Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/bG5Y2GWR9SiVEfpdiHjh1Cyzrdc.roa
File: bG5Y2GWR9SiVEfpdiHjh1Cyzrdc.roa (raw, json)
Hash identifier: xEK9+38Uv/YTfHc86y6awEHaAIfDgEEVXi7mmEZiKJw=
Subject key identifier: 6C:6E:58:D8:65:91:F5:28:95:11:FA:5D:88:78:E1:D4:2C:B3:AD:D7
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0FBE
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/bG5Y2GWR9SiVEfpdiHjh1Cyzrdc.roa
Signing time: Fri 01 Sep 2023 08:29:30 +0000
ROA not before: Fri 01 Sep 2023 08:29:30 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 38851
IP address blocks: 150.117.0.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4030 (0xfbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 1 08:29:30 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=6C6E58D86591F5289511FA5D8878E1D42CB3ADD7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:39:0c:83:49:61:ef:4c:1f:86:fd:77:9b:ea:
28:f8:d6:71:83:70:8f:04:fa:0e:75:95:e5:83:a5:
8a:f8:06:9f:b8:6b:3c:df:e8:37:aa:99:ba:9a:93:
f9:2f:62:12:34:eb:84:36:70:56:8b:a4:81:b6:ee:
d5:13:13:27:38:3c:7e:57:66:3f:42:84:e7:77:51:
b7:22:36:86:47:c1:2c:08:50:86:6b:13:eb:20:79:
03:cc:b1:00:3e:85:6b:0d:a0:5f:f7:40:41:a6:64:
a3:09:75:c4:c2:51:6d:91:55:7d:7a:c2:ec:27:88:
26:fa:01:79:56:c8:d6:cb:8b:76:c3:ea:25:0a:eb:
b7:14:c7:23:74:5a:84:3a:52:98:48:5a:e1:18:a7:
3b:8a:78:b7:43:ef:8d:49:09:10:98:38:15:2b:42:
ec:d6:cf:dc:17:46:9f:65:8d:25:fa:50:94:96:c2:
27:15:a2:b6:53:e2:7f:10:5f:d5:f5:bb:58:0d:ae:
e4:20:ce:b7:b5:8d:13:46:7e:38:45:f4:43:e7:34:
cb:28:69:41:25:13:4e:ae:b7:80:fd:d2:6d:07:d5:
1c:6c:70:94:55:53:68:d2:8d:9b:17:d8:bf:5c:76:
9f:70:1a:47:7d:8b:b7:f8:e2:31:16:e7:a2:84:ba:
03:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6E:58:D8:65:91:F5:28:95:11:FA:5D:88:78:E1:D4:2C:B3:AD:D7
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/bG5Y2GWR9SiVEfpdiHjh1Cyzrdc.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.0.0/20
Signature Algorithm: sha256WithRSAEncryption
13:57:c9:22:87:3e:e1:59:d5:ac:76:d6:3d:05:fd:31:a7:8d:
5b:d3:32:88:d4:12:2b:a2:24:5c:7f:fe:31:59:58:23:e0:44:
fe:7f:6b:8a:b7:ca:9a:e9:ec:13:88:84:b9:99:35:21:ff:f2:
25:fb:33:98:1f:36:d8:41:ed:d5:d3:db:ee:e5:0e:d1:53:5a:
0d:73:f2:60:7c:4f:9c:f9:28:7e:5d:bd:4e:47:a0:1e:57:5f:
b9:c7:07:16:fd:4f:0a:88:cd:8b:6e:28:f3:29:b6:63:aa:16:
f9:44:ef:e6:fe:26:fd:15:a7:c7:bf:7e:3a:7d:13:b7:7e:05:
89:5d:9b:74:d7:c0:39:0e:db:f8:83:16:73:cb:7f:17:96:a4:
f8:b8:7e:d2:fe:93:8a:84:cf:bd:41:13:28:76:79:8d:dc:fd:
0f:d0:3a:4a:a5:64:5f:79:10:98:46:62:00:d3:4d:06:d9:42:
7d:3d:49:ce:55:d2:c1:20:b9:d4:35:c2:77:a0:a3:d2:ab:43:
89:9a:6e:03:b2:2d:85:98:24:41:9c:c2:c6:87:d9:2f:2c:f2:
30:a3:c3:ed:94:2e:6a:0e:d2:d2:b8:3a:07:0b:b1:83:2c:6e:
0e:e7:6e:b1:d0:5e:a2:34:27:62:fa:16:bd:2f:ec:3b:e4:d3:
ec:87:13:42
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD74wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MzBaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDZDNkU1OEQ4NjU5MUY1
Mjg5NTExRkE1RDg4NzhFMUQ0MkNCM0FERDcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3OQyDSWHvTB+G/Xeb6ij41nGDcI8E+g51leWDpYr4Bp+4azzf
6Deqmbqak/kvYhI064Q2cFaLpIG27tUTEyc4PH5XZj9ChOd3UbciNoZHwSwIUIZr
E+sgeQPMsQA+hWsNoF/3QEGmZKMJdcTCUW2RVX16wuwniCb6AXlWyNbLi3bD6iUK
67cUxyN0WoQ6UphIWuEYpzuKeLdD741JCRCYOBUrQuzWz9wXRp9ljSX6UJSWwicV
orZT4n8QX9X1u1gNruQgzre1jRNGfjhF9EPnNMsoaUElE06ut4D90m0H1RxscJRV
U2jSjZsX2L9cdp9wGkd9i7f44jEW56KEugNBAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUbG5Y2GWR9SiVEfpdiHjh1CyzrdcwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9iRzVZMkdXUjlTaVZF
ZnBkaUhqaDFDeXpyZGMucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQElnUAMA0GCSqGSIb3DQEBCwUAA4IBAQATV8kihz7hWdWsdtY9Bf0xp41b0zKI
1BIroiRcf/4xWVgj4ET+f2uKt8qa6ewTiIS5mTUh//Il+zOYHzbYQe3V09vu5Q7R
U1oNc/JgfE+c+Sh+Xb1OR6AeV1+5xwcW/U8KiM2LbijzKbZjqhb5RO/m/ib9FafH
v346fRO3fgWJXZt018A5Dtv4gxZzy38XlqT4uH7S/pOKhM+9QRModnmN3P0P0DpK
pWRfeRCYRmIA000G2UJ9PUnOVdLBILnUNcJ3oKPSq0OJmm4Dsi2FmCRBnMLGh9kv
LPIwo8PtlC5qDtLSuDoHC7GDLG4O526x0F6iNCdi+ha9L+w75NPshxNC
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:30:02 2025 by rpki-client