Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zsXhwiPC5K1rAJWFTYSV0ct2CsY.roa
File: zsXhwiPC5K1rAJWFTYSV0ct2CsY.roa (raw, json)
Hash identifier: sdKd22KM84nKoMHgFm0+u0RsW1yJ6a9dgcQByWpOozs=
Subject key identifier: CE:C5:E1:C2:23:C2:E4:AD:6B:00:95:85:4D:84:95:D1:CB:76:0A:C6
Certificate issuer: /CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Certificate serial: 09D5
Authority key identifier: 2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zsXhwiPC5K1rAJWFTYSV0ct2CsY.roa
Signing time: Thu 07 Jan 2021 01:39:06 +0000
ROA not before: Thu 07 Jan 2021 01:39:06 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 17408
IP address blocks: 150.116.0.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2517 (0x9d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2F0F46D3FF6FED73093DD95B98950433910CFD76
Validity
Not Before: Jan 7 01:39:06 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=CEC5E1C223C2E4AD6B0095854D8495D1CB760AC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:db:4a:94:f7:11:bc:6e:54:e1:01:67:fb:2d:
2a:58:25:88:42:20:ee:09:25:19:8f:3c:1b:bf:18:
2d:f3:27:2e:0f:e2:26:26:a9:a1:27:67:e1:15:26:
b9:04:ac:bd:15:97:33:95:18:78:f6:0f:d1:bd:12:
a2:c2:4f:4c:7b:ba:87:a8:5d:15:c7:3d:b0:68:af:
4c:ba:f0:9b:49:03:f2:5e:25:88:dc:71:ab:4c:d1:
20:5f:80:7b:c3:c7:93:88:3f:c6:fa:f4:7b:76:d7:
02:71:d3:93:5e:26:6a:e9:7a:05:4d:6a:9c:45:1f:
37:98:49:24:27:f9:a1:22:55:b0:c6:b2:b2:59:3c:
f0:1e:ae:82:fc:8f:ac:3e:0a:e7:26:e9:c8:f3:00:
a5:32:56:fc:ae:ae:a0:54:19:1a:99:38:47:b2:24:
0e:0a:c8:44:c3:a3:70:64:7e:a6:a1:c8:b2:7f:9f:
dc:21:65:24:4b:c1:55:db:61:48:7b:5c:00:a3:ff:
1a:2c:35:50:e4:fe:cf:a8:5d:ca:02:44:b2:89:d7:
5b:6a:cb:46:ed:4d:ac:19:9b:85:26:fc:4c:53:79:
1a:70:1b:f4:b9:df:c9:c4:10:00:3f:b1:a7:7a:e4:
80:be:7c:61:7f:f5:7a:ac:09:f6:82:50:25:bc:f5:
45:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:C5:E1:C2:23:C2:E4:AD:6B:00:95:85:4D:84:95:D1:CB:76:0A:C6
X509v3 Authority Key Identifier:
keyid:2F:0F:46:D3:FF:6F:ED:73:09:3D:D9:5B:98:95:04:33:91:0C:FD:76
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/Lw9G0_9v7XMJPdlbmJUEM5EM_XY.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHIEF-TW/zsXhwiPC5K1rAJWFTYSV0ct2CsY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
150.116.0.0/21
Signature Algorithm: sha256WithRSAEncryption
27:ea:93:5a:86:79:22:bf:8f:e8:bd:59:bc:df:d3:d8:05:78:
ab:ac:96:af:ab:e2:ea:7b:7e:44:d1:49:f2:99:fa:92:1e:27:
6e:92:37:d8:a8:ec:89:32:c6:97:90:6c:98:f9:b5:66:ae:1c:
27:3e:95:1e:d5:1e:e8:e8:5a:9a:36:ee:83:63:78:c3:19:8f:
45:72:98:82:2b:01:ca:40:52:32:6c:5a:3f:e5:d3:6b:b8:79:
84:0d:b4:7f:87:09:02:04:ca:32:87:a6:58:fe:ba:cf:f5:89:
be:3d:ba:2d:80:ac:7b:b1:d6:e2:06:10:a2:93:67:a6:62:aa:
78:a9:11:f5:0d:6e:f9:ef:ea:53:e6:4e:54:ff:50:a9:b5:32:
07:14:65:d8:5e:d5:7a:ce:a2:01:d5:1a:cd:c8:c2:a6:5a:96:
64:b4:ae:f6:ae:2c:e2:cb:68:32:ed:ad:6e:dc:de:9f:b8:db:
e5:eb:1b:a6:7e:7e:0a:d3:de:af:8a:24:88:e6:cc:96:87:3b:
a0:24:4c:ad:07:cd:87:6e:62:a6:3e:f7:81:f6:cc:85:64:59:
f1:94:91:e2:05:c0:b7:16:ae:8c:e9:41:fa:37:d5:b7:0a:43:
15:e0:66:6c:52:40:85:89:8f:ec:6a:94:3d:61:81:56:46:6f:
9f:37:b6:1d
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCdUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkYw
RjQ2RDNGRjZGRUQ3MzA5M0REOTVCOTg5NTA0MzM5MTBDRkQ3NjAeFw0yMTAxMDcw
MTM5MDZaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKENFQzVFMUMyMjNDMkU0
QUQ2QjAwOTU4NTREODQ5NUQxQ0I3NjBBQzYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCa20qU9xG8blThAWf7LSpYJYhCIO4JJRmPPBu/GC3zJy4P4iYm
qaEnZ+EVJrkErL0VlzOVGHj2D9G9EqLCT0x7uoeoXRXHPbBor0y68JtJA/JeJYjc
catM0SBfgHvDx5OIP8b69Ht21wJx05NeJmrpegVNapxFHzeYSSQn+aEiVbDGsrJZ
PPAeroL8j6w+Cucm6cjzAKUyVvyurqBUGRqZOEeyJA4KyETDo3BkfqahyLJ/n9wh
ZSRLwVXbYUh7XACj/xosNVDk/s+oXcoCRLKJ11tqy0btTawZm4Um/ExTeRpwG/S5
38nEEAA/sad65IC+fGF/9XqsCfaCUCW89UULAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUzsXhwiPC5K1rAJWFTYSV0ct2CsYwHwYDVR0jBBgwFoAULw9G0/9v7XMJPdlb
mJUEM5EM/XYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJRUYt
VFcvTHc5RzBfOXY3WE1KUGRsYm1KVUVNNUVNX1hZLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9MdzlHMF85djdYTUpQZGxibUpVRU01RU1fWFkuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DSElFRi1UVy96c1hod2lQQzVLMXJB
SldGVFlTVjBjdDJDc1kucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDlnQAMA0GCSqGSIb3DQEBCwUAA4IBAQAn6pNahnkiv4/ovVm839PYBXirrJav
q+Lqe35E0UnymfqSHidukjfYqOyJMsaXkGyY+bVmrhwnPpUe1R7o6FqaNu6DY3jD
GY9FcpiCKwHKQFIybFo/5dNruHmEDbR/hwkCBMoyh6ZY/rrP9Ym+PbotgKx7sdbi
BhCik2emYqp4qRH1DW757+pT5k5U/1CptTIHFGXYXtV6zqIB1RrNyMKmWpZktK72
riziy2gy7a1u3N6fuNvl6xumfn4K096viiSI5syWhzugJEytB82HbmKmPveB9syF
ZFnxlJHiBcC3Fq6M6UH6N9W3CkMV4GZsUkCFiY/sapQ9YYFWRm+fN7Yd
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org