Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/0nSaU0xJWXUJoz48AygR6894PEQ.roa
File: 0nSaU0xJWXUJoz48AygR6894PEQ.roa (raw, json)
Hash identifier: gJ2U/mbLDl2hKubHsarnSbJ2O9OKiWv2ER8gk8TgwfY=
Subject key identifier: D2:74:9A:53:4C:49:59:75:09:A3:3E:3C:03:28:11:EB:CF:78:3C:44
Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Certificate serial: 08AF
Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/0nSaU0xJWXUJoz48AygR6894PEQ.roa
Signing time: Sun 07 Feb 2021 12:40:48 +0000
ROA not before: Sun 07 Feb 2021 12:40:48 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.123.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2223 (0x8af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Validity
Not Before: Feb 7 12:40:48 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=D2749A534C49597509A33E3C032811EBCF783C44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4a:1e:70:f4:e4:dd:b2:42:c4:ba:e2:11:1b:
77:46:96:eb:31:95:ff:d4:97:79:f9:92:9a:ab:a2:
2e:86:5b:d1:d7:26:f1:51:1c:6c:0a:b5:ba:2a:41:
20:40:61:2f:19:10:29:b0:0c:b3:c1:ba:85:76:9e:
31:bc:41:5a:bb:78:5b:85:e0:06:eb:ec:45:5c:56:
f6:63:50:42:68:fd:3d:48:87:d4:7a:a5:30:80:9d:
b1:1b:4f:df:a6:5b:61:1a:86:0a:59:84:aa:e7:9a:
ed:2f:79:fd:43:0f:2b:ed:9c:40:f4:8b:25:c7:80:
a4:bc:b6:b2:4d:05:2c:6c:7f:de:41:3a:ae:63:ab:
05:76:bd:7c:28:c1:82:98:ff:ff:23:43:39:e5:79:
12:49:09:61:a3:b8:78:52:84:34:e1:93:09:f8:3f:
75:47:8f:88:a9:e6:43:62:da:35:07:47:ab:b1:3a:
24:03:05:d4:5a:21:38:24:43:36:10:d5:cf:c2:be:
86:4e:24:fc:55:74:39:a8:3c:2f:0d:ee:4e:d9:5c:
77:08:fc:a6:cd:b9:8d:c0:bf:2f:a4:cd:65:07:bd:
79:9a:39:84:76:77:f1:47:4a:66:02:b2:6c:ed:cb:
b1:d1:73:9f:fd:8e:d7:ab:e3:5d:55:6b:23:a0:1b:
34:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:74:9A:53:4C:49:59:75:09:A3:3E:3C:03:28:11:EB:CF:78:3C:44
X509v3 Authority Key Identifier:
keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/0nSaU0xJWXUJoz48AygR6894PEQ.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.189.0/24
Signature Algorithm: sha256WithRSAEncryption
72:30:5c:5a:1f:b4:02:5b:e6:36:f5:99:fb:85:7f:13:68:73:
65:4a:49:dc:e1:57:41:cd:4b:27:4f:6c:79:f5:c7:39:be:bf:
e6:59:d9:5b:20:5e:17:1b:11:c3:e7:2e:ed:90:ea:4a:46:43:
cf:bb:e4:78:0b:2c:df:2a:f0:81:91:f8:72:07:6f:d0:ae:b0:
a1:56:70:d8:9f:09:3a:2e:78:e4:1b:83:89:ee:28:5b:e0:34:
3a:da:a0:c0:21:c0:ef:77:24:cf:31:43:fe:84:49:aa:63:61:
66:37:45:31:ac:16:39:49:be:ca:df:07:22:7b:e9:00:ad:50:
45:db:06:6e:a6:26:c6:29:f5:d9:7d:f6:b1:18:d5:fe:09:8d:
96:97:ea:33:65:57:a6:5d:44:87:d6:ef:91:08:20:6e:6e:83:
1e:72:0b:20:7f:93:65:66:e3:f5:c6:27:5b:7e:72:de:94:e9:
7a:f4:6b:de:e9:87:cd:61:52:67:d5:8b:8f:2e:dc:62:b9:b3:
4b:4d:41:38:70:95:13:ef:43:ea:c1:69:3a:8f:fa:58:61:48:
3d:c8:75:23:b4:44:dd:1f:27:49:9b:f0:cf:49:9e:79:4f:ec:
c8:21:1f:13:e1:3b:78:48:06:25:d5:00:8f:1e:5f:15:d3:fa:
68:ee:f7:c5
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICCK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2
QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yMTAyMDcx
MjQwNDhaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEQyNzQ5QTUzNEM0OTU5
NzUwOUEzM0UzQzAzMjgxMUVCQ0Y3ODNDNDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeSh5w9OTdskLEuuIRG3dGlusxlf/Ul3n5kpqroi6GW9HXJvFR
HGwKtboqQSBAYS8ZECmwDLPBuoV2njG8QVq7eFuF4Abr7EVcVvZjUEJo/T1Ih9R6
pTCAnbEbT9+mW2EahgpZhKrnmu0vef1DDyvtnED0iyXHgKS8trJNBSxsf95BOq5j
qwV2vXwowYKY//8jQznleRJJCWGjuHhShDThkwn4P3VHj4ip5kNi2jUHR6uxOiQD
BdRaITgkQzYQ1c/CvoZOJPxVdDmoPC8N7k7ZXHcI/KbNuY3Avy+kzWUHvXmaOYR2
d/FHSmYCsmzty7HRc5/9jter411VayOgGzTXAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQU0nSaU0xJWXUJoz48AygR6894PEQwHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4
TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM
SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFLzBuU2FVMHhKV1hV
Sm96NDhBeWdSNjg5NFBFUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABne70wDQYJKoZIhvcNAQELBQADggEBAHIwXFoftAJb5jb1mfuFfxNoc2VK
SdzhV0HNSydPbHn1xzm+v+ZZ2VsgXhcbEcPnLu2Q6kpGQ8+75HgLLN8q8IGR+HIH
b9CusKFWcNifCToueOQbg4nuKFvgNDraoMAhwO93JM8xQ/6ESapjYWY3RTGsFjlJ
vsrfByJ76QCtUEXbBm6mJsYp9dl99rEY1f4JjZaX6jNlV6ZdRIfW75EIIG5ugx5y
CyB/k2Vm4/XGJ1t+ct6U6Xr0a97ph81hUmfVi48u3GK5s0tNQThwlRPvQ+rBaTqP
+lhhSD3IdSO0RN0fJ0mb8M9JnnlP7MghHxPhO3hIBiXVAI8eXxXT+mju98U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org