Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/_zO3UeeIMG_gFAHEikyg8CYCu0s.roa
File: _zO3UeeIMG_gFAHEikyg8CYCu0s.roa (raw, json)
Hash identifier: qMH1EO7Uo0KMMBgJnmmmwnVeZOivzcQjpdsaDikDG88=
Subject key identifier: FF:33:B7:51:E7:88:30:6F:E0:14:01:C4:8A:4C:A0:F0:26:02:BB:4B
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0DE1
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/_zO3UeeIMG_gFAHEikyg8CYCu0s.roa
Signing time: Thu 29 Dec 2022 09:31:58 +0000
ROA not before: Thu 29 Dec 2022 09:31:58 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 17408
IP address blocks: 119.31.176.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3553 (0xde1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Dec 29 09:31:58 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=FF33B751E788306FE01401C48A4CA0F02602BB4B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8e:94:24:22:e9:39:f9:f9:5a:0d:4e:28:37:
f9:cc:28:23:e2:6f:6a:b6:ab:4f:75:b8:0a:68:f6:
d3:a2:9d:36:11:2f:3f:57:f5:5d:8a:b4:59:a2:91:
fa:96:b6:c0:a7:3d:82:c6:c2:2c:b7:4f:9e:cd:51:
7e:cf:9a:22:38:4e:8f:10:00:7d:77:9b:fc:47:c6:
91:b3:15:f7:4f:a8:80:e4:7a:56:b7:64:c2:59:16:
49:a6:ea:f3:15:6f:34:76:c6:5f:2e:11:71:22:c9:
62:34:dd:e0:c5:33:1e:b8:4c:db:14:2b:c9:fb:3e:
94:ec:fb:50:b0:43:b3:7b:40:fa:8f:cd:03:a2:87:
a7:90:7d:05:42:f0:bb:4a:15:40:d2:5a:9c:e6:a8:
60:94:b7:cc:3a:1a:1f:bb:eb:f5:25:83:96:16:06:
e0:c4:f3:20:8c:66:5f:9c:f2:99:b2:b7:ad:b4:1e:
d5:e4:d3:a0:3b:f1:61:c2:32:93:d8:92:68:b3:cf:
6c:2c:aa:de:3a:88:08:7b:78:41:98:26:9b:98:e6:
95:3e:c3:14:75:bb:9c:8e:91:8d:a3:a7:38:32:a0:
c8:ac:a6:b0:f3:e9:99:cd:0a:8a:54:d1:11:64:f7:
96:60:6e:ef:ae:1b:37:4f:2b:3a:02:d6:1a:c9:0c:
57:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:33:B7:51:E7:88:30:6F:E0:14:01:C4:8A:4C:A0:F0:26:02:BB:4B
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/_zO3UeeIMG_gFAHEikyg8CYCu0s.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
119.31.176.0/20
Signature Algorithm: sha256WithRSAEncryption
31:89:49:3c:d0:d9:49:11:b8:01:7e:7f:0f:a3:09:df:1e:66:
57:27:0b:36:fa:d3:f8:ad:59:16:13:11:49:9c:ba:ba:42:67:
8c:4f:0d:55:61:8c:a7:a1:2d:c8:b4:d5:5c:fa:30:df:9e:a0:
e0:41:f8:32:ed:af:e2:86:b6:31:1d:d9:25:89:e7:f8:c7:2e:
da:ce:63:d0:17:49:bf:fa:b1:5f:a8:bd:07:9e:32:17:73:e7:
e7:2a:dc:a5:18:5c:0b:27:92:a8:2a:b6:cf:9b:71:6f:4d:e1:
49:6b:53:7c:30:4f:0e:35:78:94:a3:79:4c:0f:18:af:33:12:
11:a0:67:b4:e9:24:2e:35:d3:9f:a4:d5:7c:fe:15:6a:c3:05:
43:27:0a:0b:1e:f0:a1:09:fe:91:09:be:33:12:be:45:d9:9e:
2b:7b:32:76:8d:b7:f7:24:bc:24:3d:30:ba:e8:2b:a5:51:6f:
a9:be:c5:5a:d8:9a:09:a4:b4:a4:57:98:67:d0:fc:01:e7:98:
2d:ea:d2:03:3e:3b:cb:93:8e:11:2b:99:ca:af:ab:e0:86:7a:
71:06:a9:9b:01:1f:8e:e8:1d:80:af:db:65:e9:2f:3b:fb:71:
a6:fb:25:33:95:86:13:1c:e7:87:cc:aa:77:28:df:9c:14:d0:
94:f3:c4:f3
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDeEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMxNThaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEZGMzNCNzUxRTc4ODMw
NkZFMDE0MDFDNDhBNENBMEYwMjYwMkJCNEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCxjpQkIuk5+flaDU4oN/nMKCPib2q2q091uApo9tOinTYRLz9X
9V2KtFmikfqWtsCnPYLGwiy3T57NUX7PmiI4To8QAH13m/xHxpGzFfdPqIDkela3
ZMJZFkmm6vMVbzR2xl8uEXEiyWI03eDFMx64TNsUK8n7PpTs+1CwQ7N7QPqPzQOi
h6eQfQVC8LtKFUDSWpzmqGCUt8w6Gh+76/Ulg5YWBuDE8yCMZl+c8pmyt620HtXk
06A78WHCMpPYkmizz2wsqt46iAh7eEGYJpuY5pU+wxR1u5yOkY2jpzgyoMisprDz
6ZnNCopU0RFk95Zgbu+uGzdPKzoC1hrJDFclAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU/zO3UeeIMG/gFAHEikyg8CYCu0swHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9fek8zVWVlSU1HX2dG
QUhFaWt5ZzhDWUN1MHMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQEdx+wMA0GCSqGSIb3DQEBCwUAA4IBAQAxiUk80NlJEbgBfn8PownfHmZXJws2
+tP4rVkWExFJnLq6QmeMTw1VYYynoS3ItNVc+jDfnqDgQfgy7a/ihrYxHdklief4
xy7azmPQF0m/+rFfqL0HnjIXc+fnKtylGFwLJ5KoKrbPm3FvTeFJa1N8ME8ONXiU
o3lMDxivMxIRoGe06SQuNdOfpNV8/hVqwwVDJwoLHvChCf6RCb4zEr5F2Z4rezJ2
jbf3JLwkPTC66CulUW+pvsVa2JoJpLSkV5hn0PwB55gt6tIDPjvLk44RK5nKr6vg
hnpxBqmbAR+O6B2Ar9tl6S87+3Gm+yUzlYYTHOeHzKp3KN+cFNCU88Tz
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org