Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/KZUV7xJEnLf3OK132ijV7nEbYdU.roa
File: KZUV7xJEnLf3OK132ijV7nEbYdU.roa (raw, json)
Hash identifier: 6WQSdat73/k8TMcvlF+1iZD4wlZt4lNEWVS0vKbint4=
Subject key identifier: 29:95:15:EF:12:44:9C:B7:F7:38:AD:77:DA:28:D5:EE:71:1B:61:D5
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0B60
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/KZUV7xJEnLf3OK132ijV7nEbYdU.roa
Signing time: Sun 07 Feb 2021 11:53:22 +0000
ROA not before: Sun 07 Feb 2021 11:53:22 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 131641
IP address blocks: 103.136.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2912 (0xb60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Feb 7 11:53:22 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=299515EF12449CB7F738AD77DA28D5EE711B61D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:9b:a8:ee:7a:a6:8c:01:95:9e:78:a8:d4:6a:
50:22:85:84:2e:87:52:ce:1a:91:4b:fe:20:bc:e1:
94:60:5c:a9:8f:48:4b:93:bb:01:f7:20:a6:5c:39:
55:09:2a:78:99:00:08:8b:12:8b:69:ae:b3:b2:18:
10:ca:50:6f:85:f4:76:9d:9b:20:04:5c:10:dc:bc:
cb:3d:d5:81:77:1d:14:3a:35:99:c2:e2:c3:f3:a8:
4a:05:ba:fb:9a:3f:08:e5:7a:34:a1:58:36:45:61:
75:0e:c5:23:19:c9:4f:7e:4e:e1:b1:0b:04:2b:3f:
13:19:9b:5f:29:02:c6:8b:07:f2:2b:58:3c:b6:4d:
2b:67:ee:71:e0:cd:c1:5c:ab:d3:7a:eb:dc:cb:56:
c6:9c:15:40:da:28:3c:16:fd:4e:f6:b1:83:4f:76:
86:dc:a2:6a:ab:57:55:52:11:81:10:7c:4c:70:52:
6d:51:2a:2b:8d:be:21:67:d6:2d:b5:08:ca:6e:14:
c0:0f:ba:37:b9:17:02:f0:67:bc:95:b3:be:4d:ea:
e2:6e:84:be:8e:98:b2:7f:65:83:10:10:c7:ed:cc:
59:bb:47:c7:5e:a5:41:90:fa:fd:94:08:06:f3:3d:
53:db:13:fc:86:a2:97:ec:a9:36:cc:2a:95:7f:08:
f1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:95:15:EF:12:44:9C:B7:F7:38:AD:77:DA:28:D5:EE:71:1B:61:D5
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/KZUV7xJEnLf3OK132ijV7nEbYdU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/23
Signature Algorithm: sha256WithRSAEncryption
24:7d:fd:dc:c0:11:93:24:94:bf:9f:6c:2c:b4:88:06:45:d0:
ed:80:da:3d:b6:72:c0:fe:8e:cb:b0:96:6f:f3:4e:4c:da:5e:
8e:c3:86:67:26:4c:1e:e6:38:31:64:af:05:a1:1f:08:03:bc:
25:ea:0b:7f:42:72:3d:73:cb:67:61:04:23:2a:c2:97:ea:ef:
51:57:1b:78:f6:57:e5:e2:70:75:6c:9f:e0:d4:0c:af:45:18:
9e:4a:89:e7:be:b6:cb:74:d1:14:7b:48:e2:3f:69:98:40:b2:
f6:d3:ea:b2:51:ea:a1:74:7e:05:7a:d6:b1:79:db:bf:4d:21:
55:4f:79:ca:e2:9d:09:ae:1a:a6:9b:aa:86:ac:30:90:11:c4:
d7:b8:3d:45:31:50:84:3b:a6:0c:e1:92:38:5d:02:d8:90:c8:
77:9a:17:69:c8:3d:ab:94:7c:aa:31:58:28:2d:92:93:6d:6a:
08:f5:7e:4f:13:41:33:d6:a0:9a:dd:df:4b:31:d7:a8:25:fd:
35:d7:a1:b0:6a:36:cb:c4:6a:28:a0:d4:3c:b7:25:f1:f6:4f:
2a:fe:11:b1:59:c6:be:2e:08:a8:60:4e:e3:e8:e2:d2:2b:b3:
ac:9b:da:67:df:f5:d3:1d:52:f1:15:a1:25:5a:81:ba:db:9c:
a3:2a:67:04
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICC2AwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMTAyMDcx
MTUzMjJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDI5OTUxNUVGMTI0NDlD
QjdGNzM4QUQ3N0RBMjhENUVFNzExQjYxRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDtm6jueqaMAZWeeKjUalAihYQuh1LOGpFL/iC84ZRgXKmPSEuT
uwH3IKZcOVUJKniZAAiLEotprrOyGBDKUG+F9HadmyAEXBDcvMs91YF3HRQ6NZnC
4sPzqEoFuvuaPwjlejShWDZFYXUOxSMZyU9+TuGxCwQrPxMZm18pAsaLB/IrWDy2
TStn7nHgzcFcq9N669zLVsacFUDaKDwW/U72sYNPdobcomqrV1VSEYEQfExwUm1R
KiuNviFn1i21CMpuFMAPuje5FwLwZ7yVs75N6uJuhL6OmLJ/ZYMQEMftzFm7R8de
pUGQ+v2UCAbzPVPbE/yGopfsqTbMKpV/CPHLAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUKZUV7xJEnLf3OK132ijV7nEbYdUwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL0taVVY3eEpFbkxmM09LMTMyaWpWN25F
YllkVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFniDwwDQYJ
KoZIhvcNAQELBQADggEBACR9/dzAEZMklL+fbCy0iAZF0O2A2j22csD+jsuwlm/z
TkzaXo7DhmcmTB7mODFkrwWhHwgDvCXqC39Ccj1zy2dhBCMqwpfq71FXG3j2V+Xi
cHVsn+DUDK9FGJ5Kiee+tst00RR7SOI/aZhAsvbT6rJR6qF0fgV61rF5279NIVVP
ecrinQmuGqabqoasMJARxNe4PUUxUIQ7pgzhkjhdAtiQyHeaF2nIPauUfKoxWCgt
kpNtagj1fk8TQTPWoJrd30sx16gl/TXXobBqNsvEaiig1Dy3JfH2Tyr+EbFZxr4u
CKhgTuPo4tIrs6yb2mff9dMdUvEVoSVagbrbnKMqZwQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org