Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/Sbm2i--Lvim9NpeYIXMi2jtsx6Y.roa
File: Sbm2i--Lvim9NpeYIXMi2jtsx6Y.roa (raw, json)
Hash identifier: rH3s2lp4IBevYP8bJqlwfmgdumuq4m/shbnjb7ByHOw=
Subject key identifier: 49:B9:B6:8B:EF:8B:BE:29:BD:36:97:98:21:73:22:DA:3B:6C:C7:A6
Certificate issuer: /CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Certificate serial: 0AE5
Authority key identifier: A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/Sbm2i--Lvim9NpeYIXMi2jtsx6Y.roa
Signing time: Thu 13 Apr 2023 00:18:17 +0000
ROA not before: Thu 13 Apr 2023 00:18:17 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131662
IP address blocks: 103.123.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2789 (0xae5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A6ED14DB12101A125D3112DC4CC5602D30D8B477
Validity
Not Before: Apr 13 00:18:17 2023 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=49B9B68BEF8BBE29BD369798217322DA3B6CC7A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:24:47:46:82:53:e8:ad:06:51:8e:1c:11:76:
3f:14:07:cf:ed:0a:f6:62:41:66:9c:ca:89:a3:c1:
f7:d3:d9:5e:be:c1:24:bc:b2:ff:7e:8e:32:98:af:
a0:a2:4f:53:be:34:1a:ba:34:40:2d:fb:c0:0b:4d:
ee:85:d4:80:77:ce:96:7b:b7:85:9c:90:25:93:de:
bd:13:a6:83:c5:5e:84:f7:34:4b:51:36:22:f8:53:
1b:2a:fb:fb:1d:78:78:45:4d:63:f5:68:ea:97:c9:
88:4c:2c:4a:ee:95:f8:83:fe:ce:fe:b7:92:c1:af:
01:5b:17:bd:6b:98:d0:58:60:93:2a:97:de:f5:4d:
14:2c:1c:cd:8b:9c:6b:55:b9:98:fe:6c:f2:05:19:
97:70:09:5f:fe:72:bc:0c:b1:42:02:d0:db:27:86:
f1:8e:18:0a:a3:ef:68:35:10:6b:18:7f:99:0a:ec:
87:5c:b7:7b:cb:bc:4f:0c:e9:40:77:aa:b4:7e:9d:
8d:3d:10:85:d3:c3:43:7b:95:c2:be:16:da:71:fc:
84:86:35:7b:21:f0:c8:39:4d:f2:1f:4c:83:f3:ea:
a9:09:cd:a7:09:e3:6c:2f:38:98:38:86:7d:1d:1c:
33:29:0a:fb:16:43:d3:66:d8:9f:f1:7f:89:14:8e:
9c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B9:B6:8B:EF:8B:BE:29:BD:36:97:98:21:73:22:DA:3B:6C:C7:A6
X509v3 Authority Key Identifier:
keyid:A6:ED:14:DB:12:10:1A:12:5D:31:12:DC:4C:C5:60:2D:30:D8:B4:77
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/pu0U2xIQGhJdMRLcTMVgLTDYtHc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/pu0U2xIQGhJdMRLcTMVgLTDYtHc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DENPAIO/Sbm2i--Lvim9NpeYIXMi2jtsx6Y.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.123.128.0/22
Signature Algorithm: sha256WithRSAEncryption
98:9b:48:76:1b:01:b1:1e:72:86:36:c4:51:1d:85:f1:f4:96:
ec:d3:95:62:7b:d3:cf:d8:23:e0:37:c2:05:c1:38:36:0d:d0:
70:94:24:ad:44:6f:9b:28:7e:97:39:6a:cd:3d:98:d0:b1:1c:
9a:b1:f3:cc:4e:c6:5c:f6:30:11:f2:68:7e:75:b8:48:8b:50:
c4:72:45:82:ec:02:1a:1c:b0:44:8f:17:bb:1a:51:44:d2:61:
7e:08:e8:8f:21:f1:e4:3d:1c:ef:7e:98:59:d5:c0:23:96:65:
77:b1:54:1a:61:ff:f3:a5:9e:02:5b:88:8c:2b:28:d5:8b:d3:
8a:b2:81:f0:db:e7:60:22:78:a9:f6:7c:a7:0d:fe:60:de:0d:
c5:26:08:16:cb:4d:b6:80:82:b4:e9:d2:81:61:ab:d8:84:57:
94:75:1b:72:74:88:0c:27:6e:86:3d:6d:61:17:a1:be:b5:f3:
20:0c:8a:65:03:2f:72:1c:42:bf:e1:f2:1c:ac:bd:ae:f1:e6:
31:ea:91:93:44:b1:f6:84:18:81:c0:57:78:42:b1:7a:ce:46:
69:70:71:11:1a:9b:c6:a8:28:98:27:23:c4:67:9b:f7:64:6c:
91:98:b1:73:e1:15:e6:61:c2:33:3b:fd:a5:a5:5f:92:c0:7a:
a6:f8:b9:6f
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCuUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQTZF
RDE0REIxMjEwMUExMjVEMzExMkRDNENDNTYwMkQzMEQ4QjQ3NzAeFw0yMzA0MTMw
MDE4MTdaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDQ5QjlCNjhCRUY4QkJF
MjlCRDM2OTc5ODIxNzMyMkRBM0I2Q0M3QTYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQD0JEdGglPorQZRjhwRdj8UB8/tCvZiQWacyomjwffT2V6+wSS8
sv9+jjKYr6CiT1O+NBq6NEAt+8ALTe6F1IB3zpZ7t4WckCWT3r0TpoPFXoT3NEtR
NiL4Uxsq+/sdeHhFTWP1aOqXyYhMLErulfiD/s7+t5LBrwFbF71rmNBYYJMql971
TRQsHM2LnGtVuZj+bPIFGZdwCV/+crwMsUIC0NsnhvGOGAqj72g1EGsYf5kK7Idc
t3vLvE8M6UB3qrR+nY09EIXTw0N7lcK+Ftpx/ISGNXsh8Mg5TfIfTIPz6qkJzacJ
42wvOJg4hn0dHDMpCvsWQ9Nm2J/xf4kUjpxbAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUSbm2i++Lvim9NpeYIXMi2jtsx6YwHwYDVR0jBBgwFoAUpu0U2xIQGhJdMRLc
TMVgLTDYtHcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvREVOUEFJ
Ty9wdTBVMnhJUUdoSmRNUkxjVE1WZ0xURFl0SGMuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL3B1MFUyeElRR2hKZE1STGNUTVZnTFREWXRIYy5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0RFTlBBSU8vU2JtMmktLUx2aW05TnBl
WUlYTWkyanRzeDZZLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
Amd7gDANBgkqhkiG9w0BAQsFAAOCAQEAmJtIdhsBsR5yhjbEUR2F8fSW7NOVYnvT
z9gj4DfCBcE4Ng3QcJQkrURvmyh+lzlqzT2Y0LEcmrHzzE7GXPYwEfJofnW4SItQ
xHJFguwCGhywRI8XuxpRRNJhfgjojyHx5D0c736YWdXAI5Zld7FUGmH/86WeAluI
jCso1YvTirKB8NvnYCJ4qfZ8pw3+YN4NxSYIFstNtoCCtOnSgWGr2IRXlHUbcnSI
DCduhj1tYRehvrXzIAyKZQMvchxCv+HyHKy9rvHmMeqRk0Sx9oQYgcBXeEKxes5G
aXBxERqbxqgomCcjxGeb92RskZixc+EV5mHCMzv9paVfksB6pvi5bw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org