Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/vFeajVQhcmF-py0U8-hX6Z59ZlY.roa
File: vFeajVQhcmF-py0U8-hX6Z59ZlY.roa (raw, json)
Hash identifier: Ni+GVBQ8CDnLXfku00CE3U/PEIg2zOkutXgG8qBAC8k=
Subject key identifier: BC:57:9A:8D:54:21:72:61:7E:A7:2D:14:F3:E8:57:E9:9E:7D:66:56
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0AA2
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/vFeajVQhcmF-py0U8-hX6Z59ZlY.roa
Signing time: Sun 07 Feb 2021 11:50:42 +0000
ROA not before: Sun 07 Feb 2021 11:50:42 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131607
IP address blocks: 150.117.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2722 (0xaa2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Feb 7 11:50:42 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=BC579A8D542172617EA72D14F3E857E99E7D6656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f2:1b:f0:c4:37:d6:82:1c:a3:f4:54:36:16:
78:e0:6a:e9:92:97:8a:36:c4:64:d1:d4:7e:1d:16:
48:b0:de:14:27:b9:0c:e7:ee:37:1b:de:84:14:9d:
40:6b:d5:ca:6c:4f:7f:7a:e9:c2:58:7d:d9:a3:2d:
3f:86:44:d5:9c:c7:69:f4:68:d1:d7:23:b9:07:5a:
39:54:8e:80:d3:ab:ca:d8:89:b8:13:92:95:e1:8a:
1f:b3:66:2e:d4:74:db:6c:a3:a2:b9:06:7f:9c:22:
d8:24:5a:3b:05:a1:82:93:b0:aa:71:18:6a:6d:f2:
65:5f:63:75:d3:b0:f4:6e:16:f6:e2:46:fa:e0:28:
23:16:cc:35:a2:31:e8:7f:c0:ad:3b:cf:11:1d:33:
db:85:73:cd:d1:0d:84:75:ed:70:5c:21:49:7f:fe:
dc:e9:1a:8c:dc:7d:f8:43:07:2f:7a:89:68:2c:2c:
a8:d8:7e:0a:91:c3:6e:4a:17:32:ff:17:1c:b5:43:
33:63:06:52:f8:16:45:3e:43:1e:d5:5e:96:87:f2:
d1:45:d5:af:17:cd:37:21:ff:ef:63:86:cf:3e:db:
f2:c2:96:d9:dc:18:52:0e:08:8b:c2:1e:db:1a:89:
8a:73:f1:da:eb:c7:91:6d:09:1b:c8:e5:f9:c4:59:
e5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:57:9A:8D:54:21:72:61:7E:A7:2D:14:F3:E8:57:E9:9E:7D:66:56
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/vFeajVQhcmF-py0U8-hX6Z59ZlY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.117.168.0/21
Signature Algorithm: sha256WithRSAEncryption
16:5b:5d:8a:fe:a0:ad:9f:c2:af:0a:15:70:1f:39:e5:95:fb:
2a:e7:fb:e7:24:a9:0b:aa:b0:00:d7:d2:b4:b8:69:7f:e4:c5:
ee:d6:e0:76:2b:ea:84:cf:a1:c0:d4:33:9b:a5:33:8d:43:1e:
d2:ec:28:8b:7b:f1:41:1f:06:85:4e:e6:0d:ba:e7:66:07:90:
6f:6d:41:a4:b1:91:55:a5:b1:b7:24:80:c0:8e:aa:b3:5d:5c:
c7:ab:8b:d2:f7:28:5e:94:47:af:bf:2d:b9:56:83:d9:86:76:
47:0f:c5:8f:9b:0b:72:73:5c:53:b1:81:a0:0f:a5:b0:48:dc:
69:a8:88:0f:4c:19:d7:3f:3a:2c:9a:23:31:9b:2e:33:41:bc:
31:a1:75:05:87:ff:fb:85:68:fd:40:95:74:01:82:a9:fb:8c:
7d:0c:c0:25:40:4c:72:ec:74:0f:fd:94:d9:24:92:bc:70:79:
03:0c:a3:df:f4:44:dd:a9:ff:05:ec:b2:2e:b0:02:c1:dd:9f:
16:a4:98:d2:2c:00:40:61:cc:a7:aa:1f:64:0e:fc:1a:23:e2:
06:c6:45:7e:8b:eb:3f:01:36:5d:22:47:a0:ee:48:4e:c9:34:
5b:48:94:57:78:54:44:35:58:b5:dd:7f:9f:b4:03:a8:32:68:
90:bd:28:2e
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCqIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTAyMDcx
MTUwNDJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEJDNTc5QThENTQyMTcy
NjE3RUE3MkQxNEYzRTg1N0U5OUU3RDY2NTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCv8hvwxDfWghyj9FQ2FnjgaumSl4o2xGTR1H4dFkiw3hQnuQzn
7jcb3oQUnUBr1cpsT3966cJYfdmjLT+GRNWcx2n0aNHXI7kHWjlUjoDTq8rYibgT
kpXhih+zZi7UdNtso6K5Bn+cItgkWjsFoYKTsKpxGGpt8mVfY3XTsPRuFvbiRvrg
KCMWzDWiMeh/wK07zxEdM9uFc83RDYR17XBcIUl//tzpGozcffhDBy96iWgsLKjY
fgqRw25KFzL/Fxy1QzNjBlL4FkU+Qx7VXpaH8tFF1a8XzTch/+9jhs8+2/LCltnc
GFIOCIvCHtsaiYpz8drrx5FtCRvI5fnEWeXDAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUvFeajVQhcmF+py0U8+hX6Z59ZlYwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy92RmVhalZRaGNtRi1w
eTBVOC1oWDZaNTlabFkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnWoMA0GCSqGSIb3DQEBCwUAA4IBAQAWW12K/qCtn8KvChVwHznllfsq5/vn
JKkLqrAA19K0uGl/5MXu1uB2K+qEz6HA1DObpTONQx7S7CiLe/FBHwaFTuYNuudm
B5BvbUGksZFVpbG3JIDAjqqzXVzHq4vS9yhelEevvy25VoPZhnZHD8WPmwtyc1xT
sYGgD6WwSNxpqIgPTBnXPzosmiMxmy4zQbwxoXUFh//7hWj9QJV0AYKp+4x9DMAl
QExy7HQP/ZTZJJK8cHkDDKPf9ETdqf8F7LIusALB3Z8WpJjSLABAYcynqh9kDvwa
I+IGxkV+i+s/ATZdIkeg7khOyTRbSJRXeFRENVi13X+ftAOoMmiQvSgu
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:14:58 2025 by rpki-client