Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/CWTW/NDFnBxo_R7an9B7NtRvMkXhCpug.roa
File: NDFnBxo_R7an9B7NtRvMkXhCpug.roa (raw, json)
Hash identifier: NA/343a15baQMZO12mqw41+Lc6Hxaxc9RyNzvhXyJao=
Subject key identifier: 34:31:67:07:1A:3F:47:B6:A7:F4:1E:CD:B5:1B:CC:91:78:42:A6:E8
Certificate issuer: /CN=996D67023ED27754ACB1B568433D4376C88200F5
Certificate serial: 5B
Authority key identifier: 99:6D:67:02:3E:D2:77:54:AC:B1:B5:68:43:3D:43:76:C8:82:00:F5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mW1nAj7Sd1SssbVoQz1DdsiCAPU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/CWTW/NDFnBxo_R7an9B7NtRvMkXhCpug.roa
Signing time: Wed 21 Jul 2021 08:23:40 +0000
ROA not before: Wed 21 Jul 2021 08:23:40 +0000
ROA not after: Fri 18 Mar 2022 08:28:02 +0000
asID: 131273
IP address blocks: 103.161.78.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91 (0x5b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996D67023ED27754ACB1B568433D4376C88200F5
Validity
Not Before: Jul 21 08:23:40 2021 GMT
Not After : Mar 18 08:28:02 2022 GMT
Subject: CN=343167071A3F47B6A7F41ECDB51BCC917842A6E8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:87:76:22:3c:0a:8f:85:01:45:db:56:fb:41:
f9:67:e2:73:a4:ba:f7:3e:ec:01:44:fc:d7:53:72:
d7:d5:46:69:f7:28:45:2a:c1:05:86:4f:b0:23:6e:
55:de:e6:16:03:54:2a:87:9b:4d:83:42:e7:42:0e:
5c:0b:65:2b:a8:fd:a1:f0:90:14:d3:fa:99:d3:5f:
9d:52:c0:85:96:dc:ea:2a:3f:5c:d6:ca:70:ce:45:
23:f1:e5:08:e0:38:d9:61:e3:7c:c8:25:8b:6b:18:
d7:a4:9f:0d:ca:af:55:54:20:52:36:6b:ef:6c:e3:
d0:67:d6:84:72:15:66:24:38:13:ca:c9:37:3f:e7:
4f:5d:2e:29:e2:0f:d5:ff:01:f7:15:e8:15:bf:bd:
c0:c5:97:5b:09:cd:10:67:57:d6:a5:66:e3:b7:26:
dd:96:12:cc:de:24:f8:60:b0:db:be:7d:c9:d5:60:
9a:ff:5f:95:04:94:65:49:7f:82:90:79:54:57:d0:
f8:3c:4e:dd:1c:46:ab:02:fa:53:c4:8c:b5:46:55:
56:68:46:19:09:64:98:55:71:a7:43:fb:31:a5:4c:
86:53:d0:c4:34:03:d4:76:b5:be:a4:56:5e:3f:b1:
fd:18:62:08:6f:c1:29:87:05:e4:78:d9:4b:5f:6a:
32:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:31:67:07:1A:3F:47:B6:A7:F4:1E:CD:B5:1B:CC:91:78:42:A6:E8
X509v3 Authority Key Identifier:
keyid:99:6D:67:02:3E:D2:77:54:AC:B1:B5:68:43:3D:43:76:C8:82:00:F5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CWTW/mW1nAj7Sd1SssbVoQz1DdsiCAPU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mW1nAj7Sd1SssbVoQz1DdsiCAPU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/CWTW/NDFnBxo_R7an9B7NtRvMkXhCpug.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.161.78.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:c0:77:53:21:b6:00:82:23:6c:08:8f:5d:c7:ad:ef:96:d7:
a2:4f:ed:6e:05:fc:c1:90:06:d7:d8:d1:a9:43:9e:f6:39:ae:
15:45:ef:27:3e:d0:7d:32:e9:ae:20:6a:bd:43:34:46:15:a3:
82:82:2f:ca:b8:06:66:1f:5e:db:7f:3e:7c:23:61:7e:09:bd:
0b:8a:88:6a:9d:fe:c0:9f:22:47:7b:9e:e4:9b:c4:04:07:65:
1f:e1:cc:48:e0:13:6d:2f:e8:2c:06:05:e8:a0:01:bf:35:4b:
77:e0:63:29:d2:85:22:d9:d3:d9:ec:3b:f9:b1:ac:78:d4:fb:
43:b9:08:9a:62:04:28:86:9c:88:86:2d:5d:c6:ef:42:2a:0d:
11:97:aa:6c:18:10:e5:f6:30:c2:03:fa:ac:21:4c:99:b7:cd:
b7:27:f3:73:1b:7a:a1:4a:8b:ae:dc:86:05:b2:27:0b:b1:4d:
a5:bb:ce:eb:ec:c6:48:35:b9:ee:72:ba:8b:b8:51:f0:67:2c:
bb:6c:67:fb:24:0a:53:17:ab:97:35:1d:f9:d9:71:48:d2:5b:
e8:c3:36:64:a5:7c:38:58:e6:e2:6a:db:98:41:cc:96:0d:56:
79:56:72:d4:6a:9c:1a:e2:79:43:c6:05:19:4b:d2:99:a1:90:
26:00:a8:d1
-----BEGIN CERTIFICATE-----
MIIEzTCCA7WgAwIBAgIBWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5OTZE
NjcwMjNFRDI3NzU0QUNCMUI1Njg0MzNENDM3NkM4ODIwMEY1MB4XDTIxMDcyMTA4
MjM0MFoXDTIyMDMxODA4MjgwMlowMzExMC8GA1UEAxMoMzQzMTY3MDcxQTNGNDdC
NkE3RjQxRUNEQjUxQkNDOTE3ODQyQTZFODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKyHdiI8Co+FAUXbVvtB+Wfic6S69z7sAUT811Ny19VGafcoRSrB
BYZPsCNuVd7mFgNUKoebTYNC50IOXAtlK6j9ofCQFNP6mdNfnVLAhZbc6io/XNbK
cM5FI/HlCOA42WHjfMgli2sY16SfDcqvVVQgUjZr72zj0GfWhHIVZiQ4E8rJNz/n
T10uKeIP1f8B9xXoFb+9wMWXWwnNEGdX1qVm47cm3ZYSzN4k+GCw2759ydVgmv9f
lQSUZUl/gpB5VFfQ+DxO3RxGqwL6U8SMtUZVVmhGGQlkmFVxp0P7MaVMhlPQxDQD
1Ha1vqRWXj+x/RhiCG/BKYcF5HjZS19qMnECAwEAAaOCAeowggHmMB0GA1UdDgQW
BBQ0MWcHGj9Htqf0Hs21G8yReEKm6DAfBgNVHSMEGDAWgBSZbWcCPtJ3VKyxtWhD
PUN2yIIA9TAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFoGA1UdHwRTMFEwT6BN
oEuGSXJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9DV1RXL21X
MW5BajdTZDFTc3NiVm9RejFEZHNpQ0FQVS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bVcxbkFqN1NkMVNzc2JWb1F6MURkc2lDQVBVLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZoGCCsGAQUFBwELBIGNMIGKMFUGCCsGAQUFBzALhklyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvQ1dUVy9OREZuQnhvX1I3YW45QjdOdFJ2TWtY
aENwdWcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcvcnJk
cC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6FOMA0G
CSqGSIb3DQEBCwUAA4IBAQBdwHdTIbYAgiNsCI9dx63vlteiT+1uBfzBkAbX2NGp
Q572Oa4VRe8nPtB9MumuIGq9QzRGFaOCgi/KuAZmH17bfz58I2F+Cb0Liohqnf7A
nyJHe57km8QEB2Uf4cxI4BNtL+gsBgXooAG/NUt34GMp0oUi2dPZ7Dv5sax41PtD
uQiaYgQohpyIhi1dxu9CKg0Rl6psGBDl9jDCA/qsIUyZt823J/NzG3qhSouu3IYF
sicLsU2lu87r7MZINbnucrqLuFHwZyy7bGf7JApTF6uXNR352XFI0lvowzZkpXw4
WObiatuYQcyWDVZ5VnLUapwa4nlDxgUZS9KZoZAmAKjR
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org