Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/xjJZehimNXnNcyKoMzeHRLc0t-o.roa
File: xjJZehimNXnNcyKoMzeHRLc0t-o.roa (raw, json)
Hash identifier: ZqmrERJHt1tvXgnOSt0rsY/KK0uPBp1ZfmVlo+4sNeE=
Subject key identifier: C6:32:59:7A:18:A6:35:79:CD:73:22:A8:33:37:87:44:B7:34:B7:EA
Certificate issuer: /CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Certificate serial: 08B1
Authority key identifier: 89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/xjJZehimNXnNcyKoMzeHRLc0t-o.roa
Signing time: Sun 07 Feb 2021 12:40:50 +0000
ROA not before: Sun 07 Feb 2021 12:40:50 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9924
IP address blocks: 103.123.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2225 (0x8b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896AD0B5160979FEAC50C6384CBFC162D403E78D
Validity
Not Before: Feb 7 12:40:50 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C632597A18A63579CD7322A833378744B734B7EA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c4:25:a8:db:da:ed:5d:9b:4b:ae:54:c4:73:
0f:8a:6a:c3:c2:2e:1a:b3:4d:ff:0c:51:d9:91:73:
b9:58:5a:a0:96:f4:f9:fa:e7:f0:7e:c7:79:f9:c6:
bc:60:5f:1c:10:a9:e5:17:d8:80:f8:5f:41:89:a1:
30:c1:12:95:c4:3c:ef:72:31:00:8c:bb:9a:63:bd:
29:7f:2a:9a:27:33:c7:cd:f1:9f:5d:0c:cb:de:bd:
5b:80:12:96:84:47:43:21:a4:b7:bd:7c:e8:8c:10:
64:10:a5:65:67:88:92:b8:d0:99:ab:a0:c5:ea:6c:
76:af:55:b7:01:75:38:0b:f3:8d:94:03:28:d9:13:
88:fc:13:18:43:da:5a:65:0a:e7:c3:c1:14:b8:ed:
50:7d:4a:60:f5:96:58:ee:03:0d:8f:02:1d:da:f1:
88:6e:b3:cc:99:e3:8c:43:9f:0d:98:19:ce:07:fc:
8f:63:54:2a:69:10:0c:66:d6:a2:3e:52:dd:1d:f9:
6d:e6:6c:25:10:39:27:4a:3a:47:c6:9f:0d:21:14:
5c:74:f9:84:fb:03:8f:62:d2:9c:ff:0d:6f:27:1e:
34:d3:da:42:5b:bc:82:4f:8b:44:b3:d2:2f:ec:a5:
41:07:a8:e3:28:57:21:a0:75:5a:11:80:3d:3f:2f:
f5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:32:59:7A:18:A6:35:79:CD:73:22:A8:33:37:87:44:B7:34:B7:EA
X509v3 Authority Key Identifier:
keyid:89:6A:D0:B5:16:09:79:FE:AC:50:C6:38:4C:BF:C1:62:D4:03:E7:8D
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/iWrQtRYJef6sUMY4TL_BYtQD540.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/iWrQtRYJef6sUMY4TL_BYtQD540.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CHINALIFE/xjJZehimNXnNcyKoMzeHRLc0t-o.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.190.0/24
Signature Algorithm: sha256WithRSAEncryption
37:ea:62:81:dd:08:b4:20:c5:9e:1d:df:a4:01:56:e0:ff:65:
83:63:8b:72:6d:8a:09:9d:21:50:fe:9e:da:db:77:6a:88:86:
75:0f:a9:f1:ba:ea:3d:ed:55:55:80:90:76:d8:2d:be:48:e9:
64:d6:d1:40:6b:59:33:94:fd:e3:02:78:24:39:2f:31:35:ad:
6f:71:01:03:9a:3a:d3:a0:e2:09:d8:55:fa:f8:e8:10:ec:b3:
cc:25:02:1b:99:39:54:33:be:f2:44:5c:66:bb:6f:2b:c5:a7:
0b:51:0d:ca:bd:b7:9c:9d:2a:82:e8:a4:9a:bc:4d:5c:f2:b0:
f1:3c:f4:16:34:4b:50:4c:44:3c:cc:31:b3:17:da:17:0d:57:
a7:ae:d0:f5:ee:6a:64:a2:f0:12:a3:dd:df:cf:b0:16:0b:1c:
0d:41:c4:19:65:06:2d:c0:27:ef:96:05:88:b4:1b:10:55:dc:
ca:49:9d:17:d1:83:ca:6c:72:c8:a7:62:f1:22:46:96:c6:8f:
72:d0:61:f7:2b:92:48:c3:13:7e:75:81:fe:40:32:6d:4e:57:
ab:8d:fd:a3:6c:72:10:16:3f:26:e0:1d:05:8d:04:bf:30:5e:
df:f4:b5:9b:f3:f6:02:ba:c6:4f:e9:07:27:95:f3:d2:05:71:
b3:8a:13:09
-----BEGIN CERTIFICATE-----
MIIE2DCCA8CgAwIBAgICCLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoODk2
QUQwQjUxNjA5NzlGRUFDNTBDNjM4NENCRkMxNjJENDAzRTc4RDAeFw0yMTAyMDcx
MjQwNTBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM2MzI1OTdBMThBNjM1
NzlDRDczMjJBODMzMzc4NzQ0QjczNEI3RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDexCWo29rtXZtLrlTEcw+KasPCLhqzTf8MUdmRc7lYWqCW9Pn6
5/B+x3n5xrxgXxwQqeUX2ID4X0GJoTDBEpXEPO9yMQCMu5pjvSl/KponM8fN8Z9d
DMvevVuAEpaER0MhpLe9fOiMEGQQpWVniJK40JmroMXqbHavVbcBdTgL842UAyjZ
E4j8ExhD2lplCufDwRS47VB9SmD1lljuAw2PAh3a8Yhus8yZ44xDnw2YGc4H/I9j
VCppEAxm1qI+Ut0d+W3mbCUQOSdKOkfGnw0hFFx0+YT7A49i0pz/DW8nHjTT2kJb
vIJPi0Sz0i/spUEHqOMoVyGgdVoRgD0/L/XdAgMBAAGjggH0MIIB8DAdBgNVHQ4E
FgQUxjJZehimNXnNcyKoMzeHRLc0t+owHwYDVR0jBBgwFoAUiWrQtRYJef6sUMY4
TL/BYtQD540wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBfBgNVHR8EWDBWMFSg
UqBQhk5yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFM
SUZFL2lXclF0UllKZWY2c1VNWTRUTF9CWXRRRDU0MC5jcmwwYAYIKwYBBQUHAQEE
VDBSMFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RX
TklDQ0EvaVdyUXRSWUplZjZzVU1ZNFRMX0JZdFFENTQwLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZ8GCCsGAQUFBwELBIGSMIGPMFoGCCsGAQUFBzALhk5yc3luYzovL3Jw
a2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0hJTkFMSUZFL3hqSlplaGltTlhu
TmN5S29NemVIUkxjMHQtby5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50
d25pYy50dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABne74wDQYJKoZIhvcNAQELBQADggEBADfqYoHdCLQgxZ4d36QBVuD/ZYNj
i3JtigmdIVD+ntrbd2qIhnUPqfG66j3tVVWAkHbYLb5I6WTW0UBrWTOU/eMCeCQ5
LzE1rW9xAQOaOtOg4gnYVfr46BDss8wlAhuZOVQzvvJEXGa7byvFpwtRDcq9t5yd
KoLopJq8TVzysPE89BY0S1BMRDzMMbMX2hcNV6eu0PXuamSi8BKj3d/PsBYLHA1B
xBllBi3AJ++WBYi0GxBV3MpJnRfRg8pscsinYvEiRpbGj3LQYfcrkkjDE351gf5A
Mm1OV6uN/aNschAWPybgHQWNBL8wXt/0tZvz9gK6xk/pByeV89IFcbOKEwk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org