Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ip-lSrRLl_Q2nklB6YmAFiBytG0.roa
File: ip-lSrRLl_Q2nklB6YmAFiBytG0.roa (raw, json)
Hash identifier: Ey+uiy7ElQl+DBfZvvJLhrfHRNAnT5n8S8CbzjH9HfE=
Subject key identifier: 8A:9F:A5:4A:B4:4B:97:F4:36:9E:49:41:E9:89:80:16:20:72:B4:6D
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0F64
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ip-lSrRLl_Q2nklB6YmAFiBytG0.roa
Signing time: Fri 01 Sep 2023 08:29:04 +0000
ROA not before: Fri 01 Sep 2023 08:29:04 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131627
IP address blocks: 150.116.48.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3940 (0xf64)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 1 08:29:04 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=8A9FA54AB44B97F4369E4941E98980162072B46D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c9:fe:2c:c7:bb:f5:7a:7b:2d:cc:69:10:b5:
1e:b4:f0:9a:24:ca:8b:6d:b9:81:31:59:60:bb:09:
5f:27:1c:12:32:9c:da:5a:d4:7c:3a:07:af:58:ce:
21:25:cc:1a:54:73:80:02:67:ee:ca:7d:24:d4:26:
f5:89:2d:cc:50:1f:94:cd:06:4f:8e:5c:c9:39:7b:
3a:00:d2:47:f0:09:29:47:5c:d7:8a:98:bd:21:7f:
f2:5b:6b:77:0f:c2:c1:a0:e2:c9:49:4a:c7:ec:b1:
7f:f2:43:8c:82:17:26:f1:0b:53:ac:e2:74:71:bd:
57:41:6f:71:cf:bb:cc:ae:f4:d2:3f:c7:2b:97:21:
dc:24:19:1c:4f:41:8b:47:2e:46:c7:3a:c6:5a:65:
51:b3:a1:14:92:d5:f4:95:e9:83:41:12:48:2e:dc:
3b:e5:10:93:9c:fa:87:0a:9b:6c:5c:50:ca:09:99:
0e:81:a6:28:de:b2:d7:c9:4f:dc:11:9e:03:56:6d:
d7:34:dc:6f:d8:2b:eb:11:41:95:e4:2b:1a:f8:40:
49:f0:f9:0d:3c:6f:29:b8:78:06:3f:6c:b2:d0:6e:
1d:bf:65:80:40:58:02:61:65:75:84:e9:35:ce:a0:
0d:9d:06:d6:fb:fa:46:09:55:55:90:19:67:c4:ae:
14:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:9F:A5:4A:B4:4B:97:F4:36:9E:49:41:E9:89:80:16:20:72:B4:6D
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/ip-lSrRLl_Q2nklB6YmAFiBytG0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.48.0/22
Signature Algorithm: sha256WithRSAEncryption
89:b6:bc:91:36:23:07:7a:f9:8c:e0:ed:26:47:c3:78:21:a4:
40:0b:cf:69:63:be:85:17:e3:27:1a:79:69:fa:ec:b8:bf:cd:
24:8e:71:6a:b1:f5:85:1a:e1:82:0a:54:17:18:23:4e:85:47:
c0:48:e4:b7:ba:60:ae:64:de:d2:08:56:0a:3a:2e:61:1e:db:
a9:1c:c8:c0:83:b2:0a:13:82:41:81:23:34:c0:14:f1:b7:2f:
67:f1:52:3f:94:5d:58:fc:fb:45:85:aa:67:5d:b3:c2:66:ed:
b0:e4:6c:5b:dc:21:f5:8e:b3:6d:29:b3:9f:9f:5d:e4:bb:b8:
68:40:9a:cf:3b:30:4d:81:89:b9:22:6d:39:21:9b:7b:9c:99:
bd:be:66:d5:05:95:0f:9f:b8:79:7f:03:88:e2:50:60:ab:99:
8f:e0:d7:9b:cd:f0:f3:ef:34:a7:1c:bb:61:9d:b5:85:34:a9:
37:99:e8:25:f1:59:c3:31:ec:16:59:4e:87:84:a4:1c:bb:5d:
0e:57:dd:7b:57:6f:d8:f4:b7:04:89:da:13:b2:ef:f3:24:30:
77:18:18:a8:f3:ec:b9:01:5c:cb:63:3a:d4:0a:c0:46:76:40:
2c:f3:ce:c7:80:dc:fc:7b:a4:f9:41:e5:f1:fc:46:da:82:28:
bc:ae:ff:19
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD2QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDhBOUZBNTRBQjQ0Qjk3
RjQzNjlFNDk0MUU5ODk4MDE2MjA3MkI0NkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDEyf4sx7v1enstzGkQtR608JokyottuYExWWC7CV8nHBIynNpa
1Hw6B69YziElzBpUc4ACZ+7KfSTUJvWJLcxQH5TNBk+OXMk5ezoA0kfwCSlHXNeK
mL0hf/Jba3cPwsGg4slJSsfssX/yQ4yCFybxC1Os4nRxvVdBb3HPu8yu9NI/xyuX
IdwkGRxPQYtHLkbHOsZaZVGzoRSS1fSV6YNBEkgu3DvlEJOc+ocKm2xcUMoJmQ6B
pijestfJT9wRngNWbdc03G/YK+sRQZXkKxr4QEnw+Q08bym4eAY/bLLQbh2/ZYBA
WAJhZXWE6TXOoA2dBtb7+kYJVVWQGWfErhSdAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUip+lSrRLl/Q2nklB6YmAFiBytG0wHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9pcC1sU3JSTGxfUTJu
a2xCNlltQUZpQnl0RzAucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQClnQwMA0GCSqGSIb3DQEBCwUAA4IBAQCJtryRNiMHevmM4O0mR8N4IaRAC89p
Y76FF+MnGnlp+uy4v80kjnFqsfWFGuGCClQXGCNOhUfASOS3umCuZN7SCFYKOi5h
HtupHMjAg7IKE4JBgSM0wBTxty9n8VI/lF1Y/PtFhapnXbPCZu2w5Gxb3CH1jrNt
KbOfn13ku7hoQJrPOzBNgYm5Im05IZt7nJm9vmbVBZUPn7h5fwOI4lBgq5mP4Neb
zfDz7zSnHLthnbWFNKk3megl8VnDMewWWU6HhKQcu10OV917V2/Y9LcEidoTsu/z
JDB3GBio8+y5AVzLYzrUCsBGdkAs887HgNz8e6T5QeXx/Ebagii8rv8Z
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:32 2025 by rpki-client