Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/DYXNET/ZAD8yNrCJ-1-1qvLPGW_HJZvQEI.roa
File: ZAD8yNrCJ-1-1qvLPGW_HJZvQEI.roa (raw, json)
Hash identifier: G/4yfmmhldkPxgLYpTQGv0Xny29dG8n74Rp+sjztPiM=
Subject key identifier: 64:00:FC:C8:DA:C2:27:ED:7E:D6:AB:CB:3C:65:BF:1C:96:6F:40:42
Certificate issuer: /CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Certificate serial: 0C02
Authority key identifier: 4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/ZAD8yNrCJ-1-1qvLPGW_HJZvQEI.roa
Signing time: Fri 03 Nov 2023 02:53:29 +0000
ROA not before: Fri 03 Nov 2023 02:53:29 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 9244
IP address blocks: 113.21.160.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3074 (0xc02)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4FB3A69964F7E96DB0B3581328F006DBCA1ABA97
Validity
Not Before: Nov 3 02:53:29 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=6400FCC8DAC227ED7ED6ABCB3C65BF1C966F4042
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:79:00:09:e5:80:cb:c6:f0:8f:d4:ae:3d:40:
d7:c3:85:96:c6:94:78:38:61:2a:92:68:2e:2d:b6:
90:e6:83:8c:7f:68:e2:c1:f6:98:06:67:e9:a4:d4:
1c:65:de:f5:99:93:cf:ea:b4:af:9d:ba:68:f9:6d:
0a:6c:2a:99:4e:68:4e:33:ab:30:7c:22:04:57:a2:
1a:bb:f6:f9:86:2d:cd:47:d8:4c:0c:42:15:6b:5f:
48:0e:6e:80:7e:7c:b2:cd:5c:a6:9b:0b:5d:3e:08:
be:5d:7d:2b:b5:e4:c2:5f:cc:61:66:2e:0c:62:4d:
d1:ec:a6:6c:b6:11:f7:13:0f:f9:59:be:e4:81:44:
06:b5:a4:65:bf:43:85:15:f8:ed:97:03:fa:a5:2a:
5a:3e:a7:6e:d0:b8:11:3f:a9:89:da:29:e1:73:47:
71:e2:e5:67:5e:75:38:97:35:16:d6:3c:f8:66:9e:
91:8f:1e:d2:6b:b4:16:68:ee:db:f3:6a:0f:89:39:
28:c5:a5:43:a7:2d:f5:e8:eb:02:e0:46:95:75:19:
54:05:41:c8:88:d6:76:6c:8a:f6:2a:fa:fa:02:c2:
5f:b9:39:30:74:ae:c2:78:72:90:ec:24:df:b3:f7:
09:ae:2f:a9:ee:a9:95:cd:95:97:58:9b:62:b7:86:
7e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:00:FC:C8:DA:C2:27:ED:7E:D6:AB:CB:3C:65:BF:1C:96:6F:40:42
X509v3 Authority Key Identifier:
keyid:4F:B3:A6:99:64:F7:E9:6D:B0:B3:58:13:28:F0:06:DB:CA:1A:BA:97
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/T7OmmWT36W2ws1gTKPAG28oaupc.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/T7OmmWT36W2ws1gTKPAG28oaupc.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/DYXNET/ZAD8yNrCJ-1-1qvLPGW_HJZvQEI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
113.21.160.0/19
Signature Algorithm: sha256WithRSAEncryption
3a:da:8e:08:b9:cd:fa:91:e2:1c:a5:ef:5c:23:9a:75:f6:da:
46:db:1f:8a:53:5b:2a:c9:38:3b:57:55:59:42:9f:36:52:2e:
aa:75:32:88:5b:38:cf:76:77:76:92:b2:07:23:61:cf:ba:79:
8c:0d:fb:0f:8d:c4:01:e3:2f:74:3a:5b:50:18:f1:f4:96:36:
8e:01:b1:f9:94:e8:2d:da:15:d3:9c:20:37:96:d8:e7:1b:1e:
97:ff:d7:ce:ee:47:f2:e6:79:66:65:c8:9d:a0:b8:0e:7b:52:
b7:03:9b:4f:7c:a7:cb:3f:41:6e:4d:90:1a:71:5d:a3:54:50:
11:42:ca:91:aa:24:a6:35:64:76:22:35:c2:cb:4f:23:c6:36:
40:ee:be:ce:a5:87:3b:dc:d6:cf:af:18:6e:5d:12:2c:f1:2c:
d1:79:be:4a:14:7b:0d:1f:a7:97:0c:59:17:cb:6d:65:98:ad:
74:ec:b3:93:3d:8b:34:f2:66:bc:f7:62:04:b1:c5:36:c1:40:
f6:dd:b0:e6:75:0b:0d:22:ea:a7:48:5c:ec:cf:a2:65:82:9b:
ee:94:86:03:8a:69:66:12:8f:95:00:8a:b9:54:e1:94:06:57:
3b:c0:11:c4:50:01:4c:8b:93:a9:08:00:ca:d7:6e:41:71:fa:
51:be:06:47
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgICDAIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNEZC
M0E2OTk2NEY3RTk2REIwQjM1ODEzMjhGMDA2REJDQTFBQkE5NzAeFw0yMzExMDMw
MjUzMjlaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDY0MDBGQ0M4REFDMjI3
RUQ3RUQ2QUJDQjNDNjVCRjFDOTY2RjQwNDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC9eQAJ5YDLxvCP1K49QNfDhZbGlHg4YSqSaC4ttpDmg4x/aOLB
9pgGZ+mk1Bxl3vWZk8/qtK+dumj5bQpsKplOaE4zqzB8IgRXohq79vmGLc1H2EwM
QhVrX0gOboB+fLLNXKabC10+CL5dfSu15MJfzGFmLgxiTdHspmy2EfcTD/lZvuSB
RAa1pGW/Q4UV+O2XA/qlKlo+p27QuBE/qYnaKeFzR3Hi5WdedTiXNRbWPPhmnpGP
HtJrtBZo7tvzag+JOSjFpUOnLfXo6wLgRpV1GVQFQciI1nZsivYq+voCwl+5OTB0
rsJ4cpDsJN+z9wmuL6nuqZXNlZdYm2K3hn45AgMBAAGjggHuMIIB6jAdBgNVHQ4E
FgQUZAD8yNrCJ+1+1qvLPGW/HJZvQEIwHwYDVR0jBBgwFoAUT7OmmWT36W2ws1gT
KPAG28oaupcwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVU
L1Q3T21tV1QzNlcyd3MxZ1RLUEFHMjhvYXVwYy5jcmwwYAYIKwYBBQUHAQEEVDBS
MFAGCCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklD
Q0EvVDdPbW1XVDM2VzJ3czFnVEtQQUcyOG9hdXBjLmNlcjAOBgNVHQ8BAf8EBAMC
B4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jwa2lj
YS50d25pYy50dy9ycGtpL1RXTklDQ0EvRFlYTkVUL1pBRDh5TnJDSi0xLTFxdkxQ
R1dfSEpadlFFSS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50
dy9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAVx
FaAwDQYJKoZIhvcNAQELBQADggEBADrajgi5zfqR4hyl71wjmnX22kbbH4pTWyrJ
ODtXVVlCnzZSLqp1MohbOM92d3aSsgcjYc+6eYwN+w+NxAHjL3Q6W1AY8fSWNo4B
sfmU6C3aFdOcIDeW2OcbHpf/187uR/LmeWZlyJ2guA57UrcDm098p8s/QW5NkBpx
XaNUUBFCypGqJKY1ZHYiNcLLTyPGNkDuvs6lhzvc1s+vGG5dEizxLNF5vkoUew0f
p5cMWRfLbWWYrXTss5M9izTyZrz3YgSxxTbBQPbdsOZ1Cw0i6qdIXOzPomWCm+6U
hgOKaWYSj5UAirlU4ZQGVzvAEcRQAUyLk6kIAMrXbkFx+lG+Bkc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:46:08 2025 by rpki-client