Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/lBsH02jhP0L3lWLN4AQAGynkcEQ.roa
File: lBsH02jhP0L3lWLN4AQAGynkcEQ.roa (raw, json)
Hash identifier: GLdwfEWk7D1hGkd7ptbLamT1pOvZwceyKwbqOt8wE6I=
Subject key identifier: 94:1B:07:D3:68:E1:3F:42:F7:95:62:CD:E0:04:00:1B:29:E4:70:44
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0B10
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/lBsH02jhP0L3lWLN4AQAGynkcEQ.roa
Signing time: Sun 07 Feb 2021 12:59:50 +0000
ROA not before: Sun 07 Feb 2021 12:59:50 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 10085
IP address blocks: 203.163.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2832 (0xb10)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 7 12:59:50 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=941B07D368E13F42F79562CDE004001B29E47044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1a:7e:23:91:0e:0c:10:d8:73:9d:25:1c:04:
0f:09:6e:97:e6:38:ca:2b:fd:ca:f3:36:80:a4:27:
05:fd:f7:a0:eb:b7:a7:96:23:56:85:e2:78:e5:42:
91:ed:5d:4f:bb:4c:c5:ad:76:46:d2:c8:b4:d4:ac:
cf:5e:f3:39:11:bf:e5:16:62:87:2f:3c:5c:73:88:
02:19:a0:07:35:dc:0e:36:60:3a:ca:75:4b:d5:aa:
47:fa:df:c8:ee:0f:60:17:ae:3b:9c:f2:76:0a:35:
45:c2:dd:e1:18:6c:09:ca:c2:29:92:b8:f9:00:b5:
d8:0a:f1:e4:c8:21:40:d9:98:22:42:45:c6:b1:6f:
7a:06:07:fd:86:28:37:01:ce:f2:aa:75:b2:16:09:
35:3e:35:d2:52:2f:b3:ed:3e:de:63:1b:df:23:5d:
3b:7d:5a:c4:d5:16:3e:ba:19:09:6d:93:d4:fb:31:
24:c0:12:15:c1:1e:63:9f:ff:82:a0:b8:bb:20:d6:
8a:40:fd:1e:e1:cc:29:bc:69:ef:a4:43:f9:17:5f:
34:bc:78:ad:06:5c:a8:a1:dc:44:60:4d:0c:c6:f1:
b8:38:ea:5b:d3:a5:fa:a4:e1:f9:60:fb:3b:b8:a9:
e1:fc:df:e9:1d:ff:f2:a8:5c:d6:9b:fc:68:77:bf:
e8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1B:07:D3:68:E1:3F:42:F7:95:62:CD:E0:04:00:1B:29:E4:70:44
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/lBsH02jhP0L3lWLN4AQAGynkcEQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.163.204.0/22
Signature Algorithm: sha256WithRSAEncryption
60:8d:62:ca:c6:fa:67:67:eb:33:11:cd:e7:66:08:61:da:35:
b9:67:54:d5:b3:97:3f:85:35:6d:12:fd:11:55:37:3b:cf:dc:
13:50:63:82:d0:bc:b6:e9:d4:66:c9:1c:5c:4b:ca:86:13:a3:
86:30:88:d4:ff:1b:00:d6:6c:23:c5:d8:24:ca:f8:c0:81:e9:
de:95:d2:e0:54:02:82:67:cb:00:5a:5c:06:bc:d5:9d:cb:7a:
0f:ef:96:d9:b6:5c:56:81:c6:74:36:7d:ff:b5:c2:e3:e1:72:
9c:8b:ea:e7:eb:76:38:44:e2:aa:af:9e:a8:fe:77:d7:a8:9e:
ce:d8:75:12:e6:f6:aa:af:83:45:9b:e2:6c:ff:64:4b:5a:41:
76:93:00:e9:8b:57:9a:55:7a:62:74:96:30:e5:5c:16:a6:d6:
4a:8b:22:82:bf:b1:f9:f0:a5:cc:16:5c:42:92:3e:6b:81:46:
8d:7a:3c:23:b4:13:b3:d4:52:64:ef:99:d6:cb:97:bf:da:21:
10:be:8a:5b:c2:09:ff:26:e8:0d:32:40:28:1f:38:42:19:ca:
dc:3e:85:33:0e:7d:25:b7:eb:6d:72:6a:31:00:58:1d:ee:d8:
74:5a:eb:b1:a5:32:a9:8e:23:82:3d:83:44:32:e8:7e:b0:c9:
5a:7f:11:07
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCxAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTAyMDcx
MjU5NTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDk0MUIwN0QzNjhFMTNG
NDJGNzk1NjJDREUwMDQwMDFCMjlFNDcwNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/Gn4jkQ4MENhznSUcBA8JbpfmOMor/crzNoCkJwX996Drt6eW
I1aF4njlQpHtXU+7TMWtdkbSyLTUrM9e8zkRv+UWYocvPFxziAIZoAc13A42YDrK
dUvVqkf638juD2AXrjuc8nYKNUXC3eEYbAnKwimSuPkAtdgK8eTIIUDZmCJCRcax
b3oGB/2GKDcBzvKqdbIWCTU+NdJSL7PtPt5jG98jXTt9WsTVFj66GQltk9T7MSTA
EhXBHmOf/4KguLsg1opA/R7hzCm8ae+kQ/kXXzS8eK0GXKih3ERgTQzG8bg46lvT
pfqk4flg+zu4qeH83+kd//KoXNab/Gh3v+hjAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUlBsH02jhP0L3lWLN4AQAGynkcEQwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9sQnNIMDJqaFAwTDNs
V0xONEFRQUd5bmtjRVEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCy6PMMA0GCSqGSIb3DQEBCwUAA4IBAQBgjWLKxvpnZ+szEc3nZghh2jW5Z1TV
s5c/hTVtEv0RVTc7z9wTUGOC0Ly26dRmyRxcS8qGE6OGMIjU/xsA1mwjxdgkyvjA
geneldLgVAKCZ8sAWlwGvNWdy3oP75bZtlxWgcZ0Nn3/tcLj4XKci+rn63Y4ROKq
r56o/nfXqJ7O2HUS5vaqr4NFm+Js/2RLWkF2kwDpi1eaVXpidJYw5VwWptZKiyKC
v7H58KXMFlxCkj5rgUaNejwjtBOz1FJk75nWy5e/2iEQvopbwgn/JugNMkAoHzhC
GcrcPoUzDn0lt+ttcmoxAFgd7th0WuuxpTKpjiOCPYNEMuh+sMlafxEH
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org