Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/qh8aWi3FQkuZ-tifI3YMqECJ3kk.roa
File: qh8aWi3FQkuZ-tifI3YMqECJ3kk.roa (raw, json)
Hash identifier: gdLNCZzwx6mV0ztMzcTl+qdX/rAeVwYNEUaUucv5PwM=
Subject key identifier: AA:1F:1A:5A:2D:C5:42:4B:99:FA:D8:9F:23:76:0C:A8:40:89:DE:49
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0DE3
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/qh8aWi3FQkuZ-tifI3YMqECJ3kk.roa
Signing time: Thu 29 Dec 2022 09:31:59 +0000
ROA not before: Thu 29 Dec 2022 09:31:59 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131273
IP address blocks: 113.21.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3555 (0xde3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Dec 29 09:31:59 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=AA1F1A5A2DC5424B99FAD89F23760CA84089DE49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:55:0d:5b:4a:d0:eb:52:4f:bd:22:2b:a0:5c:
73:b1:bb:24:9e:f1:65:c4:72:ba:f3:ab:5b:46:c6:
30:7d:ef:53:2d:98:bd:f3:09:db:20:c3:ed:bc:d9:
90:f8:d1:97:3a:d7:91:9c:9d:9a:a9:61:53:a7:b0:
7c:22:32:1a:b2:bf:8f:05:e7:81:c9:9d:5b:b5:37:
41:ad:47:6b:d3:51:f1:fa:d3:7a:97:56:b7:19:d4:
dc:59:7c:5e:e6:37:75:6a:d3:1b:02:83:e9:96:df:
30:79:fa:74:a3:43:57:10:9e:77:af:51:4b:b8:90:
dd:18:61:ec:2d:79:c9:e2:3a:04:63:a6:e2:b0:6b:
03:94:28:cb:6f:c3:e3:46:53:8c:a3:f1:1d:1c:50:
fb:7a:e6:b5:42:da:e7:74:1a:8c:7c:30:b9:47:a8:
94:18:64:ee:25:7a:99:6c:02:38:1c:bc:a4:c6:0c:
c0:32:9f:5d:0e:dd:15:75:32:c5:55:e6:b9:88:a1:
e2:0e:3f:f4:87:c9:36:f6:cf:8d:1a:05:63:3a:a8:
15:cb:1e:bf:a8:ef:64:c9:bb:a2:7c:f2:06:a9:66:
90:bb:a4:e3:9e:c7:84:47:91:28:26:41:a3:c6:a1:
2e:6a:e7:a6:3e:27:8b:66:a6:11:d3:d6:8b:71:cc:
68:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1F:1A:5A:2D:C5:42:4B:99:FA:D8:9F:23:76:0C:A8:40:89:DE:49
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/qh8aWi3FQkuZ-tifI3YMqECJ3kk.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.21.92.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:8e:ea:39:28:7d:71:8a:eb:b1:40:6b:7a:c6:2f:70:b4:95:
fe:fe:85:38:cb:78:d4:26:9a:3d:b0:91:e5:a9:5a:55:e5:ea:
33:b2:bc:cc:98:45:c4:f8:06:2f:8e:d7:07:4f:10:02:4a:91:
76:45:67:e1:ea:94:49:85:ee:43:ad:b5:52:11:60:47:bb:e4:
e7:55:d2:af:d6:da:49:dd:20:1a:c9:8a:60:71:81:8b:33:1d:
b8:8e:14:37:a9:89:33:e7:06:3c:82:68:c2:d8:c3:3d:b4:42:
b9:0b:a1:d4:d8:84:9a:a9:c8:b5:2a:52:55:a8:28:9e:a2:a8:
71:1f:0d:60:5a:15:3e:fa:7d:a4:bb:38:00:f5:e4:02:68:ca:
6c:fa:9e:e8:63:66:c8:d5:f2:5a:29:3d:b9:94:3c:fe:ee:87:
82:09:8d:05:58:41:9d:a6:10:11:b8:d0:44:c1:fe:2a:f9:0b:
44:67:60:d7:7d:e7:e0:21:9f:d8:ee:12:db:e0:d9:9b:d1:1a:
16:eb:94:49:93:d2:47:dd:d7:77:1b:ba:64:62:32:d4:0e:df:
0b:d4:70:bf:41:97:9b:04:5c:97:70:8b:6b:3e:86:e2:dd:7a:
a4:ee:ae:fb:5f:87:61:da:5a:c6:80:12:7b:7a:ef:7c:03:87:
68:a3:28:cb
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDeMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMjEyMjkw
OTMxNTlaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEFBMUYxQTVBMkRDNTQy
NEI5OUZBRDg5RjIzNzYwQ0E4NDA4OURFNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmVQ1bStDrUk+9IiugXHOxuySe8WXEcrrzq1tGxjB971MtmL3z
Cdsgw+282ZD40Zc615GcnZqpYVOnsHwiMhqyv48F54HJnVu1N0GtR2vTUfH603qX
VrcZ1NxZfF7mN3Vq0xsCg+mW3zB5+nSjQ1cQnnevUUu4kN0YYewtecniOgRjpuKw
awOUKMtvw+NGU4yj8R0cUPt65rVC2ud0Gox8MLlHqJQYZO4leplsAjgcvKTGDMAy
n10O3RV1MsVV5rmIoeIOP/SHyTb2z40aBWM6qBXLHr+o72TJu6J88gapZpC7pOOe
x4RHkSgmQaPGoS5q56Y+J4tmphHT1otxzGi7AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUqh8aWi3FQkuZ+tifI3YMqECJ3kkwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy9xaDhhV2kzRlFrdVot
dGlmSTNZTXFFQ0oza2sucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAcRVcMA0GCSqGSIb3DQEBCwUAA4IBAQA8juo5KH1xiuuxQGt6xi9wtJX+/oU4
y3jUJpo9sJHlqVpV5eozsrzMmEXE+AYvjtcHTxACSpF2RWfh6pRJhe5DrbVSEWBH
u+TnVdKv1tpJ3SAayYpgcYGLMx24jhQ3qYkz5wY8gmjC2MM9tEK5C6HU2ISaqci1
KlJVqCieoqhxHw1gWhU++n2kuzgA9eQCaMps+p7oY2bI1fJaKT25lDz+7oeCCY0F
WEGdphARuNBEwf4q+QtEZ2DXfefgIZ/Y7hLb4Nmb0RoW65RJk9JH3dd3G7pkYjLU
Dt8L1HC/QZebBFyXcItrPobi3Xqk7q77X4dh2lrGgBJ7eu98A4dooyjL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org