Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/5HXk8vUnmnVFc8OzC0sJDmyonEI.roa
File: 5HXk8vUnmnVFc8OzC0sJDmyonEI.roa (raw, json)
Hash identifier: brxuu9KV+c9KvZ15nOF1GhtFGhIpGE9DGvyMU1bpfK4=
Subject key identifier: E4:75:E4:F2:F5:27:9A:75:45:73:C3:B3:0B:4B:09:0E:6C:A8:9C:42
Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial: 099A
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/5HXk8vUnmnVFc8OzC0sJDmyonEI.roa
Signing time: Wed 29 Sep 2021 02:36:51 +0000
ROA not before: Wed 29 Sep 2021 02:36:51 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131597
IP address blocks: 61.65.232.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2458 (0x99a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Validity
Not Before: Sep 29 02:36:51 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=E475E4F2F5279A754573C3B30B4B090E6CA89C42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:4c:f6:bf:33:84:f7:ba:6d:d4:21:ab:16:fc:
55:c8:87:d8:5b:89:69:26:d6:52:5f:6e:af:a7:a0:
e3:95:86:14:a1:a3:be:9f:93:03:e9:17:05:03:a1:
78:40:42:84:4e:df:84:eb:77:c7:37:63:9c:ea:ab:
cd:52:44:2d:c4:d7:f2:0a:30:05:e2:ef:59:66:c0:
37:8d:33:9c:b6:2f:67:af:98:f0:c4:6f:9b:f8:1f:
fb:58:10:db:61:05:fd:c2:19:d0:eb:ea:28:8a:37:
51:5e:bc:f1:1a:df:50:80:af:16:4a:c7:47:5c:94:
45:95:dd:c7:83:a1:2e:c3:f9:a5:c4:b3:57:4d:a2:
d2:20:0f:88:7b:16:5a:c2:bc:81:d8:53:65:06:39:
6d:fc:fe:27:e0:8b:ed:cd:0d:ff:3c:be:4a:55:3a:
be:73:8c:ea:2a:9d:06:65:7b:e9:9a:66:48:ed:61:
24:17:d3:06:91:e0:b4:c8:f1:39:94:aa:e8:13:98:
7c:78:ea:43:a7:ce:e8:68:9b:b6:7f:5f:8f:6d:02:
98:28:f9:17:74:58:67:88:18:16:f7:b4:71:24:48:
e4:9d:12:08:a2:eb:b9:14:aa:07:41:14:d1:87:2b:
8d:77:04:0a:aa:e9:63:ba:12:e3:48:40:5e:34:d2:
3d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:75:E4:F2:F5:27:9A:75:45:73:C3:B3:0B:4B:09:0E:6C:A8:9C:42
X509v3 Authority Key Identifier:
keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/5HXk8vUnmnVFc8OzC0sJDmyonEI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.65.232.0/22
Signature Algorithm: sha256WithRSAEncryption
af:0e:a7:95:d8:2e:1e:dd:f7:13:df:f0:60:1d:ac:16:20:55:
a0:6b:d7:4a:32:eb:4d:71:02:92:2d:94:6b:2c:85:5e:c4:ac:
2a:80:8b:cd:23:91:5b:4c:8a:c1:8b:63:32:3e:a9:cb:d3:2a:
06:c0:e5:ea:93:01:7a:b5:56:09:db:23:d6:dd:cb:bf:93:3d:
5e:7f:e9:3c:a2:cf:c7:d8:90:51:08:39:70:91:1e:ee:d0:43:
07:c7:55:e1:94:f7:a3:97:ca:73:2a:60:d9:71:d2:68:81:d5:
78:89:61:51:ce:1c:b0:8e:30:f3:29:08:d3:ad:f0:17:b9:80:
40:f4:7e:6e:1a:1e:e8:a8:1e:ec:05:ee:bd:62:d3:92:9f:43:
1c:3b:a2:2b:6f:80:70:2e:36:a2:1b:17:89:ae:80:8f:70:65:
82:03:63:85:72:7b:9d:e7:08:eb:21:fa:e3:36:5c:bc:3d:f1:
76:92:bd:c3:b8:13:8a:44:86:db:10:2c:8c:96:d6:45:26:99:
d2:81:7e:98:5c:0f:d1:5e:fa:ee:a3:cf:87:6e:af:01:e1:5e:
bc:fa:8a:af:78:1f:af:95:7e:37:61:16:3f:b6:ea:4b:42:4d:
cb:c6:c7:d6:ce:5c:36:e6:60:09:47:f4:24:99:3b:a0:0c:e3:
ba:01:19:fd
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICCZowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yMTA5Mjkw
MjM2NTFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEU0NzVFNEYyRjUyNzlB
NzU0NTczQzNCMzBCNEIwOTBFNkNBODlDNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDyTPa/M4T3um3UIasW/FXIh9hbiWkm1lJfbq+noOOVhhSho76f
kwPpFwUDoXhAQoRO34Trd8c3Y5zqq81SRC3E1/IKMAXi71lmwDeNM5y2L2evmPDE
b5v4H/tYENthBf3CGdDr6iiKN1FevPEa31CArxZKx0dclEWV3ceDoS7D+aXEs1dN
otIgD4h7FlrCvIHYU2UGOW38/ifgi+3NDf88vkpVOr5zjOoqnQZle+maZkjtYSQX
0waR4LTI8TmUqugTmHx46kOnzuhom7Z/X49tApgo+Rd0WGeIGBb3tHEkSOSdEgii
67kUqgdBFNGHK413BAqq6WO6EuNIQF400j37AgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQU5HXk8vUnmnVFc8OzC0sJDmyonEIwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy81SFhrOHZVbm1uVkZj
OE96QzBzSkRteW9uRUkucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQCPUHoMA0GCSqGSIb3DQEBCwUAA4IBAQCvDqeV2C4e3fcT3/BgHawWIFWga9dK
MutNcQKSLZRrLIVexKwqgIvNI5FbTIrBi2MyPqnL0yoGwOXqkwF6tVYJ2yPW3cu/
kz1ef+k8os/H2JBRCDlwkR7u0EMHx1XhlPejl8pzKmDZcdJogdV4iWFRzhywjjDz
KQjTrfAXuYBA9H5uGh7oqB7sBe69YtOSn0McO6Irb4BwLjaiGxeJroCPcGWCA2OF
cnud5wjrIfrjNly8PfF2kr3DuBOKRIbbECyMltZFJpnSgX6YXA/RXvruo8+Hbq8B
4V68+oqveB+vlX43YRY/tupLQk3LxsfWzlw25mAJR/QkmTugDOO6ARn9
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org