Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/xjOjn7sj6D0E50KQ5CPOIpj3dEo.roa
File: xjOjn7sj6D0E50KQ5CPOIpj3dEo.roa (raw, json)
Hash identifier: BJH2+3FtnlYSMZtjD2BrMMn43p77DhJ6AmwC+5MAlvo=
Subject key identifier: C6:33:A3:9F:BB:23:E8:3D:04:E7:42:90:E4:23:CE:22:98:F7:74:4A
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 0C3B
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/xjOjn7sj6D0E50KQ5CPOIpj3dEo.roa
Signing time: Wed 29 Sep 2021 02:39:11 +0000
ROA not before: Wed 29 Sep 2021 02:39:11 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9831
IP address blocks: 203.163.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3131 (0xc3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Sep 29 02:39:11 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=C633A39FBB23E83D04E74290E423CE2298F7744A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bc:1f:92:cc:31:01:d4:bf:f8:f9:93:48:b1:
d0:8c:e2:0c:c0:ac:05:2f:60:31:68:35:2e:e2:35:
e1:d9:fd:83:0d:d7:09:07:bb:1d:09:de:86:8e:6f:
4f:55:10:eb:74:c3:80:f4:47:cb:a9:fa:bc:a9:c4:
65:03:75:fa:3c:65:9a:20:b2:d6:e3:6c:5d:e3:2c:
61:8c:d3:ec:0e:bd:14:cb:f7:c5:20:9c:96:b8:d1:
d8:1e:df:db:6e:26:1b:0f:06:28:0b:4a:92:6d:f6:
d8:81:42:52:72:49:c1:c3:89:71:66:16:54:7c:11:
22:73:6b:9c:de:f3:e1:29:2c:41:b4:28:12:2b:f9:
78:bc:84:b5:f8:ef:66:df:01:41:ac:f7:5a:96:e7:
21:5b:a8:9c:05:03:9d:c9:fd:0a:94:32:31:c7:84:
41:2d:74:41:d5:5d:e3:cf:1c:ee:3a:b8:fd:17:4b:
81:25:6b:3f:8e:10:6b:3b:3b:1f:d3:3f:3c:d3:02:
91:01:f3:28:be:79:39:33:02:9c:5d:4f:7e:8e:30:
75:99:41:2f:ca:f9:e7:2a:a3:22:be:c1:a7:16:e1:
b4:36:3a:18:3c:0b:ff:39:f6:95:e9:60:eb:83:2c:
70:60:ab:2a:f7:3a:68:f1:e3:bb:d0:d8:cb:d7:4c:
61:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:33:A3:9F:BB:23:E8:3D:04:E7:42:90:E4:23:CE:22:98:F7:74:4A
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/xjOjn7sj6D0E50KQ5CPOIpj3dEo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
203.163.201.0/24
Signature Algorithm: sha256WithRSAEncryption
83:6c:64:af:07:c3:2e:42:eb:8f:c7:52:b9:78:5c:f9:2f:61:
f7:d7:ce:0e:1d:80:7e:5d:80:1a:aa:4a:f8:4c:0a:ee:54:29:
3c:8a:32:d9:7c:d2:a9:bd:39:c9:4d:fe:53:39:e0:92:40:9c:
24:65:63:03:a9:e3:c4:54:b9:72:4c:8a:8c:c0:d8:39:a2:12:
12:05:0f:98:39:34:39:c6:9b:5d:8f:7e:ad:cb:80:fa:1e:81:
30:00:4f:05:fd:c1:15:a7:ea:dd:14:5a:15:b5:ea:e3:61:5e:
9a:cd:31:a1:8d:39:99:2d:a4:b2:75:bf:5a:40:ba:07:eb:0c:
a6:7f:68:a6:e7:dd:8f:b7:b3:1e:51:8c:22:3b:f5:76:57:08:
10:16:e7:0c:69:a0:eb:dd:4d:18:bc:e1:df:41:fc:69:3a:d1:
fd:bd:97:29:cd:08:c6:f0:8b:51:ad:61:53:c7:3e:63:4d:64:
6b:06:c5:c0:38:b8:da:43:e6:20:f1:b5:8d:d0:a9:7b:f0:33:
12:44:7a:ec:5c:91:7b:78:4a:6e:36:e1:69:0d:65:8e:00:10:
6d:f6:9a:d8:d2:36:96:cd:7a:79:2e:ff:e4:fb:43:33:71:81:
ce:33:0d:41:35:5b:89:de:1b:12:e8:0b:66:7d:5f:0b:c5:6d:
bc:52:d5:98
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICDDswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTA5Mjkw
MjM5MTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEM2MzNBMzlGQkIyM0U4
M0QwNEU3NDI5MEU0MjNDRTIyOThGNzc0NEEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAvB+SzDEB1L/4+ZNIsdCM4gzArAUvYDFoNS7iNeHZ/YMN1wkH
ux0J3oaOb09VEOt0w4D0R8up+rypxGUDdfo8ZZogstbjbF3jLGGM0+wOvRTL98Ug
nJa40dge39tuJhsPBigLSpJt9tiBQlJyScHDiXFmFlR8ESJza5ze8+EpLEG0KBIr
+Xi8hLX472bfAUGs91qW5yFbqJwFA53J/QqUMjHHhEEtdEHVXePPHO46uP0XS4El
az+OEGs7Ox/TPzzTApEB8yi+eTkzApxdT36OMHWZQS/K+ecqoyK+wacW4bQ2Ohg8
C/859pXpYOuDLHBgqyr3Omjx47vQ2MvXTGHfAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUxjOjn7sj6D0E50KQ5CPOIpj3dEowHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy94ak9qbjdzajZEMEU1
MEtRNUNQT0lwajNkRW8ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAy6PJMA0GCSqGSIb3DQEBCwUAA4IBAQCDbGSvB8MuQuuPx1K5eFz5L2H3184O
HYB+XYAaqkr4TAruVCk8ijLZfNKpvTnJTf5TOeCSQJwkZWMDqePEVLlyTIqMwNg5
ohISBQ+YOTQ5xptdj36ty4D6HoEwAE8F/cEVp+rdFFoVterjYV6azTGhjTmZLaSy
db9aQLoH6wymf2im592Pt7MeUYwiO/V2VwgQFucMaaDr3U0YvOHfQfxpOtH9vZcp
zQjG8ItRrWFTxz5jTWRrBsXAOLjaQ+Yg8bWN0Kl78DMSRHrsXJF7eEpuNuFpDWWO
ABBt9prY0jaWzXp5Lv/k+0MzcYHOMw1BNVuJ3hsS6AtmfV8LxW28UtWY
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:26:21 2025 by rpki-client