Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/3IQ-GDMtm3TNfv9_gT7HG8IGNQs.roa
File: 3IQ-GDMtm3TNfv9_gT7HG8IGNQs.roa (raw, json)
Hash identifier: FA2aNKkG468ePMyKz1CsYnc9jPSwV3WYJyceA14rN0w=
Subject key identifier: DC:84:3E:18:33:2D:9B:74:CD:7E:FF:7F:81:3E:C7:1B:C2:06:35:0B
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0917
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/3IQ-GDMtm3TNfv9_gT7HG8IGNQs.roa
Signing time: Sun 07 Feb 2021 11:55:57 +0000
ROA not before: Sun 07 Feb 2021 11:55:57 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9244
IP address blocks: 113.21.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2327 (0x917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Feb 7 11:55:57 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=DC843E18332D9B74CD7EFF7F813EC71BC206350B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:06:79:e0:26:cb:f9:81:7d:42:4b:99:0c:fe:
9c:e6:ee:fd:6f:7d:65:48:d2:d2:6a:2c:b1:40:37:
cb:74:64:93:b0:c8:fb:0c:52:26:87:2c:4b:89:cc:
6b:5c:89:bb:8e:13:37:69:89:45:90:5c:0c:44:f0:
c7:22:26:90:61:43:ba:ea:4e:88:66:a2:8d:22:99:
0d:a3:12:1c:d9:08:c5:4f:2a:da:dc:b5:e2:60:dd:
c6:51:73:8d:3f:d4:1c:97:6f:fa:ef:e2:9f:49:fd:
d4:37:1c:30:61:44:8b:f1:ff:94:28:35:92:63:e5:
14:fd:e4:4b:65:da:36:f8:a1:91:b4:1a:8b:b8:a9:
c5:05:26:2b:c5:97:6c:47:26:e1:79:fc:3b:a5:1f:
5b:d3:d1:1f:c0:a1:04:8f:e4:ad:d6:45:f0:54:ff:
20:a6:9a:65:9d:f0:14:b2:b1:0d:b9:67:0b:95:c8:
8d:5b:cc:21:c2:04:f6:b5:68:48:af:d7:7d:28:85:
74:f1:49:64:b6:1a:ca:ca:63:4c:53:aa:fa:28:cc:
da:eb:dc:50:d8:fc:5e:13:0b:e1:dc:4f:fc:0b:0b:
47:c1:64:37:82:54:2c:e2:fe:15:7e:27:ba:e0:ac:
5d:f6:4a:76:22:58:9b:4b:e0:9f:83:1f:83:97:cc:
87:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:84:3E:18:33:2D:9B:74:CD:7E:FF:7F:81:3E:C7:1B:C2:06:35:0B
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/3IQ-GDMtm3TNfv9_gT7HG8IGNQs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.21.176.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:ba:44:f2:2c:49:da:d4:1a:23:65:04:e6:74:1d:7b:aa:0a:
1d:ea:2a:9e:e8:37:35:c9:51:29:04:c2:09:37:76:81:93:64:
e9:b0:8d:0a:d9:e7:d8:70:ad:03:0c:79:ee:40:32:be:37:3e:
ee:a4:d9:83:19:59:31:bc:cf:cd:63:d3:60:65:ce:26:80:13:
b6:ea:72:91:14:9b:b4:57:3b:d8:d9:68:a9:f5:5b:58:93:2a:
f3:85:98:77:da:14:97:76:2d:42:85:3a:cf:b0:0a:2a:db:16:
72:5d:c6:a1:f4:86:8b:ce:41:c2:72:f9:fd:14:08:3f:99:46:
46:a3:6e:a7:4a:78:c2:a1:fa:88:20:81:b1:d8:1a:03:40:90:
73:00:31:4b:6c:58:e7:78:fc:30:24:a5:14:c6:d2:c2:a9:2d:
47:e2:04:c0:76:4d:f5:37:c1:43:0c:86:b4:45:9c:26:93:05:
f8:36:65:9a:e3:ca:ad:fd:d0:27:62:99:8d:b7:7e:52:68:fc:
45:ee:45:65:74:af:e5:98:48:7d:7c:8c:82:04:0c:9a:da:ea:
8c:bc:3d:96:dc:03:1e:bb:3a:df:b4:c8:e0:54:94:a2:3b:a0:
40:10:44:72:a8:81:38:e0:58:2f:b6:58:6a:32:99:6f:3f:0f:
74:a7:8a:18
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICCRcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMTAyMDcx
MTU1NTdaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKERDODQzRTE4MzMyRDlC
NzRDRDdFRkY3RjgxM0VDNzFCQzIwNjM1MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDLBnngJsv5gX1CS5kM/pzm7v1vfWVI0tJqLLFAN8t0ZJOwyPsM
UiaHLEuJzGtcibuOEzdpiUWQXAxE8MciJpBhQ7rqTohmoo0imQ2jEhzZCMVPKtrc
teJg3cZRc40/1ByXb/rv4p9J/dQ3HDBhRIvx/5QoNZJj5RT95Etl2jb4oZG0Gou4
qcUFJivFl2xHJuF5/DulH1vT0R/AoQSP5K3WRfBU/yCmmmWd8BSysQ25ZwuVyI1b
zCHCBPa1aEiv130ohXTxSWS2GsrKY0xTqvoozNrr3FDY/F4TC+HcT/wLC0fBZDeC
VCzi/hV+J7rgrF32SnYiWJtL4J+DH4OXzIczAgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQU3IQ+GDMtm3TNfv9/gT7HG8IGNQswHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVULzNJUS1HRE10bTNUTmZ2OV9n
VDdIRzhJR05Rcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANx
FbAwDQYJKoZIhvcNAQELBQADggEBAFy6RPIsSdrUGiNlBOZ0HXuqCh3qKp7oNzXJ
USkEwgk3doGTZOmwjQrZ59hwrQMMee5AMr43Pu6k2YMZWTG8z81j02BlziaAE7bq
cpEUm7RXO9jZaKn1W1iTKvOFmHfaFJd2LUKFOs+wCirbFnJdxqH0hovOQcJy+f0U
CD+ZRkajbqdKeMKh+ogggbHYGgNAkHMAMUtsWOd4/DAkpRTG0sKpLUfiBMB2TfU3
wUMMhrRFnCaTBfg2ZZrjyq390CdimY23flJo/EXuRWV0r+WYSH18jIIEDJra6oy8
PZbcAx67Ot+0yOBUlKI7oEAQRHKogTjgWC+2WGoymW8/D3Snihg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:05 2024 by rpki-client on console-ams.rpki-client.org