Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DWT/oph5vx7Nr6T2zDtj-_0Z5EjULCE.roa
File: oph5vx7Nr6T2zDtj-_0Z5EjULCE.roa (raw, json)
Hash identifier: alGVvOWbMOu01iFjE6lGUuYP0m+I4VTWwWMLI9u/2Bw=
Subject key identifier: A2:98:79:BF:1E:CD:AF:A4:F6:CC:3B:63:FB:FD:19:E4:48:D4:2C:21
Certificate issuer: /CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Certificate serial: 0C13
Authority key identifier: D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/oph5vx7Nr6T2zDtj-_0Z5EjULCE.roa
Signing time: Wed 29 Sep 2021 02:36:28 +0000
ROA not before: Wed 29 Sep 2021 02:36:28 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 131641
IP address blocks: 103.136.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3091 (0xc13)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D4F0DD0F4FB801025D586EF999C5EEE02D7C2059
Validity
Not Before: Sep 29 02:36:28 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=A29879BF1ECDAFA4F6CC3B63FBFD19E448D42C21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8e:18:68:9b:41:c3:fb:1b:ab:5c:1b:4c:e6:
a6:fd:5d:94:f6:b1:a9:85:60:b5:81:03:5c:5b:09:
e1:eb:82:fa:fc:79:6b:64:18:1a:6f:75:5b:f8:76:
50:3f:0c:9c:ab:45:20:d9:76:3c:89:dc:13:2c:f2:
ab:76:e3:f0:d3:67:b6:27:ef:14:e0:1a:56:1b:0d:
07:f1:f7:b2:04:74:16:90:56:b5:82:ea:02:b6:99:
1a:51:25:30:4c:ef:3d:b3:98:ee:43:83:b1:c4:a5:
a3:fb:a2:94:5f:45:04:61:a5:8d:e8:11:90:a7:87:
df:2d:a9:fa:69:9c:52:70:5d:32:cf:95:73:23:f4:
a0:99:0f:30:f7:91:39:e8:e4:eb:b4:da:2c:bb:fb:
c1:fa:03:6a:ae:03:47:4c:cf:10:8a:75:e7:9a:ec:
d3:08:85:7a:5a:8b:b8:0a:f3:43:b5:71:8d:b8:50:
9f:db:a2:4b:0c:23:53:ce:7d:fe:34:19:5a:a2:7a:
fb:87:2f:11:97:bb:2f:e7:18:06:d4:d6:9a:07:f7:
80:78:03:d1:32:3c:66:ae:7e:d0:ad:93:5a:ae:00:
c1:f7:05:ad:d2:6c:70:0e:27:ae:af:2e:64:ab:05:
29:7c:8a:69:c4:b4:de:0e:42:d9:e7:fe:bc:e8:eb:
9e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:98:79:BF:1E:CD:AF:A4:F6:CC:3B:63:FB:FD:19:E4:48:D4:2C:21
X509v3 Authority Key Identifier:
keyid:D4:F0:DD:0F:4F:B8:01:02:5D:58:6E:F9:99:C5:EE:E0:2D:7C:20:59
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/1PDdD0-4AQJdWG75mcXu4C18IFk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/1PDdD0-4AQJdWG75mcXu4C18IFk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DWT/oph5vx7Nr6T2zDtj-_0Z5EjULCE.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.136.60.0/23
Signature Algorithm: sha256WithRSAEncryption
15:fd:63:7d:fd:47:a6:24:ce:e6:45:cb:66:a7:b4:47:4a:2d:
5a:d0:10:bd:64:b4:ef:9a:65:0a:df:78:34:24:34:13:77:a0:
d3:3d:4d:b1:8c:92:1a:41:81:c2:51:a9:99:f4:e3:28:65:b3:
ed:2f:88:57:2d:86:38:f6:12:90:9c:56:00:9e:ab:2e:b2:82:
5d:8b:e2:7d:14:5d:f2:cb:22:4d:a1:6c:4f:e2:24:b4:05:e5:
cc:be:95:4c:a7:66:15:1e:9c:0d:1e:e0:87:0c:92:f6:9c:c5:
64:da:98:1e:e5:9a:4d:8f:d7:44:66:0f:0b:ce:0c:b4:b3:42:
9e:31:5b:d3:51:4a:b5:b8:28:cc:83:2b:1a:f1:19:f4:15:da:
d3:35:2e:32:3d:d4:e3:81:e6:74:d7:39:b7:5f:19:9f:08:fd:
a2:d7:67:55:fe:03:45:79:c0:6f:43:a0:a1:2f:37:65:d8:bb:
3c:c0:28:0d:91:f0:74:d7:15:42:58:ae:9e:c9:cb:95:e1:2e:
a1:4a:3b:7f:f0:06:59:f8:8f:af:01:18:b3:18:2f:a5:55:a3:
49:b8:8c:d8:91:1c:1c:fb:8a:1e:44:c6:37:a6:ac:b4:7c:f1:
4f:97:ef:04:14:4d:46:18:1b:8a:ca:0c:73:21:6a:2b:d6:64:
a7:ce:d8:89
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDBMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoRDRG
MEREMEY0RkI4MDEwMjVENTg2RUY5OTlDNUVFRTAyRDdDMjA1OTAeFw0yMTA5Mjkw
MjM2MjhaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEEyOTg3OUJGMUVDREFG
QTRGNkNDM0I2M0ZCRkQxOUU0NDhENDJDMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5jhhom0HD+xurXBtM5qb9XZT2samFYLWBA1xbCeHrgvr8eWtk
GBpvdVv4dlA/DJyrRSDZdjyJ3BMs8qt24/DTZ7Yn7xTgGlYbDQfx97IEdBaQVrWC
6gK2mRpRJTBM7z2zmO5Dg7HEpaP7opRfRQRhpY3oEZCnh98tqfppnFJwXTLPlXMj
9KCZDzD3kTno5Ou02iy7+8H6A2quA0dMzxCKdeea7NMIhXpai7gK80O1cY24UJ/b
oksMI1POff40GVqievuHLxGXuy/nGAbU1poH94B4A9EyPGauftCtk1quAMH3Ba3S
bHAOJ66vLmSrBSl8imnEtN4OQtnn/rzo657lAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUoph5vx7Nr6T2zDtj+/0Z5EjULCEwHwYDVR0jBBgwFoAU1PDdD0+4AQJdWG75
mcXu4C18IFkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFdULzFQ
RGREMC00QVFKZFdHNzVtY1h1NEMxOElGay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
MVBEZEQwLTRBUUpkV0c3NW1jWHU0QzE4SUZrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRFdUL29waDV2eDdOcjZUMnpEdGotXzBaNUVq
VUxDRS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFniDwwDQYJ
KoZIhvcNAQELBQADggEBABX9Y339R6YkzuZFy2antEdKLVrQEL1ktO+aZQrfeDQk
NBN3oNM9TbGMkhpBgcJRqZn04yhls+0viFcthjj2EpCcVgCeqy6ygl2L4n0UXfLL
Ik2hbE/iJLQF5cy+lUynZhUenA0e4IcMkvacxWTamB7lmk2P10RmDwvODLSzQp4x
W9NRSrW4KMyDKxrxGfQV2tM1LjI91OOB5nTXObdfGZ8I/aLXZ1X+A0V5wG9DoKEv
N2XYuzzAKA2R8HTXFUJYrp7Jy5XhLqFKO3/wBln4j68BGLMYL6VVo0m4jNiRHBz7
ih5ExjemrLR88U+X7wQUTUYYG4rKDHMhaivWZKfO2Ik=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org