Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/Zx8cvIQD1mIPNy9D6KpN2s9qE5M.roa
File: Zx8cvIQD1mIPNy9D6KpN2s9qE5M.roa (raw, json)
Hash identifier: 3+OVmmsINqs/FNwCSo8VjIJmn3P/la6cfN9wuXE+hRc=
Subject key identifier: 67:1F:1C:BC:84:03:D6:62:0F:37:2F:43:E8:AA:4D:DA:CF:6A:13:93
Certificate issuer: /CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Certificate serial: 07A0
Authority key identifier: 0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/Zx8cvIQD1mIPNy9D6KpN2s9qE5M.roa
Signing time: Tue 29 Sep 2020 10:03:00 +0000
ROA not before: Tue 29 Sep 2020 10:03:00 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131597
IP address blocks: 61.65.224.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1952 (0x7a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0C78961642A04BE132708DB193D7BA916B2B67CB
Validity
Not Before: Sep 29 10:03:00 2020 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=671F1CBC8403D6620F372F43E8AA4DDACF6A1393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6d:60:6b:a1:68:96:b0:66:23:92:17:3d:18:
ce:ef:fa:57:b4:79:05:c9:f5:37:d0:ba:e2:d4:22:
8a:95:1b:d7:a0:77:d9:32:fa:a5:95:60:a5:1b:b5:
76:cb:d8:9d:89:43:b7:75:db:72:ac:c2:d8:fd:3a:
80:f2:a3:16:09:b8:a8:8d:b6:af:e8:e8:14:22:b1:
1a:e7:02:97:95:0b:78:53:58:b3:a6:65:da:a9:72:
f0:d6:9b:dd:f9:97:29:f2:75:ab:9c:b2:ab:30:e0:
0c:c6:92:e0:b9:f8:00:fb:1b:a3:a4:0f:a9:b3:e3:
ca:b5:69:cf:69:03:31:a0:36:5c:50:07:29:13:83:
91:da:a3:bc:01:ba:78:3e:bc:14:dd:3f:d3:8f:4a:
07:9a:4f:2a:2b:aa:53:b3:62:29:12:5f:82:2a:f2:
24:96:f0:e5:92:7b:6a:c1:a6:4f:4d:5e:d3:0b:39:
be:fe:10:12:fd:24:84:5a:a2:e4:4d:fc:9a:a3:81:
28:99:78:f1:c1:2d:de:5c:dd:94:be:e3:b7:07:e4:
82:b5:f2:2b:77:fe:ac:85:f5:98:fb:3d:5b:d7:38:
28:ce:4b:56:56:b0:5c:cb:20:dc:9e:37:5d:ac:8b:
bf:d5:e7:90:6e:d6:5e:49:91:c2:6e:95:3c:36:ec:
c4:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1F:1C:BC:84:03:D6:62:0F:37:2F:43:E8:AA:4D:DA:CF:6A:13:93
X509v3 Authority Key Identifier:
keyid:0C:78:96:16:42:A0:4B:E1:32:70:8D:B1:93:D7:BA:91:6B:2B:67:CB
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/DHiWFkKgS-EycI2xk9e6kWsrZ8s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DHiWFkKgS-EycI2xk9e6kWsrZ8s.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DONGFONG/Zx8cvIQD1mIPNy9D6KpN2s9qE5M.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.65.224.0/21
Signature Algorithm: sha256WithRSAEncryption
49:31:50:80:c3:ca:3a:67:64:d1:d1:ac:65:0a:dc:9e:e0:af:
97:0d:bf:b7:1e:34:8f:54:0d:e6:ad:35:93:1d:90:3c:90:3d:
c3:0d:7a:d2:de:a3:24:e4:2c:9b:4f:95:d4:d8:a3:4d:f6:90:
c0:9d:53:fa:cd:04:51:86:e9:bd:fe:06:02:ff:03:d6:4e:df:
94:cc:7d:5f:62:1a:d1:4b:1c:e3:8a:93:61:34:da:bd:f6:3e:
79:dc:66:49:b6:77:5e:19:d6:a4:40:b9:70:00:fd:05:29:06:
4c:a8:ad:53:ab:81:61:5b:a5:2d:c1:8b:b1:13:e0:77:84:32:
85:89:7b:ee:42:07:fa:c4:ae:bf:60:36:59:66:d3:11:cf:3b:
c4:b4:b9:92:52:75:d1:37:6f:2e:40:4c:8f:d0:6e:bf:ca:da:
ac:a9:35:be:45:57:aa:da:33:b1:1e:ad:f3:6f:7d:0a:ec:0e:
3f:a6:81:41:d5:4a:57:51:50:8d:6e:6a:b1:e9:a2:13:bc:b7:
ac:8a:18:39:f6:18:3b:e3:5a:09:f2:16:cc:04:31:3c:06:e2:
ba:c8:51:1f:11:b2:da:88:04:10:6f:01:ec:05:f9:cb:cb:76:
bb:52:cb:ea:0e:8f:54:42:3c:9f:c3:14:17:85:a7:8b:15:4b:
bb:bb:b4:ff
-----BEGIN CERTIFICATE-----
MIIE1jCCA76gAwIBAgICB6AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEM3
ODk2MTY0MkEwNEJFMTMyNzA4REIxOTNEN0JBOTE2QjJCNjdDQjAeFw0yMDA5Mjkx
MDAzMDBaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDY3MUYxQ0JDODQwM0Q2
NjIwRjM3MkY0M0U4QUE0RERBQ0Y2QTEzOTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCibWBroWiWsGYjkhc9GM7v+le0eQXJ9TfQuuLUIoqVG9egd9ky
+qWVYKUbtXbL2J2JQ7d123Kswtj9OoDyoxYJuKiNtq/o6BQisRrnApeVC3hTWLOm
ZdqpcvDWm935lynydaucsqsw4AzGkuC5+AD7G6OkD6mz48q1ac9pAzGgNlxQBykT
g5Hao7wBung+vBTdP9OPSgeaTyorqlOzYikSX4Iq8iSW8OWSe2rBpk9NXtMLOb7+
EBL9JIRaouRN/JqjgSiZePHBLd5c3ZS+47cH5IK18it3/qyF9Zj7PVvXOCjOS1ZW
sFzLINyeN12si7/V55Bu1l5JkcJulTw27MQFAgMBAAGjggHyMIIB7jAdBgNVHQ4E
FgQUZx8cvIQD1mIPNy9D6KpN2s9qE5MwHwYDVR0jBBgwFoAUDHiWFkKgS+EycI2x
k9e6kWsrZ8swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBeBgNVHR8EVzBVMFOg
UaBPhk1yc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9OR0ZP
TkcvREhpV0ZrS2dTLUV5Y0kyeGs5ZTZrV3NyWjhzLmNybDBgBggrBgEFBQcBAQRU
MFIwUAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdO
SUNDQS9ESGlXRmtLZ1MtRXljSTJ4azllNmtXc3JaOHMuY2VyMA4GA1UdDwEB/wQE
AwIHgDCBngYIKwYBBQUHAQsEgZEwgY4wWQYIKwYBBQUHMAuGTXJzeW5jOi8vcnBr
aWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET05HRk9ORy9aeDhjdklRRDFtSVBO
eTlENktwTjJzOXFFNU0ucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHdu
aWMudHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG
AwQDPUHgMA0GCSqGSIb3DQEBCwUAA4IBAQBJMVCAw8o6Z2TR0axlCtye4K+XDb+3
HjSPVA3mrTWTHZA8kD3DDXrS3qMk5CybT5XU2KNN9pDAnVP6zQRRhum9/gYC/wPW
Tt+UzH1fYhrRSxzjipNhNNq99j553GZJtndeGdakQLlwAP0FKQZMqK1Tq4FhW6Ut
wYuxE+B3hDKFiXvuQgf6xK6/YDZZZtMRzzvEtLmSUnXRN28uQEyP0G6/ytqsqTW+
RVeq2jOxHq3zb30K7A4/poFB1UpXUVCNbmqx6aITvLesihg59hg741oJ8hbMBDE8
BuK6yFEfEbLaiAQQbwHsBfnLy3a7UsvqDo9UQjyfwxQXhaeLFUu7u7T/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:34 2024 by rpki-client on console-fra.rpki-client.org