Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iWYR1k3vWCtsWAN-rmw0u3u4OEU.roa
File: iWYR1k3vWCtsWAN-rmw0u3u4OEU.roa (raw, json)
Hash identifier: kMm4dn9bsjMwl0dJ1+B4OSZJ1fkHM8WJ19lvk1/C/iU=
Subject key identifier: 89:66:11:D6:4D:EF:58:2B:6C:58:03:7E:AE:6C:34:BB:7B:B8:38:45
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0AAC
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iWYR1k3vWCtsWAN-rmw0u3u4OEU.roa
Signing time: Sun 07 Feb 2021 11:50:50 +0000
ROA not before: Sun 07 Feb 2021 11:50:50 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131627
IP address blocks: 150.117.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2732 (0xaac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 7 11:50:50 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=896611D64DEF582B6C58037EAE6C34BB7BB83845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:53:3f:f2:f6:4e:54:cb:69:b9:c6:7e:7c:74:
5c:e7:1a:5f:f2:c3:5f:3d:4d:79:66:c8:a7:46:e2:
61:e1:87:b3:be:02:f2:f1:4d:a1:a7:6c:d7:13:ed:
de:dc:f8:85:34:b4:8a:ec:90:83:0e:9a:3f:b0:55:
a7:d1:70:ad:43:22:a5:58:8d:93:de:80:a2:58:92:
47:b6:ab:45:9b:4f:85:35:6f:a4:cb:18:1d:a7:58:
2f:54:f6:17:1a:1b:ec:a9:73:b2:dc:33:62:c3:ed:
f7:b3:99:82:c2:0c:12:f8:91:38:83:80:6a:c4:1c:
75:9e:cd:c9:0f:c5:9e:e8:d4:c8:a6:bf:54:08:34:
d6:a6:79:bd:54:2c:ab:1c:19:cd:d4:0a:ef:db:f7:
fd:99:b7:69:5b:6e:93:22:6c:45:6a:f8:99:cb:9b:
86:7a:39:60:09:bc:fe:7d:ed:1e:53:ea:c2:dc:02:
a4:32:2b:6f:60:83:ae:4a:17:30:ab:38:23:37:de:
6f:5a:60:e5:ed:56:61:b7:49:c8:00:eb:47:98:b9:
d7:ba:24:e3:fe:6a:d7:00:23:e3:8d:14:51:b8:8a:
6f:ed:18:cc:42:36:de:58:09:d9:40:82:ef:05:9a:
11:4e:9f:b0:df:06:f8:43:15:27:c5:bc:70:a7:d7:
a7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:66:11:D6:4D:EF:58:2B:6C:58:03:7E:AE:6C:34:BB:7B:B8:38:45
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iWYR1k3vWCtsWAN-rmw0u3u4OEU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.232.0/21
Signature Algorithm: sha256WithRSAEncryption
8a:f7:b6:26:1b:1c:0e:d6:61:ab:81:06:d6:2a:03:42:43:f2:
36:16:23:6a:96:2b:aa:e1:9e:37:98:13:55:b4:2d:7d:8c:b5:
26:a2:7f:35:aa:54:37:74:39:2d:05:87:a7:de:92:12:0c:34:
0f:ca:42:7d:5c:9c:88:5f:49:c8:2c:09:d4:e4:c5:85:23:14:
0e:2f:fb:d3:47:43:54:77:2a:9a:2d:78:d6:b5:5a:df:36:80:
08:98:00:e1:e9:de:d2:56:60:d1:13:9a:36:55:1f:db:6a:6a:
b8:ef:14:b0:53:99:48:ff:a7:44:6f:57:9c:54:3f:0e:70:d9:
1e:03:d9:2b:02:35:28:d9:25:d8:b9:88:83:4e:a8:0c:2e:81:
05:cd:0d:03:f8:17:02:b5:4e:f2:e9:ae:47:76:92:44:01:c7:
9a:49:27:d0:1d:ce:be:5d:f2:49:69:d7:d6:2e:f8:5f:41:71:
3e:9d:0b:60:48:df:a4:22:51:4d:19:69:0b:8d:40:96:a9:99:
50:08:6e:a5:e8:fe:b3:89:ba:0a:af:25:7f:e3:60:48:89:08:
46:b2:86:27:a2:8d:27:f8:75:07:78:64:f4:ef:31:e7:39:f7:
a7:51:9f:ba:d0:83:60:6a:9b:b3:6a:54:3f:32:c2:1c:88:ca:
dd:aa:de:b4
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCqwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTAyMDcx
MTUwNTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDg5NjYxMUQ2NERFRjU4
MkI2QzU4MDM3RUFFNkMzNEJCN0JCODM4NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCtUz/y9k5Uy2m5xn58dFznGl/yw189TXlmyKdG4mHhh7O+AvLx
TaGnbNcT7d7c+IU0tIrskIMOmj+wVafRcK1DIqVYjZPegKJYkke2q0WbT4U1b6TL
GB2nWC9U9hcaG+ypc7LcM2LD7fezmYLCDBL4kTiDgGrEHHWezckPxZ7o1Mimv1QI
NNameb1ULKscGc3UCu/b9/2Zt2lbbpMibEVq+JnLm4Z6OWAJvP597R5T6sLcAqQy
K29gg65KFzCrOCM33m9aYOXtVmG3ScgA60eYude6JOP+atcAI+ONFFG4im/tGMxC
Nt5YCdlAgu8FmhFOn7DfBvhDFSfFvHCn16fHAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUiWYR1k3vWCtsWAN+rmw0u3u4OEUwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9pV1lSMWszdldDdHNX
QU4tcm13MHUzdTRPRVUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnXoMA0GCSqGSIb3DQEBCwUAA4IBAQCK97YmGxwO1mGrgQbWKgNCQ/I2FiNq
liuq4Z43mBNVtC19jLUmon81qlQ3dDktBYen3pISDDQPykJ9XJyIX0nILAnU5MWF
IxQOL/vTR0NUdyqaLXjWtVrfNoAImADh6d7SVmDRE5o2VR/bamq47xSwU5lI/6dE
b1ecVD8OcNkeA9krAjUo2SXYuYiDTqgMLoEFzQ0D+BcCtU7y6a5HdpJEAceaSSfQ
Hc6+XfJJadfWLvhfQXE+nQtgSN+kIlFNGWkLjUCWqZlQCG6l6P6ziboKryV/42BI
iQhGsoYnoo0n+HUHeGT07zHnOfenUZ+60INgapuzalQ/MsIciMrdqt60
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org