Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCT/Jytky8NCMi2kNFW8sfoND0Vilv0.roa
File: Jytky8NCMi2kNFW8sfoND0Vilv0.roa (raw, json)
Hash identifier: d1k4kL4cgdn6ekHfe1P+5s0tSt8vK5/Bj6DnSn0YB9A=
Subject key identifier: 27:2B:64:CB:C3:42:32:2D:A4:34:55:BC:B1:FA:0D:0F:45:62:96:FD
Certificate issuer: /CN=9B062D74C7F512F04AE60955C5456FC19755337F
Certificate serial: 0B29
Authority key identifier: 9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/Jytky8NCMi2kNFW8sfoND0Vilv0.roa
Signing time: Fri 01 Sep 2023 08:34:44 +0000
ROA not before: Fri 01 Sep 2023 08:34:44 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 131601
IP address blocks: 114.29.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2857 (0xb29)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B062D74C7F512F04AE60955C5456FC19755337F
Validity
Not Before: Sep 1 08:34:44 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=272B64CBC342322DA43455BCB1FA0D0F456296FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:77:e0:77:0b:d7:86:22:7f:ee:bb:60:7c:64:
a6:3d:25:5d:62:6c:52:00:d4:cc:c1:24:0d:f7:8b:
8c:50:e1:a3:1e:d3:63:4b:17:aa:ca:4e:0f:4b:75:
78:1d:bd:d9:8e:4f:07:3d:6d:68:cf:1a:00:fb:3e:
53:88:a2:dc:21:07:0e:74:79:e8:12:59:94:ba:3d:
d6:66:d8:4a:b2:80:1c:3c:64:c7:59:1f:5e:9e:2d:
6e:29:a9:2e:ea:93:b2:04:bd:e9:3c:1c:b0:78:aa:
74:df:0b:b4:2a:86:ce:7a:f0:53:e7:8b:13:af:3d:
b5:ec:18:67:5e:75:4f:f1:c9:cf:58:ed:f7:f9:d9:
35:42:fb:33:01:f2:16:1e:6b:7a:49:1b:9d:6a:25:
8f:00:de:d2:62:a1:44:54:fd:3e:d9:0f:df:61:58:
29:13:6b:99:0b:e5:ae:c8:00:de:c7:34:25:a2:7c:
f4:fd:22:70:7d:49:61:c5:4a:b6:c3:4e:b6:4d:f3:
6f:96:20:f0:87:b8:53:60:0b:ad:5c:4e:60:66:6e:
ee:cf:b8:42:eb:3a:f9:ba:12:20:1e:d7:f4:e1:b2:
a0:a5:76:06:0a:bd:c6:91:a3:04:f1:a8:dc:93:50:
fc:0c:30:59:50:a3:2e:45:9d:d5:c5:7b:1a:2c:57:
9c:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:2B:64:CB:C3:42:32:2D:A4:34:55:BC:B1:FA:0D:0F:45:62:96:FD
X509v3 Authority Key Identifier:
keyid:9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/Jytky8NCMi2kNFW8sfoND0Vilv0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.29.244.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:bd:69:fc:57:41:55:c3:63:18:17:4d:b3:c2:d0:ac:89:5d:
df:92:21:c0:59:2d:93:cb:5f:b8:64:02:14:4c:c1:12:1b:3b:
98:67:c7:fd:ad:05:f4:8d:93:89:1a:51:0c:86:f6:6c:dd:b1:
92:ea:fc:a3:22:11:f1:06:69:ac:16:53:77:80:7e:09:58:5f:
e7:22:48:a4:0f:b9:71:9c:51:be:9b:b9:68:3b:2b:2e:9f:3d:
e1:ae:25:fe:63:af:7e:c6:2a:9d:15:3e:eb:4a:b8:e8:c2:ab:
a8:ad:69:28:34:f5:2a:4e:9e:c0:00:01:bb:c1:e6:45:26:90:
3e:82:97:e1:4c:07:a3:dd:e4:24:d3:58:ae:15:0e:ca:62:42:
82:e7:f2:7f:19:81:e0:d1:d7:be:84:0e:8e:34:8b:bf:5b:67:
ae:bd:d1:25:82:88:40:51:56:fd:e5:60:2d:2e:e8:cc:a7:37:
2b:0c:0a:36:44:91:ec:00:dd:a2:38:ce:8e:cb:54:ea:d0:f6:
0c:99:0d:3b:85:92:2e:33:28:b4:6d:1f:64:f8:6d:f2:4d:83:
0c:85:07:f2:3e:08:05:99:ba:55:4d:69:b2:6e:10:0f:97:a7:
80:b7:8c:ac:e9:c6:75:e3:27:91:ed:5c:7c:52:c6:99:5d:2a:
55:7e:c8:f5
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCykwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUIw
NjJENzRDN0Y1MTJGMDRBRTYwOTU1QzU0NTZGQzE5NzU1MzM3RjAeFw0yMzA5MDEw
ODM0NDRaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDI3MkI2NENCQzM0MjMy
MkRBNDM0NTVCQ0IxRkEwRDBGNDU2Mjk2RkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdd+B3C9eGIn/uu2B8ZKY9JV1ibFIA1MzBJA33i4xQ4aMe02NL
F6rKTg9LdXgdvdmOTwc9bWjPGgD7PlOIotwhBw50eegSWZS6PdZm2EqygBw8ZMdZ
H16eLW4pqS7qk7IEvek8HLB4qnTfC7Qqhs568FPnixOvPbXsGGdedU/xyc9Y7ff5
2TVC+zMB8hYea3pJG51qJY8A3tJioURU/T7ZD99hWCkTa5kL5a7IAN7HNCWifPT9
InB9SWHFSrbDTrZN82+WIPCHuFNgC61cTmBmbu7PuELrOvm6EiAe1/ThsqCldgYK
vcaRowTxqNyTUPwMMFlQoy5FndXFexosV5y/AgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUJytky8NCMi2kNFW8sfoND0Vilv0wHwYDVR0jBBgwFoAUmwYtdMf1EvBK5glV
xUVvwZdVM38wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL213
WXRkTWYxRXZCSzVnbFZ4VVZ2d1pkVk0zOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bXdZdGRNZjFFdkJLNWdsVnhVVnZ3WmRWTTM4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL0p5dGt5OE5DTWkya05GVzhzZm9ORDBW
aWx2MC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJyHfQwDQYJ
KoZIhvcNAQELBQADggEBALi9afxXQVXDYxgXTbPC0KyJXd+SIcBZLZPLX7hkAhRM
wRIbO5hnx/2tBfSNk4kaUQyG9mzdsZLq/KMiEfEGaawWU3eAfglYX+ciSKQPuXGc
Ub6buWg7Ky6fPeGuJf5jr37GKp0VPutKuOjCq6itaSg09SpOnsAAAbvB5kUmkD6C
l+FMB6Pd5CTTWK4VDspiQoLn8n8ZgeDR176EDo40i79bZ6690SWCiEBRVv3lYC0u
6MynNysMCjZEkewA3aI4zo7LVOrQ9gyZDTuFki4zKLRtH2T4bfJNgwyFB/I+CAWZ
ulVNabJuEA+Xp4C3jKzpxnXjJ5HtXHxSxpldKlV+yPU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:22:00 2025 by rpki-client