Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/7AaVmm8nDv9486neGvB4bjt-B8w.roa
File: 7AaVmm8nDv9486neGvB4bjt-B8w.roa (raw, json)
Hash identifier: lHmPyQpgftmcqzUWzjw/wxU77o564avc0HdjLxv45jI=
Subject key identifier: EC:06:95:9A:6F:27:0E:FF:78:F3:A9:DE:1A:F0:78:6E:3B:7E:07:CC
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0E01
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/7AaVmm8nDv9486neGvB4bjt-B8w.roa
Signing time: Fri 01 Sep 2023 08:36:22 +0000
ROA not before: Fri 01 Sep 2023 08:36:22 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 18424
IP address blocks: 103.136.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3585 (0xe01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 1 08:36:22 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=EC06959A6F270EFF78F3A9DE1AF0786E3B7E07CC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:56:d5:7d:0b:aa:3f:b5:1a:25:92:17:1b:23:
55:9f:20:46:30:ab:c4:aa:06:be:7d:4a:f8:85:5d:
d0:af:9b:8d:8d:79:9b:bc:fb:78:e0:81:b8:ed:56:
8a:43:a8:69:eb:42:76:91:07:cc:a2:6c:40:ac:b4:
49:18:37:a5:44:2d:00:82:04:cd:dd:41:5c:98:9c:
2e:45:bc:6e:04:cb:f2:b9:e9:2a:44:58:2c:e4:0d:
b2:4d:08:28:b3:09:6b:22:64:aa:80:0c:cc:bf:d6:
f8:03:2e:2d:a9:53:6a:8a:c4:9d:af:7e:ad:6d:b6:
d9:70:52:fd:df:21:ee:71:3e:89:84:56:f8:a8:76:
aa:70:8f:4f:26:4e:22:86:42:ff:d5:38:a2:d0:7c:
e5:15:e8:4c:da:35:f9:a3:b5:c8:93:2f:31:09:ca:
c5:d9:e1:02:2d:46:71:70:1b:89:e1:b7:82:4e:b0:
7e:9d:5e:a9:1c:bb:74:70:82:ac:5a:3b:ed:00:66:
1a:86:8d:fb:fa:99:ea:2b:17:92:d3:ff:08:ff:a8:
8b:64:a9:b8:ce:9e:ce:c9:3e:36:a8:46:ff:e0:14:
6b:1f:70:dd:71:f0:b0:cf:14:68:b4:cd:3d:69:96:
ae:79:73:8e:53:88:93:7c:42:d4:56:01:db:db:44:
06:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:06:95:9A:6F:27:0E:FF:78:F3:A9:DE:1A:F0:78:6E:3B:7E:07:CC
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/7AaVmm8nDv9486neGvB4bjt-B8w.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:37:ed:4b:62:19:ba:35:50:74:8e:68:2f:3a:9f:ce:9d:b8:
0f:33:15:87:1c:9e:41:6e:e4:d5:a9:31:5a:6b:b8:a9:5d:e8:
07:7e:77:41:f1:6a:74:fb:93:91:a5:b4:76:44:f9:3a:7a:cf:
eb:7b:48:79:3e:b4:cf:c9:d8:a6:0f:80:24:f0:ec:e7:0b:d8:
77:39:cb:50:05:2a:6b:b3:54:c6:1b:fc:c7:65:f1:ae:cf:a9:
96:e4:56:8f:f1:61:bb:6a:12:b8:ad:8a:74:c4:d4:e0:7a:04:
98:c3:11:d5:b8:9a:6f:28:d8:9c:dd:79:0a:f7:f1:95:08:e3:
ee:d1:80:a3:e4:79:d3:43:63:1d:1a:dc:29:58:79:db:83:87:
5a:df:d3:db:ae:38:88:88:b3:3f:d6:34:73:9b:c3:3b:fc:62:
e9:b2:91:0b:f7:0d:bc:72:7d:0c:4b:97:80:47:e3:9b:a6:f9:
96:1a:1e:8c:0a:e2:be:86:1c:7e:ee:5d:1b:a9:e8:d5:67:a3:
96:71:4e:35:6f:8c:e4:7e:86:60:07:70:80:c8:a5:72:63:a3:
c4:00:c0:e6:c3:12:22:75:37:f0:cd:51:24:ec:1b:09:e5:33:
a6:8b:cd:be:46:dc:43:d8:fe:45:fb:ee:33:ae:09:e5:c0:93:
ff:ba:8e:bc
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDgEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMzA5MDEw
ODM2MjJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEVDMDY5NTlBNkYyNzBF
RkY3OEYzQTlERTFBRjA3ODZFM0I3RTA3Q0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+VtV9C6o/tRolkhcbI1WfIEYwq8SqBr59SviFXdCvm42NeZu8
+3jggbjtVopDqGnrQnaRB8yibECstEkYN6VELQCCBM3dQVyYnC5FvG4Ey/K56SpE
WCzkDbJNCCizCWsiZKqADMy/1vgDLi2pU2qKxJ2vfq1tttlwUv3fIe5xPomEVvio
dqpwj08mTiKGQv/VOKLQfOUV6EzaNfmjtciTLzEJysXZ4QItRnFwG4nht4JOsH6d
Xqkcu3RwgqxaO+0AZhqGjfv6meorF5LT/wj/qItkqbjOns7JPjaoRv/gFGsfcN1x
8LDPFGi0zT1plq55c45TiJN8QtRWAdvbRAZbAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQU7AaVmm8nDv9486neGvB4bjt+B8wwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzdBYVZtbThuRHY5NDg2bmVHdkI0Ymp0
LUI4dy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniDwwDQYJ
KoZIhvcNAQELBQADggEBAKk37UtiGbo1UHSOaC86n86duA8zFYccnkFu5NWpMVpr
uKld6Ad+d0HxanT7k5GltHZE+Tp6z+t7SHk+tM/J2KYPgCTw7OcL2Hc5y1AFKmuz
VMYb/Mdl8a7PqZbkVo/xYbtqEritinTE1OB6BJjDEdW4mm8o2JzdeQr38ZUI4+7R
gKPkedNDYx0a3ClYeduDh1rf09uuOIiIsz/WNHObwzv8YumykQv3DbxyfQxLl4BH
45um+ZYaHowK4r6GHH7uXRup6NVno5ZxTjVvjOR+hmAHcIDIpXJjo8QAwObDEiJ1
N/DNUSTsGwnlM6aLzb5G3EPY/kX77jOuCeXAk/+6jrw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:24 2025 by rpki-client