Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/NhNoemG2iAigLBHZPQlZTfNTiUU.roa
File: NhNoemG2iAigLBHZPQlZTfNTiUU.roa (raw, json)
Hash identifier: RMBepQL7fnHZl7jO5MfC0fQToORQ6qr/mdT/o/2rsUo=
Subject key identifier: 36:13:68:7A:61:B6:88:08:A0:2C:11:D9:3D:09:59:4D:F3:53:89:45
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0C0C
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/NhNoemG2iAigLBHZPQlZTfNTiUU.roa
Signing time: Wed 29 Sep 2021 02:36:26 +0000
ROA not before: Wed 29 Sep 2021 02:36:26 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131641
IP address blocks: 103.136.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3084 (0xc0c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 29 02:36:26 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=3613687A61B68808A02C11D93D09594DF3538945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:79:28:f8:dc:e5:9a:ac:00:80:09:39:8c:44:
54:bd:af:60:43:ff:f6:9d:9c:42:8f:04:56:8f:89:
18:95:74:c6:d3:dc:3e:a0:fb:37:23:80:db:3e:5b:
55:11:bf:3c:63:20:58:69:7a:7a:b8:32:78:2e:b1:
0a:3d:48:85:f5:8e:03:7b:46:7a:d9:d4:3e:ba:7b:
e4:f5:63:bc:9c:c5:a5:24:3a:da:9b:45:16:36:01:
a2:09:14:28:ff:d4:af:1f:80:d2:a3:c2:6d:8f:64:
78:13:17:ce:e0:f7:b7:b6:32:55:5f:c6:b9:8e:91:
ee:d6:b1:a5:71:ed:9e:b1:d7:92:a4:f9:aa:0b:ac:
ab:52:ad:b7:78:15:f8:1e:d9:6f:db:cd:07:e9:79:
d5:d3:d3:06:bc:e6:17:c3:46:80:41:17:1b:0e:5c:
83:4d:71:a1:90:fe:0a:10:9f:c8:e7:b7:73:04:6a:
c1:a2:79:c6:76:3c:35:c6:52:9f:93:78:e5:db:aa:
7c:80:ae:1b:b7:de:78:05:0f:f9:e3:1e:0f:9d:43:
7d:99:25:f0:ed:88:5a:c0:6b:41:31:71:97:ef:b8:
d6:be:e0:22:ca:d3:9e:d9:94:79:e4:59:6c:a6:c2:
ea:06:f3:ed:0e:e6:40:38:7c:bf:13:10:56:43:1c:
c3:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:13:68:7A:61:B6:88:08:A0:2C:11:D9:3D:09:59:4D:F3:53:89:45
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/NhNoemG2iAigLBHZPQlZTfNTiUU.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:8e:b4:3a:51:1d:d0:c9:6a:3f:69:48:e1:27:84:45:87:a6:
5f:ac:7f:b3:26:6c:64:52:dd:1b:1d:04:50:11:a8:95:09:9b:
61:83:f3:dd:67:65:13:2c:e0:9d:38:ae:c0:6a:07:76:7b:06:
4a:90:62:93:01:a4:5d:a6:b8:66:73:fe:b9:1b:d1:7b:69:05:
9c:46:c4:f5:c0:86:da:d9:13:08:d6:bf:b0:11:dc:1c:62:78:
14:61:f2:bd:52:78:3e:11:a3:d0:38:d8:34:f8:42:d5:65:06:
85:db:b8:79:21:2f:77:c0:29:ba:de:af:46:b7:93:b2:45:7a:
cc:4f:4c:4e:89:47:a0:71:af:d3:d3:8b:95:dd:11:b8:a1:fa:
66:2c:24:47:fa:fe:ac:b0:11:15:b0:36:9d:2c:08:21:38:eb:
60:e9:c0:f1:ed:f0:dd:91:33:4f:b0:fe:1a:89:0c:8b:49:26:
12:6a:38:8c:71:f8:d3:20:98:e7:93:a0:8b:a2:f6:2f:b8:01:
cb:d8:bd:60:00:72:b4:ce:36:c2:c1:ad:8a:4f:d8:4f:8a:31:
80:f5:8d:c7:a9:f4:a2:6b:ba:51:d2:8f:0f:e6:45:69:68:41:
79:12:d2:a5:6f:99:0f:ed:68:fb:8e:5d:04:eb:64:79:69:a4:
a1:3d:ab:0a
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDAwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMTA5Mjkw
MjM2MjZaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM2MTM2ODdBNjFCNjg4
MDhBMDJDMTFEOTNEMDk1OTRERjM1Mzg5NDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7eSj43OWarACACTmMRFS9r2BD//adnEKPBFaPiRiVdMbT3D6g
+zcjgNs+W1URvzxjIFhpenq4MngusQo9SIX1jgN7RnrZ1D66e+T1Y7ycxaUkOtqb
RRY2AaIJFCj/1K8fgNKjwm2PZHgTF87g97e2MlVfxrmOke7WsaVx7Z6x15Kk+aoL
rKtSrbd4Ffge2W/bzQfpedXT0wa85hfDRoBBFxsOXINNcaGQ/goQn8jnt3MEasGi
ecZ2PDXGUp+TeOXbqnyArhu33ngFD/njHg+dQ32ZJfDtiFrAa0ExcZfvuNa+4CLK
057ZlHnkWWymwuoG8+0O5kA4fL8TEFZDHMPjAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUNhNoemG2iAigLBHZPQlZTfNTiUUwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL05oTm9lbUcyaUFpZ0xCSFpQUWxaVGZO
VGlVVS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABniDwwDQYJ
KoZIhvcNAQELBQADggEBAEuOtDpRHdDJaj9pSOEnhEWHpl+sf7MmbGRS3RsdBFAR
qJUJm2GD891nZRMs4J04rsBqB3Z7BkqQYpMBpF2muGZz/rkb0XtpBZxGxPXAhtrZ
EwjWv7AR3BxieBRh8r1SeD4Ro9A42DT4QtVlBoXbuHkhL3fAKbrer0a3k7JFesxP
TE6JR6Bxr9PTi5XdEbih+mYsJEf6/qywERWwNp0sCCE462DpwPHt8N2RM0+w/hqJ
DItJJhJqOIxx+NMgmOeToIui9i+4AcvYvWAAcrTONsLBrYpP2E+KMYD1jcep9KJr
ulHSjw/mRWloQXkS0qVvmQ/taPuOXQTrZHlppKE9qwo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:35 2024 by rpki-client on console-fra.rpki-client.org