Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/9BZO9y-IStJV-A-p8pzIP3PBCdI.roa
File: 9BZO9y-IStJV-A-p8pzIP3PBCdI.roa (raw, json)
Hash identifier: IYM57fVwXIPi1ePZnk3y9q6ZQvRuNyNxIEcOm1r7ngE=
Subject key identifier: F4:16:4E:F7:2F:88:4A:D2:55:F8:0F:A9:F2:9C:C8:3F:73:C1:09:D2
Certificate issuer: /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Certificate serial: 0A52
Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/9BZO9y-IStJV-A-p8pzIP3PBCdI.roa
Signing time: Thu 15 Sep 2022 02:38:37 +0000
ROA not before: Thu 15 Sep 2022 02:38:37 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 134823
IP address blocks: 103.123.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2642 (0xa52)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Validity
Not Before: Sep 15 02:38:37 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=F4164EF72F884AD255F80FA9F29CC83F73C109D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f7:e9:28:6c:82:05:7d:41:31:42:83:cf:01:
f7:03:5f:0b:75:43:e3:fc:ee:40:27:7a:d9:ec:8d:
62:f1:5a:90:bf:c6:61:55:d5:8b:93:da:f1:d4:5c:
25:aa:d1:0b:6a:71:9a:db:27:fa:67:7c:70:7e:58:
4b:52:14:68:7c:c4:d2:b1:32:41:3f:10:82:b7:ff:
7d:e3:fb:3e:c2:0d:57:d7:a8:35:4a:29:f6:10:ce:
49:64:06:58:59:97:6b:1a:d7:1a:51:38:df:e2:a8:
82:5f:20:2d:55:e4:be:10:4b:7e:32:71:2a:61:77:
aa:17:e1:91:38:45:ec:21:b7:e5:e1:d1:63:13:2b:
60:bb:31:7d:d9:c8:36:ec:aa:5b:f1:31:58:00:42:
6d:c1:34:e6:47:7e:f3:8e:61:90:28:80:ec:c2:33:
db:eb:36:ab:8f:ea:13:de:99:ee:b4:e4:2c:6d:34:
a3:d1:e3:8e:8c:c8:30:4c:32:ab:29:cd:b2:2c:3d:
81:e7:8a:3e:9e:31:ee:e9:14:f6:53:ae:44:0d:57:
6d:c6:79:85:c2:72:21:6a:5e:a7:ff:26:8d:21:27:
5a:92:c6:ea:40:5d:c6:fc:8b:30:dc:be:27:74:62:
d3:04:b4:be:a4:45:48:ab:b6:bd:3b:e4:67:9a:cf:
f2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:16:4E:F7:2F:88:4A:D2:55:F8:0F:A9:F2:9C:C8:3F:73:C1:09:D2
X509v3 Authority Key Identifier:
keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/9BZO9y-IStJV-A-p8pzIP3PBCdI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.128.0/22
Signature Algorithm: sha256WithRSAEncryption
79:d0:73:65:2f:b3:07:b3:f9:83:8a:b4:87:07:19:76:1b:62:
9a:93:2f:7b:d2:c7:52:2f:18:1a:b1:17:6e:57:5a:8c:df:d3:
78:e1:32:9b:b7:1a:11:0e:9d:ca:88:3a:5a:69:92:e2:09:d2:
6c:3e:d6:b8:b8:f3:42:ea:9a:4e:2c:47:1f:76:77:8a:99:cc:
91:d6:f9:28:14:1e:c6:ef:33:6c:eb:8b:1c:06:1e:28:5b:77:
87:14:c2:4d:ac:d0:54:3b:5a:f6:2d:64:81:2f:43:eb:af:e6:
7a:3a:6c:90:47:32:f0:d1:88:bf:8e:d9:20:0b:45:c1:5c:fd:
90:51:be:1d:c0:37:33:5f:05:72:4e:b8:a6:ad:ae:29:57:51:
d4:18:a5:ad:c0:62:ea:51:03:cb:84:1f:fe:76:e6:4b:f3:20:
04:3e:b8:8c:44:bd:92:c3:fa:a8:44:8d:ca:2d:d3:74:b0:ff:
ea:1b:61:21:2d:dd:c5:c0:39:c3:3d:5c:54:73:c1:2f:e2:81:
82:06:b9:4e:00:a6:a9:1f:d7:81:11:98:6a:b0:b6:91:3e:39:
f1:d6:8b:cc:ce:4c:be:6c:70:4c:da:5f:92:72:17:ec:81:cf:
7b:69:30:db:cf:d8:c6:7f:2a:a8:6a:33:33:28:ac:3b:df:7f:
10:c4:20:21
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICClIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF
RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yMjA5MTUw
MjM4MzdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEY0MTY0RUY3MkY4ODRB
RDI1NUY4MEZBOUYyOUNDODNGNzNDMTA5RDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCh9+kobIIFfUExQoPPAfcDXwt1Q+P87kAnetnsjWLxWpC/xmFV
1YuT2vHUXCWq0QtqcZrbJ/pnfHB+WEtSFGh8xNKxMkE/EIK3/33j+z7CDVfXqDVK
KfYQzklkBlhZl2sa1xpRON/iqIJfIC1V5L4QS34ycSphd6oX4ZE4Rewht+Xh0WMT
K2C7MX3ZyDbsqlvxMVgAQm3BNOZHfvOOYZAogOzCM9vrNquP6hPeme605CxtNKPR
446MyDBMMqspzbIsPYHnij6eMe7pFPZTrkQNV23GeYXCciFqXqf/Jo0hJ1qSxupA
Xcb8izDcvid0YtMEtL6kRUirtr075Geaz/IvAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQU9BZO9y+IStJV+A+p8pzIP3PBCdIwHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc
TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ
Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vOUJaTzl5LUlTdEpWLUEt
cDhweklQM1BCQ2RJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Amd7gDANBgkqhkiG9w0BAQsFAAOCAQEAedBzZS+zB7P5g4q0hwcZdhtimpMve9LH
Ui8YGrEXbldajN/TeOEym7caEQ6dyog6WmmS4gnSbD7WuLjzQuqaTixHH3Z3ipnM
kdb5KBQexu8zbOuLHAYeKFt3hxTCTazQVDta9i1kgS9D66/mejpskEcy8NGIv47Z
IAtFwVz9kFG+HcA3M18Fck64pq2uKVdR1BilrcBi6lEDy4Qf/nbmS/MgBD64jES9
ksP6qESNyi3TdLD/6hthIS3dxcA5wz1cVHPBL+KBgga5TgCmqR/XgRGYarC2kT45
8daLzM5MvmxwTNpfknIX7IHPe2kw28/Yxn8qqGozMyisO99/EMQgIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org