Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/1TzhwJNL0iz0tR_eU5fz9Dl8sxM.roa
File: 1TzhwJNL0iz0tR_eU5fz9Dl8sxM.roa (raw, json)
Hash identifier: jEYD+BxP/pLJom2SMQ7fCOgMw/UvjaDPPaVhVnEtejA=
Subject key identifier: D5:3C:E1:C0:93:4B:D2:2C:F4:B5:1F:DE:53:97:F3:F4:39:7C:B3:13
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0BC1
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/1TzhwJNL0iz0tR_eU5fz9Dl8sxM.roa
Signing time: Fri 01 Sep 2023 08:36:42 +0000
ROA not before: Fri 01 Sep 2023 08:36:42 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9244
IP address blocks: 61.56.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3009 (0xbc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Sep 1 08:36:42 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=D53CE1C0934BD22CF4B51FDE5397F3F4397CB313
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e9:15:7f:b1:9e:51:09:3b:89:a6:f4:3c:ad:
dd:a6:46:6d:5b:79:38:a3:59:7e:07:1c:3c:8e:20:
cd:7b:6e:a0:f2:61:81:fc:ab:bc:91:55:41:72:f5:
c5:7a:19:4a:e8:65:a9:1c:a5:f6:21:e7:9e:7c:8d:
4a:8a:78:75:18:ba:b4:ed:27:73:77:72:6a:04:3e:
29:5c:94:f0:c4:a0:6e:fb:a6:f3:68:bf:65:49:67:
de:a6:53:c7:5f:1b:38:56:81:48:da:79:be:eb:61:
e5:85:87:08:5d:91:af:c7:57:e2:a8:c6:ff:f7:a7:
1f:2f:24:97:6d:2c:a5:03:cf:cc:78:d6:da:f5:53:
7e:01:5a:a9:5a:59:90:27:7a:61:0d:f7:2d:42:dd:
40:2e:3c:72:e6:78:ef:13:33:3f:49:07:29:c5:ac:
91:1c:72:be:a3:b0:ef:e1:4d:de:78:16:9a:82:a0:
69:ff:92:0c:cc:c4:64:01:59:a0:d6:0a:ff:15:9b:
65:7d:e1:dc:ef:53:41:e7:30:27:1c:68:a2:1f:af:
59:88:13:2e:aa:25:47:7f:ac:b4:b2:6d:b3:6c:a1:
30:41:47:9d:49:81:32:41:9f:7a:6c:08:9d:7e:b2:
19:e1:be:b0:5e:1e:4c:9d:9e:10:ed:c7:df:f4:e8:
51:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:3C:E1:C0:93:4B:D2:2C:F4:B5:1F:DE:53:97:F3:F4:39:7C:B3:13
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/1TzhwJNL0iz0tR_eU5fz9Dl8sxM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.56.86.0/24
Signature Algorithm: sha256WithRSAEncryption
99:5e:6e:44:e0:4c:d3:95:41:a8:a7:53:47:2a:81:e1:90:10:
06:78:1b:87:e9:ee:9f:60:2f:14:5d:8f:5a:73:f2:ff:66:46:
aa:8c:8d:77:17:22:f9:d5:31:7a:95:a0:3d:17:e5:43:ac:45:
aa:f4:4c:df:35:35:c5:52:46:2c:b7:59:53:7c:0e:56:3e:2d:
90:53:b3:1b:d8:0d:a2:f2:d9:e0:93:76:9f:9d:d2:e0:3d:f8:
87:4d:72:2b:7c:28:00:a7:ae:b9:12:08:86:3a:f8:17:19:94:
7f:bd:69:51:7c:43:49:7c:82:e2:49:bc:01:24:12:1a:9d:78:
36:29:a3:d9:62:74:87:d7:37:6e:36:db:f6:8a:ca:0f:1d:3b:
2f:32:aa:2e:c9:63:57:7e:e5:50:78:10:20:43:19:6d:fd:51:
5c:74:34:28:4f:cd:45:76:b8:d0:59:6e:d4:f5:47:e1:a3:f1:
86:c3:93:89:5e:db:0a:0d:0d:83:8e:b7:9c:7e:90:5f:a0:6c:
2b:2d:03:49:f1:bd:f2:aa:b1:15:c9:51:6a:6f:11:38:dc:af:
62:bd:25:d8:68:95:69:ab:0a:cd:db:c5:b4:af:e5:87:b2:36:
b6:f6:0f:53:7e:9a:17:b2:6d:97:1e:95:7c:bf:2e:5e:6c:57:
bb:1e:37:14
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICC8EwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMzA5MDEw
ODM2NDJaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKEQ1M0NFMUMwOTM0QkQy
MkNGNEI1MUZERTUzOTdGM0Y0Mzk3Q0IzMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDG6RV/sZ5RCTuJpvQ8rd2mRm1beTijWX4HHDyOIM17bqDyYYH8
q7yRVUFy9cV6GUroZakcpfYh5558jUqKeHUYurTtJ3N3cmoEPilclPDEoG77pvNo
v2VJZ96mU8dfGzhWgUjaeb7rYeWFhwhdka/HV+Koxv/3px8vJJdtLKUDz8x41tr1
U34BWqlaWZAnemEN9y1C3UAuPHLmeO8TMz9JBynFrJEccr6jsO/hTd54FpqCoGn/
kgzMxGQBWaDWCv8Vm2V94dzvU0HnMCccaKIfr1mIEy6qJUd/rLSybbNsoTBBR51J
gTJBn3psCJ1+shnhvrBeHkydnhDtx9/06FEFAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU1TzhwJNL0iz0tR/eU5fz9Dl8sxMwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVULzFUemh3Sk5MMGl6MHRSX2VV
NWZ6OURsOHN4TS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAA9
OFYwDQYJKoZIhvcNAQELBQADggEBAJlebkTgTNOVQainU0cqgeGQEAZ4G4fp7p9g
LxRdj1pz8v9mRqqMjXcXIvnVMXqVoD0X5UOsRar0TN81NcVSRiy3WVN8DlY+LZBT
sxvYDaLy2eCTdp+d0uA9+IdNcit8KACnrrkSCIY6+BcZlH+9aVF8Q0l8guJJvAEk
EhqdeDYpo9lidIfXN2422/aKyg8dOy8yqi7JY1d+5VB4ECBDGW39UVx0NChPzUV2
uNBZbtT1R+Gj8YbDk4le2woNDYOOt5x+kF+gbCstA0nxvfKqsRXJUWpvETjcr2K9
JdholWmrCs3bxbSv5YeyNrb2D1N+mheybZcelXy/Ll5sV7seNxQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:54 2025 by rpki-client