Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DCT/O6eSwq7j7fs2lXZlYeoryC5UgP0.roa
File: O6eSwq7j7fs2lXZlYeoryC5UgP0.roa (raw, json)
Hash identifier: ECeaza+9xcYxrsQxe0mT7aGtEm7goBjSAZLc/GXpISk=
Subject key identifier: 3B:A7:92:C2:AE:E3:ED:FB:36:95:76:65:61:EA:2B:C8:2E:54:80:FD
Certificate issuer: /CN=9B062D74C7F512F04AE60955C5456FC19755337F
Certificate serial: 0944
Authority key identifier: 9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/O6eSwq7j7fs2lXZlYeoryC5UgP0.roa
Signing time: Wed 29 Sep 2021 02:52:46 +0000
ROA not before: Wed 29 Sep 2021 02:52:46 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131601
IP address blocks: 103.252.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2372 (0x944)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9B062D74C7F512F04AE60955C5456FC19755337F
Validity
Not Before: Sep 29 02:52:46 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=3BA792C2AEE3EDFB3695766561EA2BC82E5480FD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0f:0a:af:e6:c1:ae:50:84:76:e4:a9:1d:db:
be:ca:ee:6b:74:ea:07:1f:02:c9:e9:17:2c:f8:ad:
e5:51:64:c0:b3:42:08:fa:f8:f3:03:18:59:91:ca:
f7:d3:1b:f9:c0:d8:32:b3:ea:32:1e:ce:6c:fb:24:
1f:6d:f9:4a:be:41:9b:9f:53:0d:a6:4c:ce:30:4e:
c0:5b:cc:df:e0:6e:aa:de:9d:9d:21:23:bf:0f:37:
b4:cf:fb:d6:fe:1a:d3:f1:cd:49:49:95:79:0a:aa:
5f:fa:6b:09:b9:ef:aa:7e:32:7f:b3:77:71:58:f7:
c2:ec:56:e3:53:a1:57:31:4b:ec:84:88:c7:9a:34:
15:46:53:dd:a8:1a:a6:fb:cb:7b:9c:07:ec:09:61:
84:ce:e7:17:06:ab:42:e6:98:a6:54:4c:b0:98:aa:
7e:b3:1d:50:91:03:07:16:11:af:33:2b:92:70:fd:
14:f5:13:21:3c:c3:b9:b3:77:5c:e9:d3:3e:d7:08:
70:be:4e:e6:cb:e9:09:b4:72:bf:0e:f8:f8:10:4d:
b0:b9:e9:83:a2:65:dc:8a:8f:8c:c3:1a:58:7b:1c:
fa:3f:bc:a5:c8:18:c5:d0:3f:fc:d4:25:08:58:9c:
69:7a:b6:d8:97:f4:d2:df:e4:7b:69:d3:cd:d5:26:
9d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A7:92:C2:AE:E3:ED:FB:36:95:76:65:61:EA:2B:C8:2E:54:80:FD
X509v3 Authority Key Identifier:
keyid:9B:06:2D:74:C7:F5:12:F0:4A:E6:09:55:C5:45:6F:C1:97:55:33:7F
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/mwYtdMf1EvBK5glVxUVvwZdVM38.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/mwYtdMf1EvBK5glVxUVvwZdVM38.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DCT/O6eSwq7j7fs2lXZlYeoryC5UgP0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.252.196.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:96:1b:e3:f0:87:45:7a:97:82:57:34:01:d9:c1:27:19:d8:
eb:f2:73:69:88:57:83:d3:ea:84:6f:39:da:8e:eb:0b:e9:ff:
43:41:14:a2:93:1f:2c:55:4c:87:0e:4d:6e:b6:74:35:61:41:
38:22:66:fc:ed:88:6c:6a:ed:06:a2:d9:27:88:f9:c7:e3:33:
a5:c4:fa:4a:9e:30:14:c3:fd:80:ff:b1:41:2e:82:9c:0b:91:
d1:91:9a:54:01:f6:c0:c6:6c:7a:04:0f:9e:f4:75:48:75:ff:
ee:ba:0d:66:35:fc:23:50:c4:73:c1:a5:8e:af:8c:3e:3e:97:
dd:84:4d:c8:d7:f2:ad:1f:7e:a9:3c:a3:63:af:65:ce:28:7c:
b5:be:7c:30:ff:ba:3f:65:8b:d7:fb:a4:0f:d2:b5:bf:e4:a4:
1e:57:1c:eb:e4:8e:61:b7:ed:06:b5:e2:d5:c4:a2:f9:94:6e:
f0:49:e5:0e:e3:2f:87:be:f1:1c:17:0c:a3:59:c4:00:27:0f:
74:1e:8b:10:ae:f7:18:06:43:16:c1:a1:75:84:1d:ca:74:cc:
ba:e1:bf:67:6e:e5:45:40:ad:b3:9c:12:a7:52:06:60:b2:9d:
d0:f7:45:92:68:a1:c8:83:ca:07:57:b8:d5:e4:20:b8:51:73:
e7:bd:88:58
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCUQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOUIw
NjJENzRDN0Y1MTJGMDRBRTYwOTU1QzU0NTZGQzE5NzU1MzM3RjAeFw0yMTA5Mjkw
MjUyNDZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDNCQTc5MkMyQUVFM0VE
RkIzNjk1NzY2NTYxRUEyQkM4MkU1NDgwRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDhDwqv5sGuUIR25Kkd277K7mt06gcfAsnpFyz4reVRZMCzQgj6
+PMDGFmRyvfTG/nA2DKz6jIezmz7JB9t+Uq+QZufUw2mTM4wTsBbzN/gbqrenZ0h
I78PN7TP+9b+GtPxzUlJlXkKql/6awm576p+Mn+zd3FY98LsVuNToVcxS+yEiMea
NBVGU92oGqb7y3ucB+wJYYTO5xcGq0LmmKZUTLCYqn6zHVCRAwcWEa8zK5Jw/RT1
EyE8w7mzd1zp0z7XCHC+TubL6Qm0cr8O+PgQTbC56YOiZdyKj4zDGlh7HPo/vKXI
GMXQP/zUJQhYnGl6ttiX9NLf5Htp083VJp3BAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUO6eSwq7j7fs2lXZlYeoryC5UgP0wHwYDVR0jBBgwFoAUmwYtdMf1EvBK5glV
xUVvwZdVM38wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL213
WXRkTWYxRXZCSzVnbFZ4VVZ2d1pkVk0zOC5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
bXdZdGRNZjFFdkJLNWdsVnhVVnZ3WmRWTTM4LmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRENUL082ZVN3cTdqN2ZzMmxYWmxZZW9yeUM1
VWdQMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn/MQwDQYJ
KoZIhvcNAQELBQADggEBAA6WG+Pwh0V6l4JXNAHZwScZ2Ovyc2mIV4PT6oRvOdqO
6wvp/0NBFKKTHyxVTIcOTW62dDVhQTgiZvztiGxq7Qai2SeI+cfjM6XE+kqeMBTD
/YD/sUEugpwLkdGRmlQB9sDGbHoED570dUh1/+66DWY1/CNQxHPBpY6vjD4+l92E
TcjX8q0ffqk8o2OvZc4ofLW+fDD/uj9li9f7pA/Stb/kpB5XHOvkjmG37Qa14tXE
ovmUbvBJ5Q7jL4e+8RwXDKNZxAAnD3QeixCu9xgGQxbBoXWEHcp0zLrhv2du5UVA
rbOcEqdSBmCyndD3RZJoociDygdXuNXkILhRc+e9iFg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:32:47 2025 by rpki-client