Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/CHqlm2nF1h0jrrFdJwBGJHpPUo0.roa
File: CHqlm2nF1h0jrrFdJwBGJHpPUo0.roa (raw, json)
Hash identifier: F5VyPjmFJsfu9+ymOP6I4+g25wNnYskiK+202pcSKPU=
Subject key identifier: 08:7A:A5:9B:69:C5:D6:1D:23:AE:B1:5D:27:00:46:24:7A:4F:52:8D
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 09A0
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/CHqlm2nF1h0jrrFdJwBGJHpPUo0.roa
Signing time: Wed 29 Sep 2021 02:42:34 +0000
ROA not before: Wed 29 Sep 2021 02:42:34 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9674
IP address blocks: 106.64.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2464 (0x9a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Sep 29 02:42:34 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=087AA59B69C5D61D23AEB15D270046247A4F528D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:9e:75:ae:11:d9:20:ff:6e:90:b8:97:20:
d4:fe:fb:3c:ec:b5:53:2d:a2:69:36:0b:6a:f5:24:
04:61:39:b7:f3:1f:0c:1c:23:9e:dc:5b:23:67:31:
7c:9a:95:75:3c:be:67:bf:d2:28:85:1e:74:23:1c:
b3:38:b0:10:ff:ef:b5:84:68:5b:3f:ef:6a:01:d4:
73:07:32:63:85:a3:2f:26:4e:f8:11:88:5f:d2:ae:
f7:6c:27:d7:2a:3c:53:2e:f1:62:e2:64:81:e9:c2:
86:56:e5:62:12:2c:e5:b0:54:b2:bb:97:54:3e:66:
3c:be:de:ea:f8:d3:e3:16:35:eb:00:42:55:b3:ba:
77:9d:d9:47:31:1c:13:86:17:af:e7:6e:dd:3f:f4:
54:b0:9d:f3:20:7f:cf:33:5d:5e:5c:38:77:56:81:
f0:c2:ab:ef:50:54:ca:7f:23:6e:34:d6:ba:70:b9:
0b:cd:b2:c9:1b:af:95:6d:cc:69:f4:ca:af:87:21:
f4:f6:94:db:8c:6f:4a:83:65:5b:28:a5:5b:e5:26:
e9:15:06:09:b6:c9:a8:be:d1:3d:ea:1a:59:57:9d:
09:39:64:4e:80:ac:59:45:b3:3b:33:ec:e8:63:b4:
5b:c6:03:df:b3:05:ef:75:2e:2a:7f:82:24:1f:37:
83:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7A:A5:9B:69:C5:D6:1D:23:AE:B1:5D:27:00:46:24:7A:4F:52:8D
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/CHqlm2nF1h0jrrFdJwBGJHpPUo0.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
106.64.0.0/15
Signature Algorithm: sha256WithRSAEncryption
95:c2:0d:ae:6f:5b:91:52:53:1e:57:9d:9e:ed:15:ab:5a:bb:
f1:f1:12:ca:73:10:51:9d:97:8d:76:15:b2:2e:a0:77:38:7c:
2e:76:f2:5d:ba:d8:50:eb:fc:cd:e7:ad:c4:9a:b2:0b:17:97:
3e:c3:90:83:bf:f7:62:bc:38:db:97:b6:d6:13:b4:21:fc:4e:
03:b8:1f:49:3d:d0:8a:95:71:f1:4b:f2:b6:f8:96:c5:72:dd:
54:20:9a:b7:0c:66:41:bf:10:f8:89:3b:9a:90:98:79:d0:cc:
e5:a0:03:d2:d6:26:29:13:ee:25:d3:1b:af:0b:01:91:7d:49:
17:0c:90:5e:b3:09:d9:c2:d0:eb:d6:16:65:6e:f1:f9:6b:07:
a2:b2:b4:22:db:ce:7f:0e:ea:04:7a:53:ce:71:c3:dd:b7:65:
92:17:24:0f:52:09:45:a7:ee:78:7b:6e:ca:ec:ff:1b:5b:ba:
38:88:e0:c8:d7:c6:f7:8e:25:ca:42:d0:84:0b:28:f8:a8:29:
63:ff:3a:19:f2:01:d7:c7:67:a9:56:51:74:4f:52:a2:56:21:
7c:2e:1d:1c:06:40:21:50:ea:70:37:4a:f9:30:eb:6d:0c:e3:
a7:f8:15:a4:0c:80:99:67:50:41:b4:23:25:d0:92:32:66:6e:
9f:62:71:16
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICCaAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMTA5Mjkw
MjQyMzRaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDA4N0FBNTlCNjlDNUQ2
MUQyM0FFQjE1RDI3MDA0NjI0N0E0RjUyOEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7i551rhHZIP9ukLiXINT++zzstVMtomk2C2r1JARhObfzHwwc
I57cWyNnMXyalXU8vme/0iiFHnQjHLM4sBD/77WEaFs/72oB1HMHMmOFoy8mTvgR
iF/SrvdsJ9cqPFMu8WLiZIHpwoZW5WISLOWwVLK7l1Q+Zjy+3ur40+MWNesAQlWz
uned2UcxHBOGF6/nbt0/9FSwnfMgf88zXV5cOHdWgfDCq+9QVMp/I2401rpwuQvN
sskbr5VtzGn0yq+HIfT2lNuMb0qDZVsopVvlJukVBgm2yai+0T3qGllXnQk5ZE6A
rFlFszsz7OhjtFvGA9+zBe91Lip/giQfN4PvAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUCHqlm2nF1h0jrrFdJwBGJHpPUo0wHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL0NIcWxtMm5GMWgwanJyRmRKd0JHSkhw
UFVvMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwFqQDANBgkq
hkiG9w0BAQsFAAOCAQEAlcINrm9bkVJTHlednu0Vq1q78fESynMQUZ2XjXYVsi6g
dzh8LnbyXbrYUOv8zeetxJqyCxeXPsOQg7/3Yrw425e21hO0IfxOA7gfST3QipVx
8UvytviWxXLdVCCatwxmQb8Q+Ik7mpCYedDM5aAD0tYmKRPuJdMbrwsBkX1JFwyQ
XrMJ2cLQ69YWZW7x+WsHorK0ItvOfw7qBHpTznHD3bdlkhckD1IJRafueHtuyuz/
G1u6OIjgyNfG944lykLQhAso+KgpY/86GfIB18dnqVZRdE9SolYhfC4dHAZAIVDq
cDdK+TDrbQzjp/gVpAyAmWdQQbQjJdCSMmZun2JxFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org