Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/bXKgJ7GgsEhqS-sU5Fqrk0HW37M.roa
File: bXKgJ7GgsEhqS-sU5Fqrk0HW37M.roa (raw, json)
Hash identifier: FW14vJyaLUBH1bRqES8NdE6HY99dAbCOx6A8u4MwDwc=
Subject key identifier: 6D:72:A0:27:B1:A0:B0:48:6A:4B:EB:14:E4:5A:AB:93:41:D6:DF:B3
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0AFA
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/bXKgJ7GgsEhqS-sU5Fqrk0HW37M.roa
Signing time: Sun 07 Feb 2021 12:59:28 +0000
ROA not before: Sun 07 Feb 2021 12:59:28 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 38851
IP address blocks: 223.26.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2810 (0xafa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 7 12:59:28 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=6D72A027B1A0B0486A4BEB14E45AAB9341D6DFB3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:ba:e9:f2:05:b1:65:c7:04:d5:ca:ed:bc:
de:6c:b9:51:4d:0a:f5:19:8e:46:eb:f0:54:02:ec:
fc:b5:1d:e2:30:48:fb:47:ba:3c:24:57:17:ad:fd:
6b:ce:a5:16:87:ca:60:14:45:a3:f2:aa:43:84:07:
1f:33:35:65:58:a5:c7:98:45:05:52:2d:7f:c4:77:
b2:1d:ad:2b:7f:93:10:d8:53:83:f0:fc:f1:9a:05:
92:ee:57:41:8e:43:9c:4d:be:1d:cc:ff:36:34:5b:
6e:8a:6d:67:a6:2a:23:61:43:0a:e8:eb:50:f9:54:
eb:1b:89:c6:cd:68:8f:ef:7e:28:25:75:6f:a7:c5:
da:53:c8:94:12:fb:12:d5:39:67:76:b2:b7:e1:41:
75:64:10:74:7a:2f:d6:3f:f0:24:9d:7d:98:8f:9c:
91:60:bb:7a:fb:18:cc:ef:e3:05:56:d5:42:d8:48:
74:86:4a:05:aa:49:c6:73:60:56:66:f0:29:5c:05:
22:00:3b:20:bc:46:21:78:87:91:c3:00:a3:ef:8d:
1a:ef:a6:f6:73:9b:f2:83:28:03:d2:ed:6c:43:08:
f0:de:96:fc:42:74:fb:85:f7:9c:42:a6:99:7c:86:
2e:c8:27:a1:6b:6f:bc:7a:c5:b4:82:1a:dc:34:0b:
36:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:72:A0:27:B1:A0:B0:48:6A:4B:EB:14:E4:5A:AB:93:41:D6:DF:B3
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/bXKgJ7GgsEhqS-sU5Fqrk0HW37M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
223.26.108.0/22
Signature Algorithm: sha256WithRSAEncryption
33:ec:d1:a9:7c:95:6f:41:18:86:e3:0f:a4:b1:d1:93:8b:16:
d2:be:fb:35:3e:2e:07:7a:32:d8:a1:35:42:38:90:17:49:aa:
a6:a7:c8:02:f0:6d:59:4d:21:64:db:1f:50:8d:f1:e7:73:3b:
1e:d2:3e:24:9b:c2:6a:68:66:1b:67:0a:9e:31:92:6d:e4:59:
93:c8:1c:dd:38:8e:0a:07:d9:0f:ea:b1:10:da:64:a6:7e:9c:
7c:e5:1d:97:b9:a4:59:db:6e:cc:e6:b5:73:71:3a:68:3d:7b:
c9:f7:a0:9e:8b:38:bb:53:b0:cb:a6:62:9e:a2:37:5e:64:71:
66:bd:7d:ed:d2:77:14:29:50:2e:c4:ec:c3:42:05:7b:80:c1:
64:f2:00:df:33:49:65:39:04:b3:73:23:ed:ea:78:84:ec:f5:
17:ff:75:dc:27:c3:e6:59:9b:66:96:95:8f:28:2c:49:3d:4b:
ac:57:a8:ad:9f:0d:fd:5b:ff:64:ba:9f:d1:f9:e8:d3:bf:14:
dc:38:4e:e7:ae:9b:69:9b:b1:37:77:64:89:06:8a:ed:30:99:
93:3a:56:50:7e:43:46:31:68:f3:7b:8a:ae:5d:54:5d:e3:d9:
ce:28:a3:3c:01:e5:bb:cf:df:c4:5d:79:6d:d4:30:18:05:88:
11:b4:43:35
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCvowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTAyMDcx
MjU5MjhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDZENzJBMDI3QjFBMEIw
NDg2QTRCRUIxNEU0NUFBQjkzNDFENkRGQjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC65Lrp8gWxZccE1crtvN5suVFNCvUZjkbr8FQC7Py1HeIwSPtH
ujwkVxet/WvOpRaHymAURaPyqkOEBx8zNWVYpceYRQVSLX/Ed7IdrSt/kxDYU4Pw
/PGaBZLuV0GOQ5xNvh3M/zY0W26KbWemKiNhQwro61D5VOsbicbNaI/vfigldW+n
xdpTyJQS+xLVOWd2srfhQXVkEHR6L9Y/8CSdfZiPnJFgu3r7GMzv4wVW1ULYSHSG
SgWqScZzYFZm8ClcBSIAOyC8RiF4h5HDAKPvjRrvpvZzm/KDKAPS7WxDCPDelvxC
dPuF95xCppl8hi7IJ6Frb7x6xbSCGtw0CzZZAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUbXKgJ7GgsEhqS+sU5Fqrk0HW37MwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9iWEtnSjdHZ3NFaHFT
LXNVNUZxcmswSFczN00ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQC3xpsMA0GCSqGSIb3DQEBCwUAA4IBAQAz7NGpfJVvQRiG4w+ksdGTixbSvvs1
Pi4HejLYoTVCOJAXSaqmp8gC8G1ZTSFk2x9QjfHnczse0j4km8JqaGYbZwqeMZJt
5FmTyBzdOI4KB9kP6rEQ2mSmfpx85R2XuaRZ227M5rVzcTpoPXvJ96Ceizi7U7DL
pmKeojdeZHFmvX3t0ncUKVAuxOzDQgV7gMFk8gDfM0llOQSzcyPt6niE7PUX/3Xc
J8PmWZtmlpWPKCxJPUusV6itnw39W/9kup/R+ejTvxTcOE7nrptpm7E3d2SJBort
MJmTOlZQfkNGMWjze4quXVRd49nOKKM8AeW7z9/EXXlt1DAYBYgRtEM1
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org