Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/SrzyToSuOthU4waRZKU4_5G0kC8.roa
File: SrzyToSuOthU4waRZKU4_5G0kC8.roa (raw, json)
Hash identifier: 2oy6HX6t42qb7s5G4ugKRmIG03WRtTiJ3s6+3Q/3I5A=
Subject key identifier: 4A:BC:F2:4E:84:AE:3A:D8:54:E3:06:91:64:A5:38:FF:91:B4:90:2F
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0E07
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/SrzyToSuOthU4waRZKU4_5G0kC8.roa
Signing time: Thu 29 Dec 2022 09:32:08 +0000
ROA not before: Thu 29 Dec 2022 09:32:08 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18419
IP address blocks: 118.150.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3591 (0xe07)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Dec 29 09:32:08 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=4ABCF24E84AE3AD854E3069164A538FF91B4902F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2f:54:bf:ab:73:9d:da:a3:fd:f3:1b:46:de:
ec:04:3f:1a:d4:94:5b:e9:00:4e:35:a0:58:86:71:
4b:53:cd:e8:b7:4b:1f:a9:4e:42:6b:6c:82:19:ea:
2a:a5:b4:21:6f:95:0a:8a:3f:8a:8e:98:05:e1:ce:
15:cd:9c:d4:ba:9a:64:10:7b:17:c1:00:fc:ee:12:
3f:9f:15:51:6f:86:f6:d6:b6:29:eb:29:83:25:91:
cb:32:0c:10:47:84:d8:c3:54:7a:15:94:da:12:61:
1e:5b:f1:aa:30:13:4a:cf:e7:50:5a:2e:6e:76:e5:
e4:6a:a1:c8:49:6e:55:a9:7c:bf:85:96:14:6a:23:
46:9c:5d:8d:39:62:03:55:1d:fe:35:5a:df:2b:36:
9f:c9:ad:c8:db:6f:72:d8:e8:c0:be:6d:c6:9a:02:
46:4e:4c:15:5a:34:7b:f1:c5:95:64:e8:a9:a8:a6:
5e:b0:2a:89:68:cf:17:0a:f2:76:46:57:e7:2f:73:
2b:a1:70:c2:c5:a3:59:b8:81:d6:d8:75:e8:ed:9b:
84:c8:73:be:4d:44:e6:df:b9:a7:67:b0:11:1c:62:
45:6d:ed:c6:90:a6:60:dd:72:1c:df:f2:df:d5:88:
5d:b6:8d:fe:8b:6b:a7:5f:13:0f:0c:30:75:af:10:
7f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:BC:F2:4E:84:AE:3A:D8:54:E3:06:91:64:A5:38:FF:91:B4:90:2F
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/SrzyToSuOthU4waRZKU4_5G0kC8.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
118.150.240.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:1b:b3:ee:83:34:df:32:43:d9:b3:ec:97:08:38:4f:bb:e1:
5d:db:0c:d6:d1:c0:a9:c5:3d:c9:6a:93:3d:f7:6d:7f:17:4a:
c2:c7:a5:9f:84:46:69:e9:01:ea:ed:d0:09:88:19:f8:5c:08:
e0:6b:2d:6c:67:fe:72:59:c7:09:e4:4d:1f:d1:72:0b:7d:dd:
82:15:ec:19:c5:e0:68:dd:49:d9:39:c7:e4:7f:de:97:58:7c:
7d:95:5c:07:f1:2e:e1:0e:70:fe:f9:94:d7:28:19:19:9a:bf:
ba:03:88:59:8f:9e:dd:90:07:af:4d:08:87:fa:e6:f1:67:2a:
e1:93:13:69:26:14:b9:40:05:c2:58:de:45:72:bb:6e:95:a8:
a7:f1:5f:ef:73:1a:7f:92:0e:d5:14:f5:79:a3:af:6a:87:7c:
d3:4f:79:8a:0e:85:5c:f1:3d:03:66:25:29:ad:aa:83:3b:8d:
1e:78:40:02:d8:2a:fa:d8:aa:a4:6f:a2:e3:69:69:74:bd:36:
dc:eb:e7:6f:d2:9a:bc:7c:6c:4d:58:9e:96:35:f6:e9:6d:55:
62:bd:c1:0d:4a:6d:c1:9b:ce:d1:e7:c4:23:41:52:79:66:1c:
8a:9d:8b:a4:1c:b6:6a:ba:f0:f0:1a:71:08:89:9f:9f:a1:1f:
28:8f:7e:bd
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDgcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMyMDhaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDRBQkNGMjRFODRBRTNB
RDg1NEUzMDY5MTY0QTUzOEZGOTFCNDkwMkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIL1S/q3Od2qP98xtG3uwEPxrUlFvpAE41oFiGcUtTzei3Sx+p
TkJrbIIZ6iqltCFvlQqKP4qOmAXhzhXNnNS6mmQQexfBAPzuEj+fFVFvhvbWtinr
KYMlkcsyDBBHhNjDVHoVlNoSYR5b8aowE0rP51BaLm525eRqochJblWpfL+FlhRq
I0acXY05YgNVHf41Wt8rNp/Jrcjbb3LY6MC+bcaaAkZOTBVaNHvxxZVk6Kmopl6w
KolozxcK8nZGV+cvcyuhcMLFo1m4gdbYdejtm4TIc75NRObfuadnsBEcYkVt7caQ
pmDdchzf8t/ViF22jf6La6dfEw8MMHWvEH+vAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUSrzyToSuOthU4waRZKU4/5G0kC8wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9Tcnp5VG9TdU90aFU0
d2FSWktVNF81RzBrQzgucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDdpbwMA0GCSqGSIb3DQEBCwUAA4IBAQCsG7PugzTfMkPZs+yXCDhPu+Fd2wzW
0cCpxT3JapM9921/F0rCx6WfhEZp6QHq7dAJiBn4XAjgay1sZ/5yWccJ5E0f0XIL
fd2CFewZxeBo3UnZOcfkf96XWHx9lVwH8S7hDnD++ZTXKBkZmr+6A4hZj57dkAev
TQiH+ubxZyrhkxNpJhS5QAXCWN5Fcrtulain8V/vcxp/kg7VFPV5o69qh3zTT3mK
DoVc8T0DZiUpraqDO40eeEAC2Cr62Kqkb6LjaWl0vTbc6+dv0pq8fGxNWJ6WNfbp
bVVivcENSm3Bm87R58QjQVJ5ZhyKnYukHLZquvDwGnEIiZ+foR8oj369
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:33 2024 by rpki-client on console-fra.rpki-client.org