Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/n5Rd8k62lIly0cM23NYKvYNtc8M.roa
File: n5Rd8k62lIly0cM23NYKvYNtc8M.roa (raw, json)
Hash identifier: ALzvyJ+GgEVlFP0c9axIy9Bbp88jpsyS/DIHVMMDaHg=
Subject key identifier: 9F:94:5D:F2:4E:B6:94:89:72:D1:C3:36:DC:D6:0A:BD:83:6D:73:C3
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0D61
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/n5Rd8k62lIly0cM23NYKvYNtc8M.roa
Signing time: Thu 15 Sep 2022 02:39:03 +0000
ROA not before: Thu 15 Sep 2022 02:39:03 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131607
IP address blocks: 150.117.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3425 (0xd61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 15 02:39:03 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9F945DF24EB6948972D1C336DCD60ABD836D73C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:51:ec:51:54:f9:d7:00:68:1c:4d:c7:cf:52:
df:e8:dd:08:8b:ba:67:e1:a9:f1:1f:63:4e:31:03:
bd:c9:a4:23:81:33:c2:3d:b7:22:aa:61:81:e4:21:
e6:c6:c0:86:00:8c:b2:ec:14:77:c6:f7:27:62:07:
e6:8d:f5:1d:2a:63:0e:19:c5:a9:7b:8e:82:09:7c:
99:73:43:a5:13:01:28:b7:a6:02:fa:1b:14:d8:f6:
68:45:d5:f2:f8:e2:a2:3e:b4:fe:8e:6e:3f:a2:33:
8d:1d:a4:7d:3e:bf:b7:fd:01:96:74:f0:03:bd:b6:
4f:25:2b:e2:b0:1e:7a:5b:a8:a6:d2:81:f9:a5:14:
a8:ad:6c:c1:43:d6:aa:dc:4c:ad:e5:92:92:c2:a3:
11:d4:07:25:7c:56:1e:97:ad:8e:64:37:cc:29:24:
5a:0d:0b:da:5a:ca:70:66:79:67:75:65:92:dd:20:
c1:7a:35:36:67:8a:f0:e2:da:55:ca:fc:64:bc:fb:
fd:0a:eb:56:d4:d8:6f:a6:04:28:a6:d6:3f:57:00:
f4:5f:c7:a0:0d:de:c4:2e:b8:d4:e1:b2:6d:c3:09:
9e:e6:ee:18:76:5c:dd:ef:f1:e0:2e:d9:54:8f:fa:
92:59:89:c0:2f:de:e1:cb:04:7b:dd:b0:c4:8a:8d:
79:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:94:5D:F2:4E:B6:94:89:72:D1:C3:36:DC:D6:0A:BD:83:6D:73:C3
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/n5Rd8k62lIly0cM23NYKvYNtc8M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.168.0/21
Signature Algorithm: sha256WithRSAEncryption
56:ac:16:1b:cb:b1:e7:81:20:15:e9:cd:22:b8:f7:ec:3c:67:
d2:48:43:9c:6b:15:8b:29:a8:f6:e2:6c:49:f8:db:55:b7:b4:
b1:90:99:35:fb:0b:b9:c7:e9:5d:ad:20:b1:93:c6:82:c2:60:
83:11:20:74:e8:27:3d:16:58:d2:1d:25:81:5c:be:05:4b:6a:
f8:23:ef:52:f0:f3:0a:98:a2:fc:9a:11:34:db:d9:3b:ff:27:
62:eb:47:d8:39:c3:05:f8:6e:d6:69:37:3d:9b:e8:c8:95:82:
15:e4:bc:3f:ef:e6:bb:51:6d:7a:38:36:bc:6a:9f:ff:1a:9d:
7a:b1:7d:00:a3:f1:0c:cc:a3:12:65:f6:2c:03:bf:ab:16:49:
6d:ea:57:a4:69:a1:97:3a:bd:d8:3a:35:42:47:38:12:c6:74:
ab:73:5e:3a:55:a4:02:b7:ef:ba:8f:8e:9a:f5:3d:26:cd:74:
b3:fd:57:47:da:e1:c5:20:0b:61:12:36:ba:f1:f7:49:db:c8:
ea:f3:34:f1:4b:36:37:f2:0f:3a:36:a6:54:b7:f5:55:46:c1:
d4:96:35:11:61:cd:c5:dd:dd:24:4a:7d:4e:46:ae:1b:44:c1:
ee:fb:c5:4f:b6:8e:92:96:13:af:b8:01:8f:53:84:5e:09:a7:
5b:ac:08:92
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDWEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjA5MTUw
MjM5MDNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDlGOTQ1REYyNEVCNjk0
ODk3MkQxQzMzNkRDRDYwQUJEODM2RDczQzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDPUexRVPnXAGgcTcfPUt/o3QiLumfhqfEfY04xA73JpCOBM8I9
tyKqYYHkIebGwIYAjLLsFHfG9ydiB+aN9R0qYw4Zxal7joIJfJlzQ6UTASi3pgL6
GxTY9mhF1fL44qI+tP6Obj+iM40dpH0+v7f9AZZ08AO9tk8lK+KwHnpbqKbSgfml
FKitbMFD1qrcTK3lkpLCoxHUByV8Vh6XrY5kN8wpJFoNC9paynBmeWd1ZZLdIMF6
NTZnivDi2lXK/GS8+/0K61bU2G+mBCim1j9XAPRfx6AN3sQuuNThsm3DCZ7m7hh2
XN3v8eAu2VSP+pJZicAv3uHLBHvdsMSKjXmBAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUn5Rd8k62lIly0cM23NYKvYNtc8MwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9uNVJkOGs2MmxJbHkw
Y00yM05ZS3ZZTnRjOE0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnWoMA0GCSqGSIb3DQEBCwUAA4IBAQBWrBYby7HngSAV6c0iuPfsPGfSSEOc
axWLKaj24mxJ+NtVt7SxkJk1+wu5x+ldrSCxk8aCwmCDESB06Cc9FljSHSWBXL4F
S2r4I+9S8PMKmKL8mhE029k7/ydi60fYOcMF+G7WaTc9m+jIlYIV5Lw/7+a7UW16
ODa8ap//Gp16sX0Ao/EMzKMSZfYsA7+rFklt6lekaaGXOr3YOjVCRzgSxnSrc146
VaQCt++6j46a9T0mzXSz/VdH2uHFIAthEja68fdJ28jq8zTxSzY38g86NqZUt/VV
RsHUljURYc3F3d0kSn1ORq4bRMHu+8VPto6SlhOvuAGPU4ReCadbrAiS
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org