Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/tNklvVwOo92U98go7GT1YZvUXVE.roa
File: tNklvVwOo92U98go7GT1YZvUXVE.roa (raw, json)
Hash identifier: HPyUv/tXdP+JlrkcfEQr5TKUEABWdVyCHtSouONFnHk=
Subject key identifier: B4:D9:25:BD:5C:0E:A3:DD:94:F7:C8:28:EC:64:F5:61:9B:D4:5D:51
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0F79
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/tNklvVwOo92U98go7GT1YZvUXVE.roa
Signing time: Fri 01 Sep 2023 08:29:11 +0000
ROA not before: Fri 01 Sep 2023 08:29:11 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131600
IP address blocks: 150.117.120.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3961 (0xf79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 1 08:29:11 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=B4D925BD5C0EA3DD94F7C828EC64F5619BD45D51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:eb:4b:95:8c:ce:1c:cc:f2:70:80:65:ff:12:
59:fe:da:3c:3a:76:1b:f7:14:d5:92:16:8d:0c:5f:
e3:02:b4:ea:69:6f:9f:5e:f5:2d:3d:9f:d8:0b:cf:
ef:3b:6e:95:9e:38:51:64:03:e2:3e:00:ed:ce:8a:
88:6b:8e:e5:e4:85:7e:40:cf:6a:13:75:62:bb:e9:
f6:0d:73:54:a1:68:76:e9:af:c2:54:0c:e2:da:78:
6a:87:73:75:51:96:e7:79:3d:9d:fa:04:f9:2d:59:
86:24:5d:73:f2:ba:4c:c2:4d:a6:11:3f:a3:a2:a3:
34:ae:2c:53:68:ce:77:b7:59:1a:97:c9:82:69:e4:
82:5d:b5:aa:05:fc:9e:7f:5e:7a:19:fa:a5:a6:b4:
c5:ef:b6:da:99:ec:e5:d8:24:72:45:f2:db:ed:2e:
eb:5b:7b:c8:25:61:d0:d3:6a:5b:dd:01:48:6c:a9:
44:44:d0:cf:de:fc:ad:50:f4:df:6d:11:11:34:75:
81:62:3d:2d:0a:a8:bf:8f:14:45:32:84:68:36:52:
78:80:23:f1:43:b9:37:36:c3:0b:a3:d0:ce:14:45:
9c:3c:af:8d:52:e2:12:b9:4d:e4:d5:6c:fc:c8:04:
27:d6:97:72:6e:05:ec:2e:9e:d8:65:83:6e:5a:2b:
d9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D9:25:BD:5C:0E:A3:DD:94:F7:C8:28:EC:64:F5:61:9B:D4:5D:51
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/tNklvVwOo92U98go7GT1YZvUXVE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.120.0/21
Signature Algorithm: sha256WithRSAEncryption
64:b9:de:36:63:24:0c:07:ae:0a:4f:4d:25:76:4f:1e:5b:cb:
41:5a:5a:ac:e7:d7:6c:bc:23:20:59:d3:54:97:fd:a2:47:c9:
01:bd:62:43:89:52:5d:4a:ae:10:51:92:35:b9:db:b7:03:09:
1e:ff:94:64:8f:b9:a0:59:a4:69:a2:8c:41:88:9e:1b:c5:85:
e0:f5:72:97:7d:f8:57:0e:d0:d2:74:0b:20:cb:9a:15:68:26:
d4:9f:95:0b:d3:a9:c0:8d:38:72:9b:98:9a:04:69:bd:4e:47:
6d:9a:b7:53:cc:e7:e2:47:bd:e3:36:59:4b:8e:39:47:3e:a3:
1e:8d:75:60:66:d6:03:02:ac:7d:c6:7d:4a:54:d8:cc:dc:b2:
e2:94:1d:97:b5:96:30:14:18:bc:5b:44:37:16:0b:1f:f3:48:
eb:30:3c:c8:a7:ff:79:fb:c5:41:00:54:be:cd:81:99:e8:5a:
eb:22:3a:3b:67:50:1e:76:c5:22:60:14:88:e7:6f:f6:aa:7f:
d1:cd:49:42:e8:5b:41:40:e9:76:14:14:12:3d:5e:10:07:14:
ae:89:d7:22:60:8f:33:07:41:24:ca:b0:d3:cf:19:e0:12:97:
2c:4e:a0:3f:81:7f:9d:69:8b:c0:2f:ca:31:03:6b:4e:4d:a4:
44:67:17:9b
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICD3kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMzA5MDEw
ODI5MTFaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEI0RDkyNUJENUMwRUEz
REQ5NEY3QzgyOEVDNjRGNTYxOUJENDVENTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc60uVjM4czPJwgGX/Eln+2jw6dhv3FNWSFo0MX+MCtOppb59e
9S09n9gLz+87bpWeOFFkA+I+AO3OiohrjuXkhX5Az2oTdWK76fYNc1ShaHbpr8JU
DOLaeGqHc3VRlud5PZ36BPktWYYkXXPyukzCTaYRP6OiozSuLFNozne3WRqXyYJp
5IJdtaoF/J5/XnoZ+qWmtMXvttqZ7OXYJHJF8tvtLutbe8glYdDTalvdAUhsqURE
0M/e/K1Q9N9tERE0dYFiPS0KqL+PFEUyhGg2UniAI/FDuTc2wwuj0M4URZw8r41S
4hK5TeTVbPzIBCfWl3JuBewunthlg25aK9mtAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUtNklvVwOo92U98go7GT1YZvUXVEwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy90TmtsdlZ3T285MlU5
OGdvN0dUMVladlVYVkUucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnV4MA0GCSqGSIb3DQEBCwUAA4IBAQBkud42YyQMB64KT00ldk8eW8tBWlqs
59dsvCMgWdNUl/2iR8kBvWJDiVJdSq4QUZI1udu3Awke/5Rkj7mgWaRpooxBiJ4b
xYXg9XKXffhXDtDSdAsgy5oVaCbUn5UL06nAjThym5iaBGm9TkdtmrdTzOfiR73j
NllLjjlHPqMejXVgZtYDAqx9xn1KVNjM3LLilB2XtZYwFBi8W0Q3Fgsf80jrMDzI
p/95+8VBAFS+zYGZ6FrrIjo7Z1AedsUiYBSI52/2qn/RzUlC6FtBQOl2FBQSPV4Q
BxSuidciYI8zB0EkyrDTzxngEpcsTqA/gX+daYvAL8oxA2tOTaREZxeb
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:38:03 2025 by rpki-client