Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DNSNET/2Nich-bBr_PV8_FgoFzt-f1Cj-I.roa
File: 2Nich-bBr_PV8_FgoFzt-f1Cj-I.roa (raw, json)
Hash identifier: cN+Cr63+1YtfqhiB7F1R7T5aNJA3EA3bCwmodg+m8yc=
Subject key identifier: D8:D8:9C:87:E6:C1:AF:F3:D5:F3:F1:60:A0:5C:ED:F9:FD:42:8F:E2
Certificate issuer: /CN=277895E64BE41B7182664E1345CD57E5D36A1AF2
Certificate serial: 0A
Authority key identifier: 27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/2Nich-bBr_PV8_FgoFzt-f1Cj-I.roa
Signing time: Tue 16 May 2023 00:46:12 +0000
ROA not before: Tue 16 May 2023 00:46:12 +0000
ROA not after: Tue 07 Nov 2023 11:29:29 +0000
asID: 131659
IP address blocks: 103.160.226.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10 (0xa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=277895E64BE41B7182664E1345CD57E5D36A1AF2
Validity
Not Before: May 16 00:46:12 2023 GMT
Not After : Nov 7 11:29:29 2023 GMT
Subject: CN=D8D89C87E6C1AFF3D5F3F160A05CEDF9FD428FE2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:a4:9b:5d:cb:32:e9:64:51:4f:74:4f:53:d2:
4e:75:e4:b4:ae:1f:af:97:a0:1c:c6:d6:0e:ed:63:
6d:f9:8f:16:33:67:fd:6b:5a:a1:0d:83:21:b2:08:
c7:a8:cb:54:87:35:e7:57:10:27:22:74:73:06:d6:
6d:4b:8f:cc:b7:a5:bf:e4:d2:99:e2:38:31:69:56:
60:52:fb:1d:64:19:9b:20:48:72:d2:95:35:21:36:
6f:e6:0b:31:60:63:4c:d6:b0:5d:73:ee:6b:e6:0a:
a4:63:f4:e7:15:31:b4:4e:0e:53:a5:f8:1c:d9:5d:
00:59:49:d3:2e:0d:81:bd:fa:30:dc:18:32:b6:48:
85:fe:7e:a1:ab:64:4d:39:a2:2e:2d:23:d9:2e:ff:
37:b6:28:50:ef:61:18:87:cd:6c:d4:8d:42:11:60:
50:22:8d:f9:3c:df:02:e5:cc:1a:5e:52:c6:e0:5a:
10:83:41:f6:ad:27:65:42:10:fa:3b:e3:ac:0e:d7:
8d:d8:26:01:a4:ae:12:69:9b:b1:76:19:88:c7:e9:
4a:a4:f9:4d:cf:43:ca:de:c5:ae:92:a0:d9:f3:a3:
d1:77:c2:ff:85:48:b1:0b:d9:e0:4e:40:4d:cc:20:
35:80:af:7e:db:5a:d1:a3:77:a6:ca:b4:f9:31:ca:
3d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D8:9C:87:E6:C1:AF:F3:D5:F3:F1:60:A0:5C:ED:F9:FD:42:8F:E2
X509v3 Authority Key Identifier:
keyid:27:78:95:E6:4B:E4:1B:71:82:66:4E:13:45:CD:57:E5:D3:6A:1A:F2
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/J3iV5kvkG3GCZk4TRc1X5dNqGvI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/J3iV5kvkG3GCZk4TRc1X5dNqGvI.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DNSNET/2Nich-bBr_PV8_FgoFzt-f1Cj-I.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.160.226.0/23
Signature Algorithm: sha256WithRSAEncryption
97:dd:66:55:37:73:7b:42:39:dc:11:32:b8:d1:26:21:0e:77:
08:56:77:73:14:5c:a5:23:b1:ea:d8:96:3b:63:4a:b7:f0:de:
5a:7a:74:cb:c2:1e:5d:d4:fb:ee:d5:77:d4:a4:93:eb:cb:7b:
2b:ff:79:db:98:60:00:ed:48:0b:28:48:13:ce:0b:81:0b:03:
37:e0:4c:77:ef:25:79:27:a0:72:8a:65:e8:46:30:9a:45:13:
a8:7d:2c:59:0d:53:a1:05:b0:9c:c6:6b:f5:1b:0d:97:38:b0:
8c:9d:23:0a:b6:e5:bf:62:11:8a:bf:af:3e:e0:42:b1:79:93:
f7:9c:99:fc:09:23:ac:8b:78:06:58:eb:91:50:89:99:45:86:
a0:c7:dd:8d:a2:42:61:5f:b2:a7:c2:66:2e:59:a0:c8:41:bc:
3a:95:12:14:64:eb:1f:39:4a:00:a5:49:e8:fe:9f:6b:f0:c4:
3a:aa:04:1b:3b:27:98:e4:d3:ec:10:95:51:15:bd:b9:ac:2a:
51:6b:70:45:47:4c:5c:77:6e:34:20:e6:77:67:06:4d:45:c3:
80:ba:12:89:79:39:7d:35:14:55:1e:37:99:9d:68:8c:2b:bd:
a8:f6:dc:0b:bf:a6:f3:c2:67:25:86:cd:fe:30:09:b3:bc:83:
0e:63:dd:89
-----BEGIN CERTIFICATE-----
MIIE0TCCA7mgAwIBAgIBCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyNzc4
OTVFNjRCRTQxQjcxODI2NjRFMTM0NUNENTdFNUQzNkExQUYyMB4XDTIzMDUxNjAw
NDYxMloXDTIzMTEwNzExMjkyOVowMzExMC8GA1UEAxMoRDhEODlDODdFNkMxQUZG
M0Q1RjNGMTYwQTA1Q0VERjlGRDQyOEZFMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANmkm13LMulkUU90T1PSTnXktK4fr5egHMbWDu1jbfmPFjNn/Wta
oQ2DIbIIx6jLVIc151cQJyJ0cwbWbUuPzLelv+TSmeI4MWlWYFL7HWQZmyBIctKV
NSE2b+YLMWBjTNawXXPua+YKpGP05xUxtE4OU6X4HNldAFlJ0y4Ngb36MNwYMrZI
hf5+oatkTTmiLi0j2S7/N7YoUO9hGIfNbNSNQhFgUCKN+TzfAuXMGl5SxuBaEINB
9q0nZUIQ+jvjrA7XjdgmAaSuEmmbsXYZiMfpSqT5Tc9Dyt7FrpKg2fOj0XfC/4VI
sQvZ4E5ATcwgNYCvftta0aN3psq0+THKPbMCAwEAAaOCAe4wggHqMB0GA1UdDgQW
BBTY2JyH5sGv89Xz8WCgXO35/UKP4jAfBgNVHSMEGDAWgBQneJXmS+QbcYJmThNF
zVfl02oa8jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFwGA1UdHwRVMFMwUaBP
oE2GS3JzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ETlNORVQv
SjNpVjVrdmtHM0dDWms0VFJjMVg1ZE5xR3ZJLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9KM2lWNWt2a0czR0NaazRUUmMxWDVkTnFHdkkuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBnAYIKwYBBQUHAQsEgY8wgYwwVwYIKwYBBQUHMAuGS3JzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ETlNORVQvMk5pY2gtYkJyX1BWOF9GZ29G
enQtZjFDai1JLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmljLnR3
L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAWeg
4jANBgkqhkiG9w0BAQsFAAOCAQEAl91mVTdze0I53BEyuNEmIQ53CFZ3cxRcpSOx
6tiWO2NKt/DeWnp0y8IeXdT77tV31KST68t7K/9525hgAO1ICyhIE84LgQsDN+BM
d+8leSegcopl6EYwmkUTqH0sWQ1ToQWwnMZr9RsNlziwjJ0jCrblv2IRir+vPuBC
sXmT95yZ/AkjrIt4BljrkVCJmUWGoMfdjaJCYV+yp8JmLlmgyEG8OpUSFGTrHzlK
AKVJ6P6fa/DEOqoEGzsnmOTT7BCVURW9uawqUWtwRUdMXHduNCDmd2cGTUXDgLoS
iXk5fTUUVR43mZ1ojCu9qPbcC7+m88JnJYbN/jAJs7yDDmPdiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org