Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/EASPNET/KL7F2Ya997kOLYVkROVepjghFgI.roa
File: KL7F2Ya997kOLYVkROVepjghFgI.roa (raw, json)
Hash identifier: kwL/8atG5cfYCgyDnysiEg3FmknYtjSddJtu6E/nzis=
Subject key identifier: 28:BE:C5:D9:86:BD:F7:B9:0E:2D:85:64:44:E5:5E:A6:38:21:16:02
Certificate issuer: /CN=552B16164C361040D88F32D36509448CF3BB9D25
Certificate serial: 0956
Authority key identifier: 55:2B:16:16:4C:36:10:40:D8:8F:32:D3:65:09:44:8C:F3:BB:9D:25
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/KL7F2Ya997kOLYVkROVepjghFgI.roa
Signing time: Wed 29 Sep 2021 02:52:41 +0000
ROA not before: Wed 29 Sep 2021 02:52:41 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 10135
IP address blocks: 202.168.192.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2390 (0x956)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=552B16164C361040D88F32D36509448CF3BB9D25
Validity
Not Before: Sep 29 02:52:41 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=28BEC5D986BDF7B90E2D856444E55EA638211602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:db:56:2a:94:49:d6:30:26:5b:c4:6e:c5:c6:
83:e9:59:f6:40:07:fe:38:97:f2:06:0b:74:71:c6:
b7:83:b1:59:67:05:51:0f:05:66:98:5b:dc:b7:fe:
ca:1c:81:84:16:04:b9:d2:69:fa:2d:49:8f:90:5f:
79:cf:7c:f1:f0:57:1b:f5:02:64:b6:72:b4:b8:a6:
8a:a3:be:83:7a:68:8d:71:2e:72:4a:79:fd:66:e6:
b9:af:2b:c5:e8:9c:7d:dc:40:6b:48:59:ec:0b:dc:
72:bb:2f:de:c4:9e:c6:0a:a0:3f:40:e9:95:73:42:
82:36:f2:01:06:be:b9:50:fb:05:ad:9a:2c:4a:d8:
49:6d:97:7c:06:34:4b:98:91:03:af:56:a4:c5:74:
d6:9b:22:5a:b0:f0:ea:78:38:68:58:16:4b:3c:0c:
bd:07:20:7b:c7:ab:2e:3b:72:56:d6:64:45:b4:78:
6b:ac:12:e3:27:af:fa:b3:c7:b0:40:95:f0:53:5e:
3a:dd:1f:e1:69:b5:7e:d0:b9:b9:b8:52:11:14:dc:
70:d6:4c:79:6b:62:dc:e7:a1:75:77:cd:55:e2:0e:
ff:6f:ff:26:43:d4:24:22:a0:c9:4b:b8:41:b2:3d:
09:24:23:1f:b3:e3:25:4a:46:86:30:a2:aa:74:95:
08:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:BE:C5:D9:86:BD:F7:B9:0E:2D:85:64:44:E5:5E:A6:38:21:16:02
X509v3 Authority Key Identifier:
keyid:55:2B:16:16:4C:36:10:40:D8:8F:32:D3:65:09:44:8C:F3:BB:9D:25
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/VSsWFkw2EEDYjzLTZQlEjPO7nSU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/VSsWFkw2EEDYjzLTZQlEjPO7nSU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/EASPNET/KL7F2Ya997kOLYVkROVepjghFgI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
202.168.192.0/20
Signature Algorithm: sha256WithRSAEncryption
92:e1:0e:41:ea:a3:70:4c:e2:1d:cb:d4:6f:eb:c2:66:7f:99:
8d:9c:99:ac:8b:84:01:6f:4a:08:c4:66:96:a2:c2:1c:5d:09:
a9:e4:7a:79:9d:bb:91:44:3c:73:6d:fa:4e:55:3f:5f:3c:67:
60:f1:de:74:23:d3:3f:1f:cf:64:d5:1e:85:d8:11:8d:e3:9e:
77:4d:6c:85:b3:ea:8d:f3:da:c7:6f:fe:4b:75:27:80:39:4f:
de:8f:ce:9e:13:a2:e7:21:8f:ce:c0:9f:68:76:7e:e5:15:e7:
fb:bb:00:00:4b:60:40:ef:7f:1d:1b:e0:70:0f:c7:99:67:f0:
a9:33:6c:5f:bc:2e:5d:33:06:40:d5:0d:78:81:50:44:0a:e9:
81:06:54:34:45:03:ce:10:2a:5a:11:71:63:9d:6f:9a:18:5a:
79:d7:eb:38:20:5a:16:71:85:f5:f0:79:17:a6:8c:84:45:5f:
10:46:d3:9a:92:0a:9f:8a:09:fb:b8:a9:2e:da:03:06:bb:22:
ab:a4:ae:b3:c5:2e:96:86:8b:46:e2:45:72:44:25:bf:17:6c:
6a:74:b9:35:eb:d1:e2:ae:b1:72:a6:cf:81:96:56:32:a6:e1:
b3:47:02:9c:4e:b9:d8:12:de:04:26:97:f2:09:6a:bc:cc:41:
3f:b1:3b:69
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgICCVYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTUy
QjE2MTY0QzM2MTA0MEQ4OEYzMkQzNjUwOTQ0OENGM0JCOUQyNTAeFw0yMTA5Mjkw
MjUyNDFaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDI4QkVDNUQ5ODZCREY3
QjkwRTJEODU2NDQ0RTU1RUE2MzgyMTE2MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC321YqlEnWMCZbxG7FxoPpWfZAB/44l/IGC3RxxreDsVlnBVEP
BWaYW9y3/socgYQWBLnSafotSY+QX3nPfPHwVxv1AmS2crS4poqjvoN6aI1xLnJK
ef1m5rmvK8XonH3cQGtIWewL3HK7L97EnsYKoD9A6ZVzQoI28gEGvrlQ+wWtmixK
2Eltl3wGNEuYkQOvVqTFdNabIlqw8Op4OGhYFks8DL0HIHvHqy47clbWZEW0eGus
EuMnr/qzx7BAlfBTXjrdH+FptX7Qubm4UhEU3HDWTHlrYtznoXV3zVXiDv9v/yZD
1CQioMlLuEGyPQkkIx+z4yVKRoYwoqp0lQgNAgMBAAGjggHwMIIB7DAdBgNVHQ4E
FgQUKL7F2Ya997kOLYVkROVepjghFgIwHwYDVR0jBBgwFoAUVSsWFkw2EEDYjzLT
ZQlEjPO7nSUwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRUFTUE5F
VC9WU3NXRmt3MkVFRFlqekxUWlFsRWpQTzduU1UuY3JsMGAGCCsGAQUFBwEBBFQw
UjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05J
Q0NBL1ZTc1dGa3cyRUVEWWp6TFRaUWxFalBPN25TVS5jZXIwDgYDVR0PAQH/BAQD
AgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9ycGtp
Y2EudHduaWMudHcvcnBraS9UV05JQ0NBL0VBU1BORVQvS0w3RjJZYTk5N2tPTFlW
a1JPVmVwamdoRmdJLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycmRwLnR3bmlj
LnR3L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BMqowDANBgkqhkiG9w0BAQsFAAOCAQEAkuEOQeqjcEziHcvUb+vCZn+ZjZyZrIuE
AW9KCMRmlqLCHF0JqeR6eZ27kUQ8c236TlU/XzxnYPHedCPTPx/PZNUehdgRjeOe
d01shbPqjfPax2/+S3UngDlP3o/OnhOi5yGPzsCfaHZ+5RXn+7sAAEtgQO9/HRvg
cA/HmWfwqTNsX7wuXTMGQNUNeIFQRArpgQZUNEUDzhAqWhFxY51vmhhaedfrOCBa
FnGF9fB5F6aMhEVfEEbTmpIKn4oJ+7ipLtoDBrsiq6Sus8UuloaLRuJFckQlvxds
anS5NevR4q6xcqbPgZZWMqbhs0cCnE652BLeBCaX8glqvMxBP7E7aQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:31 2025 by rpki-client