Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/uVWeU-VYGwmkK6IKBRDUKKbD2jo.roa
File: uVWeU-VYGwmkK6IKBRDUKKbD2jo.roa (raw, json)
Hash identifier: GVDyuwcx3ZPW1+c4lf88+2wZ89MzKjLpZXeP6xhBvYU=
Subject key identifier: B9:55:9E:53:E5:58:1B:09:A4:2B:A2:0A:05:10:D4:28:A6:C3:DA:3A
Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Certificate serial: 0951
Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/uVWeU-VYGwmkK6IKBRDUKKbD2jo.roa
Signing time: Wed 29 Sep 2021 02:39:15 +0000
ROA not before: Wed 29 Sep 2021 02:39:15 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 18042
IP address blocks: 103.123.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2385 (0x951)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Validity
Not Before: Sep 29 02:39:15 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=B9559E53E5581B09A42BA20A0510D428A6C3DA3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:64:36:7b:30:75:6c:38:ce:06:9c:e2:38:05:
7b:a0:82:03:c5:37:2b:da:79:24:29:4e:05:b7:fc:
48:6c:b3:d8:b3:5d:be:19:de:83:07:1c:81:04:3a:
6c:7b:34:53:53:c0:20:08:ee:8d:b2:3c:75:73:71:
09:2c:3e:e9:76:50:91:77:f9:f2:cf:0c:bd:01:d4:
14:6e:76:0f:bb:02:a5:8a:11:98:ce:5d:3f:3b:28:
6e:8c:99:ee:a7:f9:3c:a4:94:b5:55:0c:59:45:be:
45:2c:e5:0b:dc:44:35:05:45:21:a7:a7:86:2a:b9:
81:0d:43:60:a6:9c:c5:2c:ec:80:7b:79:22:91:7d:
2e:ac:ea:8d:d5:80:f3:29:ac:63:f5:76:f1:e0:fd:
4b:12:74:54:1e:7d:3a:26:0d:1e:4b:71:97:ed:4c:
17:52:ed:75:c0:ac:cc:cd:8d:f7:14:b5:e6:0e:e7:
87:47:af:58:78:fb:2b:1a:43:41:e7:e1:14:0f:0e:
ae:19:ce:30:5f:1d:14:82:bf:ad:1c:6a:e7:0a:9f:
d0:e4:d4:ef:98:fe:ef:37:18:82:0a:dc:9e:7b:8b:
dd:5c:b1:48:4a:3f:fa:be:58:d7:4f:fe:df:86:d5:
93:33:b6:6e:48:6b:43:ee:e5:26:36:1d:8a:05:b8:
9a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:55:9E:53:E5:58:1B:09:A4:2B:A2:0A:05:10:D4:28:A6:C3:DA:3A
X509v3 Authority Key Identifier:
keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/uVWeU-VYGwmkK6IKBRDUKKbD2jo.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.188.0/24
Signature Algorithm: sha256WithRSAEncryption
85:e9:29:7a:f0:11:a5:a0:75:df:b4:29:dc:01:1d:57:b1:95:
4b:a5:de:e1:dd:7a:25:76:4b:02:20:58:72:5f:78:e8:b3:27:
a8:34:2b:28:60:4d:c6:23:5e:2d:c2:db:93:23:a3:ad:bc:ff:
d1:f0:c1:58:71:d4:c0:0c:22:45:89:29:2e:e3:ae:d4:65:92:
1f:87:9a:cd:b2:f6:9f:9f:66:38:6c:b1:cf:3f:47:27:f0:be:
c0:8b:a6:b3:b7:63:c4:2b:ca:9c:f2:25:e0:91:51:52:5e:ef:
26:f7:66:2f:e1:67:ff:c1:70:9b:94:fa:6a:56:e2:3b:76:53:
1a:fa:15:5b:b0:21:97:74:c8:c1:fb:d3:14:ca:91:88:45:7f:
6f:0f:b9:b1:f7:1c:03:33:c3:4f:44:bb:43:95:fb:56:88:8a:
66:bd:20:69:ed:00:d9:ef:9f:54:f0:81:47:e0:07:e7:0b:8d:
3b:74:35:0e:ce:d3:f1:8c:c2:ff:47:38:f1:8f:98:5d:a9:d0:
db:48:8b:61:60:ba:ed:e8:5d:ab:04:e5:de:40:67:5b:d1:82:
c0:a2:b3:57:7d:13:64:3f:0e:27:99:12:2e:f4:c8:2d:3c:26:
0c:55:91:3d:d2:16:fc:d7:d0:13:d6:8c:7c:43:3b:61:fe:b8:
3a:39:60:29
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICCVEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2
QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yMTA5Mjkw
MjM5MTVaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEI5NTU5RTUzRTU1ODFC
MDlBNDJCQTIwQTA1MTBENDI4QTZDM0RBM0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFZDZ7MHVsOM4GnOI4BXugggPFNyvaeSQpTgW3/Ehss9izXb4Z
3oMHHIEEOmx7NFNTwCAI7o2yPHVzcQksPul2UJF3+fLPDL0B1BRudg+7AqWKEZjO
XT87KG6Mme6n+TyklLVVDFlFvkUs5QvcRDUFRSGnp4YquYENQ2CmnMUs7IB7eSKR
fS6s6o3VgPMprGP1dvHg/UsSdFQefTomDR5LcZftTBdS7XXArMzNjfcUteYO54dH
r1h4+ysaQ0Hn4RQPDq4ZzjBfHRSCv60caucKn9Dk1O+Y/u83GIIK3J57i91csUhK
P/q+WNdP/t+G1ZMztm5Ia0Pu5SY2HYoFuJqDAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUuVWeU+VYGwmkK6IKBRDUKKbD2jowHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4
TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM
SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFL3VWV2VVLVZZR3dt
a0s2SUtCUkRVS0tiRDJqby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABne7wwDQYJKoZIhvcNAQELBQADggEBAIXpKXrwEaWgdd+0KdwBHVexlUul
3uHdeiV2SwIgWHJfeOizJ6g0KyhgTcYjXi3C25Mjo628/9HwwVhx1MAMIkWJKS7j
rtRlkh+Hms2y9p+fZjhssc8/RyfwvsCLprO3Y8QrypzyJeCRUVJe7yb3Zi/hZ//B
cJuU+mpW4jt2Uxr6FVuwIZd0yMH70xTKkYhFf28PubH3HAMzw09Eu0OV+1aIima9
IGntANnvn1TwgUfgB+cLjTt0NQ7O0/GMwv9HOPGPmF2p0NtIi2Fguu3oXasE5d5A
Z1vRgsCis1d9E2Q/DieZEi70yC08JgxVkT3SFvzX0BPWjHxDO2H+uDo5YCk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:04 2024 by rpki-client on console-ams.rpki-client.org