60:2F:F7:EB:E4:F7:AD:EF:D6:43:37:B4:C9:28:7B
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0E21
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Q9CLDkFgL_fr5Pet79ZDN7TJKHs.roa
Signing time: Thu 29 Dec 2022 09:32:16 +0000
ROA not before: Thu 29 Dec 2022 09:32:16 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17408
IP address blocks: 150.116.168.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3617 (0xe21)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Dec 29 09:32:16 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=43D08B0E41602FF7EBE4F7ADEFD64337B4C9287B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bc:8c:2f:48:cf:a8:35:d2:fe:de:48:f0:70:
a9:0e:72:e8:e8:56:38:2a:49:ed:df:96:37:72:9d:
c3:6f:b9:29:50:01:54:a3:24:92:97:e2:d2:fc:3d:
37:3b:15:68:3c:5d:f6:b7:28:28:00:8c:d0:42:1c:
df:5d:f7:58:bf:29:65:40:8f:b4:10:f6:34:99:b8:
99:4d:bc:e5:e4:e0:73:13:5d:8c:b3:39:7b:0d:f2:
87:89:e6:47:3d:ed:52:40:81:4a:d5:41:5c:21:e8:
3d:62:55:3b:26:a6:5c:bd:14:02:5c:88:62:1e:82:
e4:4b:bd:30:af:e9:b7:9b:d5:41:b4:50:f7:23:1e:
f4:f9:d2:9f:c4:56:82:03:69:96:9e:07:ba:9e:b5:
88:fd:1b:12:4d:2a:56:3b:56:8b:b5:6c:84:58:df:
14:9a:a0:55:6c:c4:f5:6d:9a:01:fe:53:1e:e9:7a:
1c:f7:0d:00:0e:42:02:b1:14:fa:1a:1b:31:8e:bd:
c2:bf:30:0e:67:07:c5:99:97:cb:32:de:df:75:be:
c0:43:11:05:7f:e8:b3:f2:c8:a9:52:cd:d7:37:92:
2f:90:21:18:42:e0:30:55:f9:36:f8:ca:93:3b:cd:
d6:b7:25:20:cc:07:f0:83:05:82:6e:de:17:86:c4:
65:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D0:8B:0E:41:60:2F:F7:EB:E4:F7:AD:EF:D6:43:37:B4:C9:28:7B
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Q9CLDkFgL_fr5Pet79ZDN7TJKHs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.168.0/23
Signature Algorithm: sha256WithRSAEncryption
b5:6c:25:75:2a:21:c0:e1:ce:5b:d3:6b:d0:e8:79:e8:bc:c2:
a7:21:bb:20:f4:0c:62:b3:05:51:d8:e0:66:df:21:af:c6:89:
31:83:8e:4d:a1:a0:d4:2b:af:56:4d:8f:1b:34:45:57:11:f6:
45:ff:e4:5d:b3:fb:dc:cc:d0:d6:bf:9f:dd:f7:63:02:02:6e:
ee:38:11:cc:c0:11:82:0e:e1:2f:36:a8:a0:fd:69:1e:87:e3:
16:70:29:53:40:3f:71:12:da:95:00:e8:89:03:c7:f0:38:97:
12:da:86:c0:36:2b:f2:57:d3:d6:ad:8d:90:cc:48:d4:92:7a:
da:50:5f:13:74:3b:99:02:39:70:e0:23:b6:68:b5:5c:45:a4:
bc:58:29:ed:16:3f:d0:32:13:54:1f:c7:63:45:bb:ec:0f:9e:
c6:3d:91:06:5c:db:53:5f:d6:da:32:8a:ea:b6:00:3e:23:78:
01:9c:bf:56:87:18:91:24:05:87:71:57:f8:3d:35:ff:83:15:
7c:9e:86:2c:19:1e:1c:bf:c3:2b:c3:9c:af:45:26:5f:26:12:
2f:27:a2:d5:ba:9e:9d:6e:d0:8a:b3:71:52:6a:f8:9b:90:d4:
01:94:72:19:d7:70:0a:fa:23:9d:58:ae:f4:5f:6a:e2:65:0f:
8b:e4:f6:63
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDiEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMyMTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQzRDA4QjBFNDE2MDJG
RjdFQkU0RjdBREVGRDY0MzM3QjRDOTI4N0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/vIwvSM+oNdL+3kjwcKkOcujoVjgqSe3fljdyncNvuSlQAVSj
JJKX4tL8PTc7FWg8Xfa3KCgAjNBCHN9d91i/KWVAj7QQ9jSZuJlNvOXk4HMTXYyz
OXsN8oeJ5kc97VJAgUrVQVwh6D1iVTsmply9FAJciGIeguRLvTCv6beb1UG0UPcj
HvT50p/EVoIDaZaeB7qetYj9GxJNKlY7Vou1bIRY3xSaoFVsxPVtmgH+Ux7pehz3
DQAOQgKxFPoaGzGOvcK/MA5nB8WZl8sy3t91vsBDEQV/6LPyyKlSzdc3ki+QIRhC
4DBV+Tb4ypM7zda3JSDMB/CDBYJu3heGxGVjAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUQ9CLDkFgL/fr5Pet79ZDN7TJKHswHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9ROUNMRGtGZ0xfZnI1
UGV0NzlaRE43VEpLSHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQBlnSoMA0GCSqGSIb3DQEBCwUAA4IBAQC1bCV1KiHA4c5b02vQ6HnovMKnIbsg
9AxiswVR2OBm3yGvxokxg45NoaDUK69WTY8bNEVXEfZF/+Rds/vczNDWv5/d92MC
Am7uOBHMwBGCDuEvNqig/Wkeh+MWcClTQD9xEtqVAOiJA8fwOJcS2obANivyV9PW
rY2QzEjUknraUF8TdDuZAjlw4CO2aLVcRaS8WCntFj/QMhNUH8djRbvsD57GPZEG
XNtTX9baMorqtgA+I3gBnL9WhxiRJAWHcVf4PTX/gxV8noYsGR4cv8Mrw5yvRSZf
JhIvJ6LVup6dbtCKs3FSavibkNQBlHIZ13AK+iOdWK70X2riZQ+L5PZj
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:03 2024 by rpki-client on console-ams.rpki-client.org