Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWINS/OsTh8HYRPN2nrYg_i_yntdcd4fA.roa
File: OsTh8HYRPN2nrYg_i_yntdcd4fA.roa (raw, json)
Hash identifier: hPY+SpylRgLwgU331dofsiRVYC0Nnoc6Poc/iEes0Ms=
Subject key identifier: 3A:C4:E1:F0:76:11:3C:DD:A7:AD:88:3F:8B:FC:A7:B5:D7:1D:E1:F0
Certificate issuer: /CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791
Certificate serial: 0AA9
Authority key identifier: 61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/OsTh8HYRPN2nrYg_i_yntdcd4fA.roa
Signing time: Thu 29 Dec 2022 05:40:23 +0000
ROA not before: Thu 29 Dec 2022 05:40:23 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 131273
IP address blocks: 43.224.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2729 (0xaa9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=615F9BD98CC70E8836D01A9481C19C5C2D45D791
Validity
Not Before: Dec 29 05:40:23 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=3AC4E1F076113CDDA7AD883F8BFCA7B5D71DE1F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1f:27:33:00:3d:5f:8d:56:49:6a:30:bd:29:
f4:ca:9a:59:41:10:12:e4:db:63:3e:6f:07:03:21:
31:d5:2d:88:80:fd:0b:16:a2:91:cc:d8:30:13:28:
41:19:14:ca:b7:b0:d3:47:1b:cc:7e:44:85:02:57:
9a:91:c8:cf:f9:d8:d5:2b:49:45:5a:32:43:4c:44:
9e:15:64:e7:56:0c:25:ac:9b:92:a6:65:18:aa:5d:
5d:31:ef:f2:f3:f3:cf:7e:ba:e6:b6:4d:a8:18:33:
8e:03:29:d2:b2:31:56:85:9c:7b:68:73:ea:23:5b:
2d:a7:4a:14:d7:50:04:6f:68:d0:56:d3:7c:b2:2e:
44:61:53:5c:ea:61:e2:94:20:ec:5a:dd:a6:a2:19:
a2:ee:a0:ec:c3:ed:f9:1e:f0:ad:ef:6d:39:25:24:
35:29:f5:8c:08:e9:1c:dd:8f:fb:f0:cb:91:20:46:
d9:14:a5:2c:b3:d0:7b:6f:89:7f:9f:cf:cf:5d:56:
98:b1:ca:6c:03:af:8b:81:9c:8c:2b:c9:d3:c7:01:
26:39:35:b1:5b:53:a0:71:44:fd:87:13:6b:ec:86:
5f:05:af:ad:7f:22:15:9c:e1:a9:2e:68:3a:ce:7b:
1c:36:d9:0a:ff:fd:22:72:3d:a2:e5:f2:14:3d:7e:
85:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:C4:E1:F0:76:11:3C:DD:A7:AD:88:3F:8B:FC:A7:B5:D7:1D:E1:F0
X509v3 Authority Key Identifier:
keyid:61:5F:9B:D9:8C:C7:0E:88:36:D0:1A:94:81:C1:9C:5C:2D:45:D7:91
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/YV-b2YzHDog20BqUgcGcXC1F15E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/YV-b2YzHDog20BqUgcGcXC1F15E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWINS/OsTh8HYRPN2nrYg_i_yntdcd4fA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
43.224.22.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:ba:84:07:1a:55:bb:b1:6d:11:ee:e6:11:c8:85:51:54:30:
34:b4:ed:a5:42:3a:3e:0e:e4:2a:d3:6f:98:15:b3:1e:44:d6:
d1:84:f2:92:0c:94:0e:d3:56:5f:72:cc:07:a2:ae:17:cd:d8:
21:49:b3:a4:7a:eb:99:d4:1e:bc:d3:d1:eb:32:4d:7f:93:d4:
c4:4e:22:47:79:f8:43:7e:38:37:1b:1d:86:1c:bb:70:1d:5e:
51:8f:0c:47:b7:45:87:05:5c:5c:95:14:c3:23:49:18:35:bf:
1e:98:36:dc:2c:c5:94:88:78:17:fb:e1:0b:0c:bd:a9:2b:d3:
29:97:c9:51:76:9f:79:3f:a2:4c:4d:98:38:ed:5f:2e:9f:b6:
62:d9:3e:7d:73:b1:49:92:0a:b9:3b:e0:d4:d5:80:8f:67:2e:
d4:38:16:79:82:47:50:a0:64:45:d3:63:5f:1e:f6:20:e1:0d:
6f:54:c0:de:84:69:73:06:f4:ec:db:95:96:fe:b1:3e:4e:be:
60:e5:8d:a8:59:04:73:c9:b9:72:e0:f6:57:46:bc:b7:5d:fa:
08:e3:1a:20:f0:f3:cf:99:36:96:b3:ba:2f:81:db:6e:c5:c4:
94:65:89:88:95:e0:2c:94:ef:c3:c1:42:95:a4:7d:3d:66:bb:
5e:14:d8:8b
-----BEGIN CERTIFICATE-----
MIIE0DCCA7igAwIBAgICCqkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjE1
RjlCRDk4Q0M3MEU4ODM2RDAxQTk0ODFDMTlDNUMyRDQ1RDc5MTAeFw0yMjEyMjkw
NTQwMjNaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDNBQzRFMUYwNzYxMTND
RERBN0FEODgzRjhCRkNBN0I1RDcxREUxRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoHyczAD1fjVZJajC9KfTKmllBEBLk22M+bwcDITHVLYiA/QsW
opHM2DATKEEZFMq3sNNHG8x+RIUCV5qRyM/52NUrSUVaMkNMRJ4VZOdWDCWsm5Km
ZRiqXV0x7/Lz889+uua2TagYM44DKdKyMVaFnHtoc+ojWy2nShTXUARvaNBW03yy
LkRhU1zqYeKUIOxa3aaiGaLuoOzD7fke8K3vbTklJDUp9YwI6Rzdj/vwy5EgRtkU
pSyz0HtviX+fz89dVpixymwDr4uBnIwrydPHASY5NbFbU6BxRP2HE2vshl8Fr61/
IhWc4akuaDrOexw22Qr//SJyPaLl8hQ9foWNAgMBAAGjggHsMIIB6DAdBgNVHQ4E
FgQUOsTh8HYRPN2nrYg/i/yntdcd4fAwHwYDVR0jBBgwFoAUYV+b2YzHDog20BqU
gcGcXC1F15EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBbBgNVHR8EVDBSMFCg
TqBMhkpyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdJTlMv
WVYtYjJZekhEb2cyMEJxVWdjR2NYQzFGMTVFLmNybDBgBggrBgEFBQcBAQRUMFIw
UAYIKwYBBQUHMAKGRHJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUND
QS9ZVi1iMll6SERvZzIwQnFVZ2NHY1hDMUYxNUUuY2VyMA4GA1UdDwEB/wQEAwIH
gDCBmwYIKwYBBQUHAQsEgY4wgYswVgYIKwYBBQUHMAuGSnJzeW5jOi8vcnBraWNh
LnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9EV0lOUy9Pc1RoOEhZUlBOMm5yWWdfaV95
bnRkY2Q0ZkEucm9hMDEGCCsGAQUFBzANhiVodHRwczovL3JyZHAudHduaWMudHcv
cnJkcC9ub3RpZnkueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK+AW
MA0GCSqGSIb3DQEBCwUAA4IBAQCnuoQHGlW7sW0R7uYRyIVRVDA0tO2lQjo+DuQq
02+YFbMeRNbRhPKSDJQO01ZfcswHoq4XzdghSbOkeuuZ1B6809HrMk1/k9TETiJH
efhDfjg3Gx2GHLtwHV5RjwxHt0WHBVxclRTDI0kYNb8emDbcLMWUiHgX++ELDL2p
K9Mpl8lRdp95P6JMTZg47V8un7Zi2T59c7FJkgq5O+DU1YCPZy7UOBZ5gkdQoGRF
02NfHvYg4Q1vVMDehGlzBvTs25WW/rE+Tr5g5Y2oWQRzybly4PZXRry3XfoI4xog
8PPPmTaWs7ovgdtuxcSUZYmIleAslO/DwUKVpH09ZrteFNiL
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org