Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iXBPGxSO3BYjuxH4A-2Pb9DXwyA.roa
File: iXBPGxSO3BYjuxH4A-2Pb9DXwyA.roa (raw, json)
Hash identifier: wolCJoXeF4GEZnLPzxggp1F8p54JdrMkSxuKCF+EJuw=
Subject key identifier: 89:70:4F:1B:14:8E:DC:16:23:BB:11:F8:03:ED:8F:6F:D0:D7:C3:20
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0D61
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iXBPGxSO3BYjuxH4A-2Pb9DXwyA.roa
Signing time: Thu 15 Sep 2022 02:38:56 +0000
ROA not before: Thu 15 Sep 2022 02:38:56 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 10085
IP address blocks: 203.163.208.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3425 (0xd61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 15 02:38:56 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=89704F1B148EDC1623BB11F803ED8F6FD0D7C320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2c:20:d4:e6:db:f8:52:a2:11:86:1b:82:9d:
80:e6:42:b8:48:64:1e:66:91:65:f9:b3:e7:6c:33:
b1:a9:74:ec:0b:f7:16:1d:9a:7e:a7:1e:6e:8b:43:
12:10:52:c1:63:fe:6a:f9:59:93:a9:53:70:57:9a:
de:d3:50:4a:b7:32:5f:d7:d1:02:5e:65:e0:69:f8:
1e:58:40:38:19:37:71:d2:54:73:df:c8:c5:be:e5:
89:61:04:41:ae:14:38:b0:5a:bd:70:14:1b:97:51:
b2:b5:b9:df:eb:16:1d:fb:a4:15:f5:8d:f3:5a:e8:
5b:c3:e6:17:e7:70:f3:34:ba:5f:e6:77:22:52:18:
b0:dd:a0:53:75:74:2d:b7:38:c4:4b:e8:f7:58:63:
5c:43:e9:a4:12:c6:32:eb:08:e1:ed:b2:53:6e:45:
ac:a0:65:8e:7b:91:df:ca:d2:bf:c8:68:ac:5e:54:
6f:95:fc:8b:74:7a:0d:10:ff:85:13:9b:b9:42:30:
13:bb:2f:9a:a5:91:a8:bc:92:cb:3d:ae:a6:18:72:
d1:26:35:6d:40:0d:87:8b:67:dd:08:51:6a:d9:69:
8e:55:5c:68:9b:e3:cb:4d:3e:b8:f5:40:15:6f:30:
38:dd:dc:6f:d8:63:59:3f:48:19:8f:fb:1a:c4:76:
df:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:70:4F:1B:14:8E:DC:16:23:BB:11:F8:03:ED:8F:6F:D0:D7:C3:20
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/iXBPGxSO3BYjuxH4A-2Pb9DXwyA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.163.208.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:68:e6:c3:9e:f2:71:c6:1b:fd:8f:a7:39:52:81:0e:39:39:
8e:40:e1:fd:aa:a3:57:6b:8e:00:14:e6:cd:85:5c:b0:32:4b:
3d:e8:1b:f7:0c:92:e9:60:f1:6b:fe:60:20:98:92:1e:c2:8f:
19:a1:05:6a:67:45:4d:5a:f3:49:5c:84:a7:8e:5d:d6:80:2f:
48:d4:5f:17:d8:1c:49:6b:5d:14:19:75:e9:68:97:6d:41:eb:
bd:86:9f:b7:9a:53:1a:a7:78:f2:bf:86:17:ad:0e:85:0d:ce:
c5:5f:08:30:07:6a:97:37:19:7e:38:8a:7b:87:c3:a0:40:7b:
57:d1:ef:b7:da:5b:1f:27:e7:53:83:54:8b:68:2c:d6:df:6b:
53:a2:1d:b3:5e:6b:fc:8e:d6:c4:f7:9b:f0:ba:37:e4:71:56:
69:05:50:64:db:5d:20:fd:d4:38:9a:10:a2:46:34:75:c8:1b:
04:29:12:fd:82:88:65:c8:26:fe:4e:f1:ec:54:3a:b1:28:59:
a1:81:5d:79:25:b7:b7:fd:6e:92:ed:bb:44:3d:73:3d:a7:ed:
ac:fb:b9:68:4e:01:32:9f:58:a8:19:5f:21:00:f0:ee:7b:ae:
82:a7:ab:41:9f:6b:51:3a:e1:51:6e:8b:1c:65:ae:78:94:4c:
bc:fb:97:04
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjA5MTUw
MjM4NTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDg5NzA0RjFCMTQ4RURD
MTYyM0JCMTFGODAzRUQ4RjZGRDBEN0MzMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9LCDU5tv4UqIRhhuCnYDmQrhIZB5mkWX5s+dsM7GpdOwL9xYd
mn6nHm6LQxIQUsFj/mr5WZOpU3BXmt7TUEq3Ml/X0QJeZeBp+B5YQDgZN3HSVHPf
yMW+5YlhBEGuFDiwWr1wFBuXUbK1ud/rFh37pBX1jfNa6FvD5hfncPM0ul/mdyJS
GLDdoFN1dC23OMRL6PdYY1xD6aQSxjLrCOHtslNuRaygZY57kd/K0r/IaKxeVG+V
/It0eg0Q/4UTm7lCMBO7L5qlkai8kss9rqYYctEmNW1ADYeLZ90IUWrZaY5VXGib
48tNPrj1QBVvMDjd3G/YY1k/SBmP+xrEdt9NAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUiXBPGxSO3BYjuxH4A+2Pb9DXwyAwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9pWEJQR3hTTzNCWWp1
eEg0QS0yUGI5RFh3eUEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCy6PQMA0GCSqGSIb3DQEBCwUAA4IBAQAPaObDnvJxxhv9j6c5UoEOOTmOQOH9
qqNXa44AFObNhVywMks96Bv3DJLpYPFr/mAgmJIewo8ZoQVqZ0VNWvNJXISnjl3W
gC9I1F8X2BxJa10UGXXpaJdtQeu9hp+3mlMap3jyv4YXrQ6FDc7FXwgwB2qXNxl+
OIp7h8OgQHtX0e+32lsfJ+dTg1SLaCzW32tToh2zXmv8jtbE95vwujfkcVZpBVBk
210g/dQ4mhCiRjR1yBsEKRL9gohlyCb+TvHsVDqxKFmhgV15Jbe3/W6S7btEPXM9
p+2s+7loTgEyn1ioGV8hAPDue66Cp6tBn2tROuFRboscZa54lEy8+5cE
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org