Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/LFh05mGN_7XdZ2Jwvqe3MxgvBBs.roa
File: LFh05mGN_7XdZ2Jwvqe3MxgvBBs.roa (raw, json)
Hash identifier: RQTg4pB3SsInBMPuG2mGdIhd6ceKwjNsg1MUGSnGlNY=
Subject key identifier: 2C:58:74:E6:61:8D:FF:B5:DD:67:62:70:BE:A7:B7:33:18:2F:04:1B
Certificate issuer: /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Certificate serial: 0AE2
Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/LFh05mGN_7XdZ2Jwvqe3MxgvBBs.roa
Signing time: Thu 13 Apr 2023 00:18:16 +0000
ROA not before: Thu 13 Apr 2023 00:18:16 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 396982
IP address blocks: 103.123.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2786 (0xae2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Validity
Not Before: Apr 13 00:18:16 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=2C5874E6618DFFB5DD676270BEA7B733182F041B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c4:6e:9f:e6:bd:48:a3:68:41:35:07:bc:0c:
f0:d2:50:37:88:81:35:69:c0:1d:8d:a2:16:42:6a:
84:19:b0:9c:9a:01:c3:6c:72:14:9a:6d:22:e0:73:
e8:f1:31:01:e4:0d:0a:49:24:df:00:e6:e6:68:53:
b9:33:4d:78:b6:2f:f6:72:b5:17:ae:d5:f7:74:3e:
f1:13:0c:a1:bc:86:85:c3:00:60:22:72:4c:20:78:
0b:46:e1:e8:75:64:ed:f9:a9:53:55:e8:ea:db:ad:
71:4a:c9:7d:d8:a0:ec:b0:78:45:9e:fe:97:89:5d:
95:33:c2:4f:d6:41:24:00:b2:f3:27:66:5b:1e:f7:
9f:54:8d:2b:0f:ca:89:25:42:a9:16:22:f9:17:f3:
b9:95:b0:f8:45:90:96:c8:7e:a7:dd:aa:ae:a2:d1:
dd:d6:ef:3b:77:eb:05:52:8d:22:92:b6:c3:66:99:
f6:29:34:c0:c5:69:4f:24:90:9a:d4:bd:95:54:8d:
f1:b7:f2:7c:4d:4c:ea:6f:8c:81:2f:68:d6:f5:0f:
3d:06:ff:f4:89:be:05:7f:98:71:ca:ad:a2:56:30:
7c:20:c2:73:0d:4e:f1:07:38:c9:e7:68:d3:b4:b4:
ec:75:6e:d8:63:4a:d2:ba:21:21:9c:f7:a0:c1:48:
a3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:58:74:E6:61:8D:FF:B5:DD:67:62:70:BE:A7:B7:33:18:2F:04:1B
X509v3 Authority Key Identifier:
keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/LFh05mGN_7XdZ2Jwvqe3MxgvBBs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.131.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:84:02:76:e3:70:9d:01:e8:4a:34:ac:2f:6b:01:ed:b7:71:
e3:bf:28:15:bd:64:8f:e7:10:5e:fe:2e:85:65:ee:25:58:12:
2c:76:ad:06:07:e7:9f:80:8a:f3:32:18:17:3f:92:40:b0:35:
67:e8:e9:5e:5b:ac:18:80:43:58:b9:60:ea:29:cd:79:54:d7:
6f:c9:ca:4e:e3:f8:ff:cc:f4:96:0f:9b:2f:75:34:e9:cc:8a:
af:ef:97:7f:2f:83:29:e8:a9:66:8b:6e:37:83:8e:e3:d1:62:
e1:fb:eb:2b:7e:57:03:eb:be:7a:ea:8d:ee:74:e5:e9:3f:b3:
4a:02:bd:9f:7e:b4:3e:72:64:24:6c:72:58:76:99:2a:3c:da:
c5:10:2e:40:2a:6b:01:de:10:7c:4a:8f:cd:0a:71:03:ba:a2:
24:e3:56:4d:23:d3:02:66:8f:3c:cf:7f:d1:c9:de:b2:30:fa:
1f:f2:04:dc:f4:2b:7f:cb:ab:92:58:8f:2a:1d:46:6c:d7:a5:
c4:2b:94:bd:58:e7:54:46:c5:22:7c:7c:9b:e2:60:16:7c:0d:
31:7d:ca:95:0a:c1:d3:a6:fa:69:34:91:42:1e:d5:95:3e:a0:
6d:61:05:e1:63:eb:94:a5:5d:37:9b:9f:81:9d:46:e5:bc:79:
53:c8:d6:26
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCuIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF
RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yMzA0MTMw
MDE4MTZaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDJDNTg3NEU2NjE4REZG
QjVERDY3NjI3MEJFQTdCNzMzMTgyRjA0MUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDYxG6f5r1Io2hBNQe8DPDSUDeIgTVpwB2NohZCaoQZsJyaAcNs
chSabSLgc+jxMQHkDQpJJN8A5uZoU7kzTXi2L/ZytReu1fd0PvETDKG8hoXDAGAi
ckwgeAtG4eh1ZO35qVNV6OrbrXFKyX3YoOyweEWe/peJXZUzwk/WQSQAsvMnZlse
959UjSsPyoklQqkWIvkX87mVsPhFkJbIfqfdqq6i0d3W7zt36wVSjSKStsNmmfYp
NMDFaU8kkJrUvZVUjfG38nxNTOpvjIEvaNb1Dz0G//SJvgV/mHHKraJWMHwgwnMN
TvEHOMnnaNO0tOx1bthjStK6ISGc96DBSKM5AgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQULFh05mGN/7XdZ2Jwvqe3MxgvBBswHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc
TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ
Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vTEZoMDVtR05fN1hkWjJK
d3ZxZTNNeGd2QkJzLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
AGd7gzANBgkqhkiG9w0BAQsFAAOCAQEAx4QCduNwnQHoSjSsL2sB7bdx478oFb1k
j+cQXv4uhWXuJVgSLHatBgfnn4CK8zIYFz+SQLA1Z+jpXlusGIBDWLlg6inNeVTX
b8nKTuP4/8z0lg+bL3U06cyKr++Xfy+DKeipZotuN4OO49Fi4fvrK35XA+u+euqN
7nTl6T+zSgK9n360PnJkJGxyWHaZKjzaxRAuQCprAd4QfEqPzQpxA7qiJONWTSPT
AmaPPM9/0cnesjD6H/IE3PQrf8urkliPKh1GbNelxCuUvVjnVEbFInx8m+JgFnwN
MX3KlQrB06b6aTSRQh7VlT6gbWEF4WPrlKVdN5ufgZ1G5bx5U8jWJg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org