Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/kGjM3zz9XGzjQX4TVn2Lcuu9wY0.roa
File: kGjM3zz9XGzjQX4TVn2Lcuu9wY0.roa (raw, json)
Hash identifier: JG4NcemKKS/CZJbC8m1c6nSvfCn7V38OiDnx6RmaNiU=
Subject key identifier: 90:68:CC:DF:3C:FD:5C:6C:E3:41:7E:13:56:7D:8B:72:EB:BD:C1:8D
Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Certificate serial: 0771
Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/kGjM3zz9XGzjQX4TVn2Lcuu9wY0.roa
Signing time: Tue 29 Sep 2020 10:02:44 +0000
ROA not before: Tue 29 Sep 2020 10:02:44 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.123.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1905 (0x771)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Validity
Not Before: Sep 29 10:02:44 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=9068CCDF3CFD5C6CE3417E13567D8B72EBBDC18D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a2:9a:14:63:de:d2:82:a5:3d:52:33:07:da:
25:f4:c6:73:ee:d8:92:f7:44:c9:c6:b2:ac:8f:83:
85:5c:8c:29:f3:68:81:23:db:ab:85:d6:56:5b:7d:
88:28:53:81:7e:d8:37:8e:6d:ce:0f:18:c8:29:82:
99:f5:b8:e8:19:1c:6c:69:a6:72:fc:c8:de:3b:d4:
64:ab:76:cf:4f:da:a3:d3:11:32:de:ec:8f:a3:fe:
25:a7:92:67:d0:61:31:9b:d2:a3:96:e5:84:cc:c4:
a2:53:f1:fd:76:60:b8:aa:9c:4b:b4:32:b3:fb:21:
9f:a7:be:e2:fe:0a:a8:e4:f9:5c:59:43:99:49:0e:
a2:3d:e1:93:fc:3b:af:62:53:3a:8c:09:84:44:cd:
a9:3b:4b:ff:61:b0:f9:25:e7:b9:03:da:f5:ea:8a:
e2:e5:58:2a:3b:83:63:a9:2d:d7:ac:05:70:ab:0a:
0b:d5:73:66:d3:24:87:37:27:2b:24:78:56:86:3a:
65:ca:16:0a:0c:93:83:9e:31:34:59:ba:4d:1e:99:
ae:f9:92:67:5d:c9:28:6d:f7:5f:bc:21:da:af:7e:
4d:73:aa:35:12:49:45:e4:1c:f1:17:63:f5:48:69:
ad:57:a7:50:78:08:89:d4:1f:79:9a:12:cc:f2:08:
22:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:68:CC:DF:3C:FD:5C:6C:E3:41:7E:13:56:7D:8B:72:EB:BD:C1:8D
X509v3 Authority Key Identifier:
keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/kGjM3zz9XGzjQX4TVn2Lcuu9wY0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.189.0/24
Signature Algorithm: sha256WithRSAEncryption
49:3f:9c:fa:10:4a:e8:a0:74:a6:67:b1:38:97:d9:b2:db:a4:
6f:3e:3d:1e:10:e6:ab:ba:e2:f8:d3:45:27:e7:35:6b:51:e6:
72:89:2c:c8:48:ea:ec:42:92:8a:84:8d:ed:9f:f7:46:17:25:
70:5b:b6:83:2c:2d:79:ad:b0:d3:e2:52:72:7d:39:67:ba:dc:
7a:92:fc:53:7d:2c:0a:86:94:7e:54:2b:35:14:2a:64:35:2b:
cb:14:6e:cd:e6:c6:20:48:e0:a6:2e:82:e7:a8:a7:96:c1:a8:
0d:11:29:f6:1d:92:2a:ec:d9:0d:a0:65:a2:16:48:34:d0:43:
c4:78:b4:de:ef:20:22:b8:63:fa:3d:53:1c:d6:69:2a:71:1a:
2d:f8:23:8c:01:fe:d7:96:6c:96:c7:11:72:06:c5:4e:fd:b4:
7b:ff:0a:70:35:e4:b1:e7:18:b0:62:9a:85:35:41:9a:54:e6:
42:08:b5:eb:80:52:8b:ea:e2:73:98:9c:43:99:9b:50:3e:59:
84:7d:bf:99:6f:da:c8:67:d7:e3:95:1e:ec:da:ba:66:05:9d:
20:5a:3d:a1:8e:10:a5:a7:5d:00:30:12:12:fd:12:46:17:a4:
6b:89:9d:cc:22:ef:cb:d7:57:fe:fe:b1:fb:5d:45:76:a8:fd:
0b:e7:70:75
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICB3EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2
QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yMDA5Mjkx
MDAyNDRaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDkwNjhDQ0RGM0NGRDVD
NkNFMzQxN0UxMzU2N0Q4QjcyRUJCREMxOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/opoUY97SgqU9UjMH2iX0xnPu2JL3RMnGsqyPg4VcjCnzaIEj
26uF1lZbfYgoU4F+2DeObc4PGMgpgpn1uOgZHGxppnL8yN471GSrds9P2qPTETLe
7I+j/iWnkmfQYTGb0qOW5YTMxKJT8f12YLiqnEu0MrP7IZ+nvuL+Cqjk+VxZQ5lJ
DqI94ZP8O69iUzqMCYREzak7S/9hsPkl57kD2vXqiuLlWCo7g2OpLdesBXCrCgvV
c2bTJIc3JyskeFaGOmXKFgoMk4OeMTRZuk0ema75kmddySht91+8Idqvfk1zqjUS
SUXkHPEXY/VIaa1Xp1B4CInUH3maEszyCCL5AgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUkGjM3zz9XGzjQX4TVn2Lcuu9wY0wHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4
TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM
SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFL2tHak0zeno5WEd6
alFYNFRWbjJMY3V1OXdZMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABne70wDQYJKoZIhvcNAQELBQADggEBAEk/nPoQSuigdKZnsTiX2bLbpG8+
PR4Q5qu64vjTRSfnNWtR5nKJLMhI6uxCkoqEje2f90YXJXBbtoMsLXmtsNPiUnJ9
OWe63HqS/FN9LAqGlH5UKzUUKmQ1K8sUbs3mxiBI4KYugueop5bBqA0RKfYdkirs
2Q2gZaIWSDTQQ8R4tN7vICK4Y/o9UxzWaSpxGi34I4wB/teWbJbHEXIGxU79tHv/
CnA15LHnGLBimoU1QZpU5kIIteuAUovq4nOYnEOZm1A+WYR9v5lv2shn1+OVHuza
umYFnSBaPaGOEKWnXQAwEhL9EkYXpGuJncwi78vXV/7+sftdRXao/QvncHU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org