Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/fQ8P2HAbxJinbtPLN7BoyDHd1ig.roa
File: fQ8P2HAbxJinbtPLN7BoyDHd1ig.roa (raw, json)
Hash identifier: NOhH1qWHeL3ZOWcWh5W+siLSt2K6I3PjCcxsS0BR75s=
Subject key identifier: 7D:0F:0F:D8:70:1B:C4:98:A7:6E:D3:CB:37:B0:68:C8:31:DD:D6:28
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0D61
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/fQ8P2HAbxJinbtPLN7BoyDHd1ig.roa
Signing time: Thu 15 Sep 2022 02:39:02 +0000
ROA not before: Thu 15 Sep 2022 02:39:02 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 18049
IP address blocks: 43.240.152.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3425 (0xd61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 15 02:39:02 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=7D0F0FD8701BC498A76ED3CB37B068C831DDD628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:1f:47:c0:67:51:6a:d3:11:a5:7a:9f:c8:f8:
d3:dd:99:a5:5c:cb:dd:e2:fa:d0:4b:ce:08:48:78:
0e:b3:71:9c:33:42:6f:9a:d6:a8:3b:35:40:29:97:
68:09:4d:0e:2b:cf:66:b4:4c:de:6f:ae:e0:c3:27:
17:d4:f4:36:04:f0:36:5d:17:71:1d:55:4d:ec:3a:
93:7d:cc:50:75:90:49:4d:f3:c7:b6:7b:4e:82:f5:
e3:a2:86:a4:48:7b:4f:53:3d:a1:f7:1a:32:ff:b4:
75:fc:c7:7c:b1:57:d0:17:59:04:bb:a1:d9:0d:07:
2b:ab:bd:4a:3e:77:4d:cb:44:a7:a0:8f:3e:06:f9:
75:23:71:9d:40:a1:9b:40:77:dd:84:b8:37:eb:f5:
c7:35:ce:42:12:41:ec:f0:59:41:c7:af:85:50:8d:
6b:60:4f:56:3f:7c:e9:ed:82:61:2c:58:b3:a7:dd:
eb:eb:aa:53:7a:b3:5a:55:1c:6b:3c:83:19:cc:ae:
17:0c:0c:b5:f5:10:e8:a0:37:94:fb:ab:fa:02:2e:
24:89:2b:57:05:0c:f7:7b:d2:de:8e:34:a5:20:24:
89:51:af:44:cd:f5:4d:3d:1e:af:b4:4c:8a:9a:8c:
b0:dc:e4:af:b5:73:cf:41:04:d0:c3:6c:c3:f9:79:
1d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:0F:0F:D8:70:1B:C4:98:A7:6E:D3:CB:37:B0:68:C8:31:DD:D6:28
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/fQ8P2HAbxJinbtPLN7BoyDHd1ig.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.240.152.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:f3:65:de:f2:80:69:38:b3:8c:f0:c0:db:b8:d0:ac:fb:c0:
39:01:a2:24:6d:e1:2b:86:91:cc:ea:67:42:97:49:ca:01:cc:
0c:3f:04:f5:b6:ef:c9:52:66:59:86:0d:92:bf:c7:26:ec:8c:
13:8c:73:ea:c3:09:63:89:83:97:80:0f:6d:65:17:ed:40:9d:
a5:e8:d0:44:63:fd:b9:05:f2:e3:f0:32:43:3f:a8:6e:e4:de:
6b:46:0d:52:fa:71:63:18:d6:a9:0d:9d:4e:d1:23:88:12:e3:
ca:0d:e7:63:e5:7a:56:a7:c7:a4:22:dc:39:57:cc:9c:75:98:
19:cf:52:61:c5:19:3b:5a:e4:9d:37:a0:52:bb:54:7e:e1:ad:
30:09:84:19:12:fc:8a:2a:f8:d8:31:58:35:3b:43:1b:c4:7b:
ad:87:59:7f:85:32:eb:ed:c1:c6:9e:e8:9f:a8:7e:eb:81:88:
e6:74:37:b7:c8:a4:17:18:57:3d:e4:f1:a8:e9:ab:2d:35:a4:
c4:ec:29:b0:e4:e5:43:42:24:dd:bf:ed:74:33:1f:f8:3f:a9:
40:7f:8d:43:46:5e:44:8a:32:2e:99:7d:74:9e:e3:fd:5c:e6:
2c:60:d7:40:bc:c5:c5:4a:98:04:13:0c:1d:48:64:34:49:0e:
38:63:36:cb
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjA5MTUw
MjM5MDJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDdEMEYwRkQ4NzAxQkM0
OThBNzZFRDNDQjM3QjA2OEM4MzFEREQ2MjgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOH0fAZ1Fq0xGlep/I+NPdmaVcy93i+tBLzghIeA6zcZwzQm+a
1qg7NUApl2gJTQ4rz2a0TN5vruDDJxfU9DYE8DZdF3EdVU3sOpN9zFB1kElN88e2
e06C9eOihqRIe09TPaH3GjL/tHX8x3yxV9AXWQS7odkNByurvUo+d03LRKegjz4G
+XUjcZ1AoZtAd92EuDfr9cc1zkISQezwWUHHr4VQjWtgT1Y/fOntgmEsWLOn3evr
qlN6s1pVHGs8gxnMrhcMDLX1EOigN5T7q/oCLiSJK1cFDPd70t6ONKUgJIlRr0TN
9U09Hq+0TIqajLDc5K+1c89BBNDDbMP5eR2PAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUfQ8P2HAbxJinbtPLN7BoyDHd1igwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9mUThQMkhBYnhKaW5i
dFBMTjdCb3lESGQxaWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCK/CYMA0GCSqGSIb3DQEBCwUAA4IBAQCn82Xe8oBpOLOM8MDbuNCs+8A5AaIk
beErhpHM6mdCl0nKAcwMPwT1tu/JUmZZhg2Sv8cm7IwTjHPqwwljiYOXgA9tZRft
QJ2l6NBEY/25BfLj8DJDP6hu5N5rRg1S+nFjGNapDZ1O0SOIEuPKDedj5XpWp8ek
Itw5V8ycdZgZz1JhxRk7WuSdN6BSu1R+4a0wCYQZEvyKKvjYMVg1O0MbxHuth1l/
hTLr7cHGnuifqH7rgYjmdDe3yKQXGFc95PGo6astNaTE7Cmw5OVDQiTdv+10Mx/4
P6lAf41DRl5EijIumX10nuP9XOYsYNdAvMXFSpgEEwwdSGQ0SQ44YzbL
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:33 2025 by rpki-client