Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CKMATES/JTawQaR7QaC-lHTNvuPJyryzEno.roa
File: JTawQaR7QaC-lHTNvuPJyryzEno.roa (raw, json)
Hash identifier: 0E9bGtNv9jdIzSGH+9whgzs+Bp9LngnVW0v0s/mYLnI=
Subject key identifier: 25:36:B0:41:A4:7B:41:A0:BE:94:74:CD:BE:E3:C9:CA:BC:B3:12:7A
Certificate issuer: /CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807
Certificate serial: 0921
Authority key identifier: 5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/JTawQaR7QaC-lHTNvuPJyryzEno.roa
Signing time: Wed 29 Sep 2021 02:52:27 +0000
ROA not before: Wed 29 Sep 2021 02:52:27 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 133747
IP address blocks: 103.119.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2337 (0x921)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5CD10AD5B6A4775D3C504D661071F8CE243E2807
Validity
Not Before: Sep 29 02:52:27 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=2536B041A47B41A0BE9474CDBEE3C9CABCB3127A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:27:6e:e8:3a:db:1f:0e:cf:c1:d9:9c:d0:b5:
9b:7c:cf:6e:37:62:36:d0:e6:fe:17:fe:2e:06:df:
64:dd:1e:60:67:29:bc:8a:20:4d:cc:34:4e:68:d1:
7a:af:86:60:a7:3f:bc:27:2e:70:3f:95:f0:7a:68:
25:95:de:3a:cf:5d:bc:e6:e9:5c:ff:44:fb:40:65:
80:22:b9:3c:2f:c7:24:62:f3:75:59:45:86:db:bd:
fc:91:02:50:21:57:db:0b:18:8d:fc:d5:72:93:18:
8b:e1:28:4b:77:e7:0e:9c:31:a3:82:91:f3:ea:4c:
5d:ed:18:f7:9b:ca:c6:87:94:df:df:28:8d:e2:f3:
6a:45:ff:fa:6c:81:48:69:64:04:c3:89:05:a5:2f:
1c:3e:35:2d:49:7d:af:82:90:30:e4:5c:1a:71:8f:
7a:5a:2f:59:cf:65:a3:fa:ff:eb:e6:19:b6:27:5a:
36:77:2a:68:cc:3f:a6:c2:6d:e1:d7:38:42:c4:95:
59:9b:5c:46:45:14:c0:d3:3c:83:00:28:6c:a4:bc:
c8:df:49:95:de:bd:e5:01:25:a5:5d:81:ea:de:4b:
b0:ae:e6:7c:37:50:e4:0a:73:bc:25:02:e6:85:e0:
fd:40:66:76:ee:59:92:01:39:ad:37:1c:e6:a0:21:
4e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:36:B0:41:A4:7B:41:A0:BE:94:74:CD:BE:E3:C9:CA:BC:B3:12:7A
X509v3 Authority Key Identifier:
keyid:5C:D1:0A:D5:B6:A4:77:5D:3C:50:4D:66:10:71:F8:CE:24:3E:28:07
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/XNEK1bakd108UE1mEHH4ziQ-KAc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/XNEK1bakd108UE1mEHH4ziQ-KAc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CKMATES/JTawQaR7QaC-lHTNvuPJyryzEno.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.119.212.0/22
Signature Algorithm: sha256WithRSAEncryption
64:b6:a6:b8:81:3b:2c:47:bc:7a:5a:a6:43:4c:62:15:d7:46:
01:56:07:63:61:43:fa:f4:10:92:5e:eb:56:7f:cc:8e:86:d3:
52:40:2b:66:d1:0c:64:4a:16:16:91:87:53:66:ee:3f:07:c3:
1c:a1:ac:66:2e:79:31:5c:90:10:f8:3f:b4:d4:d9:bb:44:94:
2b:1b:98:3b:fc:2f:19:91:ac:fe:d0:be:10:32:15:17:9b:0c:
1e:69:74:c1:56:b0:cd:24:51:2f:0b:da:91:ef:3d:e3:10:bf:
83:0e:b7:48:94:8f:c1:70:1f:f4:bd:8a:67:40:58:58:a0:57:
99:79:1d:5a:33:27:b7:33:d5:17:41:cd:1a:1f:68:4a:f5:8b:
39:2d:06:c9:e5:d8:08:00:13:af:7e:12:e2:3e:65:fb:ea:c2:
16:8c:dd:34:5b:97:3a:0c:14:70:f2:3b:be:2f:48:4c:b8:51:
fc:a3:e7:2a:ae:92:9e:30:84:52:26:21:81:e6:cd:04:28:67:
08:37:c8:ed:72:5a:75:a1:eb:2c:e2:1d:57:39:8e:c2:12:df:
86:65:80:36:34:53:1e:46:31:0e:49:e2:7f:ca:d9:ac:8d:b2:
bb:4d:28:88:f2:28:28:eb:4b:1a:ea:a8:9e:20:2c:30:1d:e4:
9a:a2:5f:a5
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCSEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNUNE
MTBBRDVCNkE0Nzc1RDNDNTA0RDY2MTA3MUY4Q0UyNDNFMjgwNzAeFw0yMTA5Mjkw
MjUyMjdaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI1MzZCMDQxQTQ3QjQx
QTBCRTk0NzRDREJFRTNDOUNBQkNCMzEyN0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXJ27oOtsfDs/B2ZzQtZt8z243YjbQ5v4X/i4G32TdHmBnKbyK
IE3MNE5o0XqvhmCnP7wnLnA/lfB6aCWV3jrPXbzm6Vz/RPtAZYAiuTwvxyRi83VZ
RYbbvfyRAlAhV9sLGI381XKTGIvhKEt35w6cMaOCkfPqTF3tGPebysaHlN/fKI3i
82pF//psgUhpZATDiQWlLxw+NS1Jfa+CkDDkXBpxj3paL1nPZaP6/+vmGbYnWjZ3
KmjMP6bCbeHXOELElVmbXEZFFMDTPIMAKGykvMjfSZXeveUBJaVdgereS7Cu5nw3
UOQKc7wlAuaF4P1AZnbuWZIBOa03HOagIU4tAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUJTawQaR7QaC+lHTNvuPJyryzEnowHwYDVR0jBBgwFoAUXNEK1bakd108UE1m
EHH4ziQ+KAcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvQ0tNQVRF
Uy9YTkVLMWJha2QxMDhVRTFtRUhINHppUS1LQWMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1hORUsxYmFrZDEwOFVFMW1FSEg0emlRLUtBYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0NLTUFURVMvSlRhd1FhUjdRYUMtbEhU
TnZ1UEp5cnl6RW5vLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Amd31DANBgkqhkiG9w0BAQsFAAOCAQEAZLamuIE7LEe8elqmQ0xiFddGAVYHY2FD
+vQQkl7rVn/MjobTUkArZtEMZEoWFpGHU2buPwfDHKGsZi55MVyQEPg/tNTZu0SU
KxuYO/wvGZGs/tC+EDIVF5sMHml0wVawzSRRLwvake894xC/gw63SJSPwXAf9L2K
Z0BYWKBXmXkdWjMntzPVF0HNGh9oSvWLOS0GyeXYCAATr34S4j5l++rCFozdNFuX
OgwUcPI7vi9ITLhR/KPnKq6SnjCEUiYhgebNBChnCDfI7XJadaHrLOIdVzmOwhLf
hmWANjRTHkYxDknif8rZrI2yu00oiPIoKOtLGuqoniAsMB3kmqJfpQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:49 2023 by rpki-client on console-ams.rpki-client.org