Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/4gYRI0FWAeaIC3Bme3BnFfd4hHg.roa
File: 4gYRI0FWAeaIC3Bme3BnFfd4hHg.roa (raw, json)
Hash identifier: L56FqiIvOgZdxk80044dbaOlJ4xt2waWdz5zIVVufms=
Subject key identifier: E2:06:11:23:41:56:01:E6:88:0B:70:66:7B:70:67:15:F7:78:84:78
Certificate issuer: /CN=F858D0000C7C46A986B2EB96815F06AE2693A9D0
Certificate serial: 0787
Authority key identifier: F8:58:D0:00:0C:7C:46:A9:86:B2:EB:96:81:5F:06:AE:26:93:A9:D0
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/-FjQAAx8RqmGsuuWgV8GriaTqdA.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/4gYRI0FWAeaIC3Bme3BnFfd4hHg.roa
Signing time: Tue 29 Sep 2020 10:03:01 +0000
ROA not before: Tue 29 Sep 2020 10:03:01 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 18046
IP address blocks: 159.117.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1927 (0x787)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F858D0000C7C46A986B2EB96815F06AE2693A9D0
Validity
Not Before: Sep 29 10:03:01 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=E2061123415601E6880B70667B706715F7788478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ef:32:42:45:99:94:01:c6:88:c9:b0:77:c6:
8e:32:bc:1d:01:67:b8:9c:dd:b2:61:f5:fd:4e:ad:
d0:20:de:2d:45:8e:0f:2c:02:99:20:40:67:24:db:
65:bf:ec:3d:16:f2:10:a0:30:c9:0a:7a:91:37:58:
76:3c:ad:d5:08:c0:e6:ca:95:da:6f:8f:ee:f5:79:
3e:c9:3a:34:1a:a9:ce:79:d3:f3:10:9f:be:06:f7:
c7:5b:49:05:9f:f0:e1:cf:ef:92:85:62:68:ca:ba:
be:64:ee:2c:92:89:e3:04:58:e7:6e:56:67:6d:5f:
c8:81:8a:7c:9f:5b:69:ca:f0:5f:d3:92:39:36:39:
c5:a4:3f:a4:71:f1:bc:da:1b:c3:d7:61:7f:d3:bf:
48:60:50:5e:df:34:16:10:79:07:40:ec:92:6a:fd:
2d:4e:73:d9:da:a7:36:8d:97:47:56:94:62:9d:40:
41:35:e9:4d:10:91:10:b9:b6:3a:38:33:7f:d8:86:
e0:8d:74:eb:21:ea:2e:50:96:2d:ec:85:f8:a3:3c:
d6:10:3a:bd:10:48:a8:7b:b3:6c:bd:ef:ef:18:79:
c3:f4:fb:4b:5b:f4:7b:cf:55:1a:f3:7b:c9:6e:f9:
ef:43:e4:ff:d1:63:0a:b6:6a:02:ab:04:57:0f:20:
9f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:06:11:23:41:56:01:E6:88:0B:70:66:7B:70:67:15:F7:78:84:78
X509v3 Authority Key Identifier:
keyid:F8:58:D0:00:0C:7C:46:A9:86:B2:EB:96:81:5F:06:AE:26:93:A9:D0
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/-FjQAAx8RqmGsuuWgV8GriaTqdA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/-FjQAAx8RqmGsuuWgV8GriaTqdA.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/4gYRI0FWAeaIC3Bme3BnFfd4hHg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
159.117.84.0/24
Signature Algorithm: sha256WithRSAEncryption
91:43:6b:1c:49:e7:64:b8:18:50:53:85:c4:1b:89:cf:d9:e1:
fb:f2:c9:ce:f1:b6:63:7c:7b:04:74:fc:a2:53:3b:5a:91:c5:
5a:8f:3a:7a:e7:c1:78:f0:5f:d5:b4:72:cc:28:23:60:bc:99:
14:5f:9f:9f:b8:f9:3c:b5:19:a3:56:c0:f9:e5:d4:88:59:1b:
be:74:f7:c5:fc:28:1a:4e:2b:f3:8a:20:35:ec:cb:b8:e8:6a:
83:44:a8:1f:01:ad:71:45:34:ef:5d:bc:ec:bd:af:a9:db:c8:
6e:ed:3a:66:bc:87:4e:e7:27:cd:e6:6e:94:54:56:c2:4b:4f:
97:22:f7:d7:8c:06:10:ff:f4:70:8d:95:e0:e5:1b:a8:b9:aa:
3c:f7:1a:36:e1:7b:7c:f4:a1:89:f6:72:70:51:7c:ce:f9:35:
40:bb:81:1d:6e:2c:d7:8a:8e:c3:47:e8:6e:76:f4:e1:4d:13:
da:bd:1e:76:c3:ae:d5:01:0b:61:ee:36:a1:57:31:c9:f3:22:
13:56:18:90:39:07:d9:0a:dd:c1:47:cf:e6:ac:81:7d:b2:c8:
76:6e:83:34:4a:75:81:16:f7:df:26:43:8c:89:96:84:33:bd:
65:0d:1c:dd:23:83:b2:49:35:5a:7d:4b:60:6f:be:0e:74:d6:
ba:98:90:31
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICB4cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRjg1
OEQwMDAwQzdDNDZBOTg2QjJFQjk2ODE1RjA2QUUyNjkzQTlEMDAeFw0yMDA5Mjkx
MDAzMDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEUyMDYxMTIzNDE1NjAx
RTY4ODBCNzA2NjdCNzA2NzE1Rjc3ODg0NzgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDE7zJCRZmUAcaIybB3xo4yvB0BZ7ic3bJh9f1OrdAg3i1Fjg8s
ApkgQGck22W/7D0W8hCgMMkKepE3WHY8rdUIwObKldpvj+71eT7JOjQaqc550/MQ
n74G98dbSQWf8OHP75KFYmjKur5k7iySieMEWOduVmdtX8iBinyfW2nK8F/Tkjk2
OcWkP6Rx8bzaG8PXYX/Tv0hgUF7fNBYQeQdA7JJq/S1Oc9napzaNl0dWlGKdQEE1
6U0QkRC5tjo4M3/YhuCNdOsh6i5Qli3shfijPNYQOr0QSKh7s2y97+8YecP0+0tb
9HvPVRrze8lu+e9D5P/RYwq2agKrBFcPIJ8HAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU4gYRI0FWAeaIC3Bme3BnFfd4hHgwHwYDVR0jBBgwFoAU+FjQAAx8RqmGsuuW
gV8GriaTqdAwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvLUZqUUFBeDhScW1Hc3V1V2dWOEdyaWFUcWRBLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS8tRmpRQUF4OFJxbUdzdXVXZ1Y4R3JpYVRxZEEuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy80Z1lSSTBGV0FlYUlD
M0JtZTNCbkZmZDRoSGcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQAn3VUMA0GCSqGSIb3DQEBCwUAA4IBAQCRQ2scSedkuBhQU4XEG4nP2eH78snO
8bZjfHsEdPyiUztakcVajzp658F48F/VtHLMKCNgvJkUX5+fuPk8tRmjVsD55dSI
WRu+dPfF/CgaTivziiA17Mu46GqDRKgfAa1xRTTvXbzsva+p28hu7TpmvIdO5yfN
5m6UVFbCS0+XIvfXjAYQ//RwjZXg5Ruouao89xo24Xt89KGJ9nJwUXzO+TVAu4Ed
bizXio7DR+hudvThTRPavR52w67VAQth7jahVzHJ8yITVhiQOQfZCt3BR8/mrIF9
ssh2boM0SnWBFvffJkOMiZaEM71lDRzdI4OySTVafUtgb74OdNa6mJAx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org