Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DOWNWIN/BAgFtZNBJ3C4f-GvzwMViqMJZaw.roa
File: BAgFtZNBJ3C4f-GvzwMViqMJZaw.roa (raw, json)
Hash identifier: tf0uJc0IhDq8zcq8zxcTkWI8TpgjN30RsGBHmnUbQDs=
Subject key identifier: 04:08:05:B5:93:41:27:70:B8:7F:E1:AF:CF:03:15:8A:A3:09:65:AC
Certificate issuer: /CN=93D96B0699BEBA157D50548029BC117929AD20E7
Certificate serial: 40
Authority key identifier: 93:D9:6B:06:99:BE:BA:15:7D:50:54:80:29:BC:11:79:29:AD:20:E7
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/k9lrBpm-uhV9UFSAKbwReSmtIOc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DOWNWIN/BAgFtZNBJ3C4f-GvzwMViqMJZaw.roa
Signing time: Wed 12 Jul 2023 01:50:27 +0000
ROA not before: Wed 12 Jul 2023 01:50:27 +0000
ROA not after: Sat 09 Mar 2024 15:30:09 +0000
asID: 131149
IP address blocks: 103.118.148.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64 (0x40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93D96B0699BEBA157D50548029BC117929AD20E7
Validity
Not Before: Jul 12 01:50:27 2023 GMT
Not After : Mar 9 15:30:09 2024 GMT
Subject: CN=040805B593412770B87FE1AFCF03158AA30965AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2b:18:90:83:7a:be:f1:a2:42:82:dc:fe:f1:
f2:46:af:c9:fb:94:9a:bb:0a:bd:6a:40:f5:13:c7:
3f:b4:3d:3e:4e:9d:5e:1b:ef:b4:15:a1:30:e8:00:
e5:1f:4e:58:ad:89:81:3d:ee:c0:5a:c0:72:cc:67:
b0:07:53:cd:2f:6f:e5:b1:a7:38:e1:82:53:56:0a:
b7:3d:0b:2c:a3:80:d6:4c:05:40:55:21:74:6f:d6:
50:79:ff:d3:be:8e:04:1b:dc:22:54:c0:c8:de:e5:
23:66:ce:00:f2:55:dc:cc:90:83:51:3e:01:91:e9:
1f:b2:fd:91:d7:2d:11:93:8b:84:4b:a5:95:f7:31:
d7:de:f1:24:67:9d:1a:ba:00:c4:65:6b:d0:48:af:
72:42:25:54:41:a4:a3:4d:55:3f:0d:ef:22:3f:a7:
44:88:61:b6:7c:15:53:30:eb:66:c8:b9:29:f4:a2:
67:09:6a:d7:bd:81:a4:fc:84:1f:9e:48:11:b6:46:
22:6d:3e:32:63:5a:0d:5d:a3:b1:02:57:0e:b4:35:
4e:f1:aa:9d:a7:2d:ab:3e:28:64:20:7a:0b:ba:d9:
a4:29:65:90:51:75:36:e3:22:25:eb:7b:d8:35:f8:
35:e7:64:63:31:43:31:b7:48:18:45:25:92:ae:4a:
27:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:08:05:B5:93:41:27:70:B8:7F:E1:AF:CF:03:15:8A:A3:09:65:AC
X509v3 Authority Key Identifier:
keyid:93:D9:6B:06:99:BE:BA:15:7D:50:54:80:29:BC:11:79:29:AD:20:E7
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DOWNWIN/k9lrBpm-uhV9UFSAKbwReSmtIOc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/k9lrBpm-uhV9UFSAKbwReSmtIOc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DOWNWIN/BAgFtZNBJ3C4f-GvzwMViqMJZaw.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.118.148.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:fd:72:b2:a6:7b:cc:b5:78:31:3e:5a:d6:b8:85:31:66:58:
d9:b5:cc:51:f1:40:30:67:3d:01:24:60:0d:65:4d:e1:fe:a4:
71:23:8d:d1:c1:d3:dd:d9:85:b9:9d:65:ca:2c:44:79:39:04:
9c:f5:1d:2f:a2:28:37:d0:65:a2:bd:87:b4:55:03:fc:e5:e0:
fa:c7:ac:f9:c5:92:05:b9:92:69:97:a8:b8:85:8c:8e:d9:03:
35:ff:a6:78:27:78:62:28:16:62:6a:a2:8a:07:a1:85:7f:b7:
81:16:bc:1a:ff:35:9f:7c:b1:52:42:77:0b:a0:7b:6c:24:7f:
99:2f:3d:8a:20:e6:ed:b9:0a:1e:9b:42:10:ff:09:59:47:31:
ab:e8:59:8f:15:cc:14:a9:d5:7d:ca:bf:01:db:56:dd:85:8e:
af:e1:0b:1a:28:12:f1:31:5d:fb:63:7a:b4:a5:ec:0b:d1:6d:
7d:f7:98:2f:7e:40:58:5c:59:7d:db:d7:9e:8e:43:b9:35:25:
89:5e:5c:d3:da:c4:dc:3d:fb:e9:78:c8:c2:0d:79:e4:8c:b9:
c2:c6:8a:12:93:26:c7:5d:cf:c4:d3:83:c0:77:be:d6:50:53:
59:b1:0f:3d:47:0f:a8:b5:36:39:30:6f:5a:45:74:77:a7:29:
2e:8e:fb:3b
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIBQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5M0Q5
NkIwNjk5QkVCQTE1N0Q1MDU0ODAyOUJDMTE3OTI5QUQyMEU3MB4XDTIzMDcxMjAx
NTAyN1oXDTI0MDMwOTE1MzAwOVowMzExMC8GA1UEAxMoMDQwODA1QjU5MzQxMjc3
MEI4N0ZFMUFGQ0YwMzE1OEFBMzA5NjVBQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALYrGJCDer7xokKC3P7x8kavyfuUmrsKvWpA9RPHP7Q9Pk6dXhvv
tBWhMOgA5R9OWK2JgT3uwFrAcsxnsAdTzS9v5bGnOOGCU1YKtz0LLKOA1kwFQFUh
dG/WUHn/076OBBvcIlTAyN7lI2bOAPJV3MyQg1E+AZHpH7L9kdctEZOLhEullfcx
197xJGedGroAxGVr0EivckIlVEGko01VPw3vIj+nRIhhtnwVUzDrZsi5KfSiZwlq
172BpPyEH55IEbZGIm0+MmNaDV2jsQJXDrQ1TvGqnactqz4oZCB6C7rZpCllkFF1
NuMiJet72DX4NedkYzFDMbdIGEUlkq5KJ+cCAwEAAaOCAfAwggHsMB0GA1UdDgQW
BBQECAW1k0EncLh/4a/PAxWKowllrDAfBgNVHSMEGDAWgBST2WsGmb66FX1QVIAp
vBF5Ka0g5zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF0GA1UdHwRWMFQwUqBQ
oE6GTHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9ET1dOV0lO
L2s5bHJCcG0tdWhWOVVGU0FLYndSZVNtdElPYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvazlsckJwbS11aFY5VUZTQUtid1JlU210SU9jLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZ0GCCsGAQUFBwELBIGQMIGNMFgGCCsGAQUFBzALhkxyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRE9XTldJTi9CQWdGdFpOQkozQzRmLUd2
endNVmlxTUpaYXcucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMu
dHcvcnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB
Z3aUMA0GCSqGSIb3DQEBCwUAA4IBAQAb/XKypnvMtXgxPlrWuIUxZljZtcxR8UAw
Zz0BJGANZU3h/qRxI43RwdPd2YW5nWXKLER5OQSc9R0voig30GWivYe0VQP85eD6
x6z5xZIFuZJpl6i4hYyO2QM1/6Z4J3hiKBZiaqKKB6GFf7eBFrwa/zWffLFSQncL
oHtsJH+ZLz2KIObtuQoem0IQ/wlZRzGr6FmPFcwUqdV9yr8B21bdhY6v4QsaKBLx
MV37Y3q0pewL0W1995gvfkBYXFl929eejkO5NSWJXlzT2sTcPfvpeMjCDXnkjLnC
xooSkybHXc/E04PAd77WUFNZsQ89Rw+otTY5MG9aRXR3pykujvs7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org