Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZhvWJHjlXa0wc9Kt-s1cl5X0yNs.roa
File: ZhvWJHjlXa0wc9Kt-s1cl5X0yNs.roa (raw, json)
Hash identifier: AaUS3+NploqJyD5Qi9hSPZ/VxDgxDADlAVEiqA/88bY=
Subject key identifier: 66:1B:D6:24:78:E5:5D:AD:30:73:D2:AD:FA:CD:5C:97:95:F4:C8:DB
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0BF1
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZhvWJHjlXa0wc9Kt-s1cl5X0yNs.roa
Signing time: Wed 29 Sep 2021 02:38:52 +0000
ROA not before: Wed 29 Sep 2021 02:38:52 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 10085
IP address blocks: 150.117.96.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3057 (0xbf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 29 02:38:52 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=661BD62478E55DAD3073D2ADFACD5C9795F4C8DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4d:51:22:48:13:20:a1:e6:4a:98:71:18:4f:
ec:0b:39:44:a2:71:ad:9b:1d:36:29:c8:b0:bf:ca:
dd:1f:c6:4f:e4:03:94:8f:1a:14:5b:4e:05:b0:51:
63:1f:55:36:5c:d3:73:88:ab:fd:06:2c:a1:fc:3b:
6d:69:0c:3b:4f:2f:a2:c4:81:22:37:8e:e4:02:d4:
ac:06:f0:7e:c8:85:ff:ee:d4:da:47:cd:72:fc:c2:
1b:79:00:ac:b9:f7:13:f2:38:f4:5f:f5:35:c3:9d:
a6:d6:bc:40:57:72:35:29:61:5f:c3:a4:fa:0c:ba:
a9:9a:28:8a:90:02:4f:7e:e7:ea:04:2f:ba:5b:62:
4a:d8:9d:a5:d2:6d:4e:e8:21:5e:0f:6d:43:75:01:
59:31:9b:be:85:61:de:7c:f0:b2:8d:e6:e6:4f:37:
a5:20:d4:8c:2e:ce:0d:5d:e7:c2:50:38:fd:51:f5:
5b:84:ff:b5:49:69:61:93:01:6d:af:4f:46:e8:80:
6d:c1:e1:80:f9:db:11:50:e5:ad:8b:c0:98:e8:a1:
03:06:64:83:11:f9:9e:7f:79:45:68:77:d5:3c:55:
e0:1a:1d:19:3c:86:c3:25:92:50:23:1f:6e:3a:40:
61:88:03:4f:a3:a3:71:eb:c0:99:53:62:ba:9d:bf:
58:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1B:D6:24:78:E5:5D:AD:30:73:D2:AD:FA:CD:5C:97:95:F4:C8:DB
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ZhvWJHjlXa0wc9Kt-s1cl5X0yNs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.96.0/21
Signature Algorithm: sha256WithRSAEncryption
58:ae:a1:2c:93:ed:66:b7:a4:dc:b3:ad:56:a6:d3:ae:35:3a:
4d:e5:bf:7b:3b:3b:32:d8:4e:fa:70:fd:2c:50:09:26:67:a9:
e9:0c:42:78:d0:d9:bb:d3:ea:1d:19:96:6a:f5:b3:c0:b2:74:
f4:f9:da:02:d2:59:09:96:88:58:24:ad:07:07:74:ec:8c:37:
eb:7a:37:54:02:e6:46:9b:b0:0b:a4:b1:f9:22:87:19:71:70:
9f:81:37:6f:4a:66:9f:b0:21:a3:b4:88:6b:5e:2f:95:05:12:
94:f4:9e:36:63:35:ed:09:b3:12:bb:f8:38:32:ed:6e:fb:0a:
2e:85:b4:17:5b:9a:91:b8:0b:6d:ed:01:61:e8:65:61:36:c7:
11:6e:02:15:13:fb:1c:00:48:a8:f5:de:23:75:47:c3:c4:d2:
a1:5f:ce:7e:e1:be:b8:b9:5a:c5:cb:0e:28:6c:bf:db:fb:f4:
88:d8:41:d2:f3:e2:89:01:4f:75:f9:d7:2c:75:84:bd:e3:75:
de:b8:ca:1e:97:8c:73:47:db:dc:a6:66:49:86:10:66:1b:c7:
1d:2e:69:95:cf:f1:89:32:f3:c0:bb:b9:3f:29:63:69:63:f8:
a5:8d:72:e4:4e:98:99:ff:cd:8f:a7:63:75:f3:ec:95:bb:5f:
ff:4e:99:67
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICC/EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTA5Mjkw
MjM4NTJaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDY2MUJENjI0NzhFNTVE
QUQzMDczRDJBREZBQ0Q1Qzk3OTVGNEM4REIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1TVEiSBMgoeZKmHEYT+wLOUSica2bHTYpyLC/yt0fxk/kA5SP
GhRbTgWwUWMfVTZc03OIq/0GLKH8O21pDDtPL6LEgSI3juQC1KwG8H7Ihf/u1NpH
zXL8wht5AKy59xPyOPRf9TXDnabWvEBXcjUpYV/DpPoMuqmaKIqQAk9+5+oEL7pb
YkrYnaXSbU7oIV4PbUN1AVkxm76FYd588LKN5uZPN6Ug1Iwuzg1d58JQOP1R9VuE
/7VJaWGTAW2vT0bogG3B4YD52xFQ5a2LwJjooQMGZIMR+Z5/eUVod9U8VeAaHRk8
hsMlklAjH246QGGIA0+jo3HrwJlTYrqdv1ghAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUZhvWJHjlXa0wc9Kt+s1cl5X0yNswHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9aaHZXSkhqbFhhMHdj
OUt0LXMxY2w1WDB5TnMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnVgMA0GCSqGSIb3DQEBCwUAA4IBAQBYrqEsk+1mt6Tcs61WptOuNTpN5b97
Ozsy2E76cP0sUAkmZ6npDEJ40Nm70+odGZZq9bPAsnT0+doC0lkJlohYJK0HB3Ts
jDfrejdUAuZGm7ALpLH5IocZcXCfgTdvSmafsCGjtIhrXi+VBRKU9J42YzXtCbMS
u/g4Mu1u+wouhbQXW5qRuAtt7QFh6GVhNscRbgIVE/scAEio9d4jdUfDxNKhX85+
4b64uVrFyw4obL/b+/SI2EHS8+KJAU91+dcsdYS943XeuMoel4xzR9vcpmZJhhBm
G8cdLmmVz/GJMvPAu7k/KWNpY/iljXLkTpiZ/82Pp2N18+yVu1//Tpln
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org