Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/nduonBP5NxJZSHEqEPy3OjxjQlg.roa
File: nduonBP5NxJZSHEqEPy3OjxjQlg.roa (raw, json)
Hash identifier: XSbCGlq83/3HBKVY5fY5nhHVop2jZ5qfHQjfHnTOVJk=
Subject key identifier: 9D:DB:A8:9C:13:F9:37:12:59:48:71:2A:10:FC:B7:3A:3C:63:42:58
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0A8F
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nduonBP5NxJZSHEqEPy3OjxjQlg.roa
Signing time: Thu 15 Sep 2022 02:42:14 +0000
ROA not before: Thu 15 Sep 2022 02:42:14 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9674
IP address blocks: 211.77.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2703 (0xa8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Sep 15 02:42:14 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=9DDBA89C13F937125948712A10FCB73A3C634258
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e8:b1:1e:17:5d:76:12:ce:26:97:0f:bb:e2:
c1:7e:29:d8:9b:cc:8c:0c:b9:74:23:fb:08:3a:e0:
ca:b3:48:07:c0:3a:41:9f:4c:17:5f:56:16:1e:47:
b9:95:60:96:be:90:23:3e:a5:eb:2a:14:5b:9c:29:
a5:dc:13:a0:b2:18:f1:16:67:82:1f:03:65:db:17:
93:b5:11:a8:db:58:09:b6:b6:e2:50:88:f1:83:dd:
d8:ae:03:2c:68:a0:78:a7:52:44:63:d5:e0:1c:9c:
5c:46:aa:dc:86:a1:6b:dd:75:20:19:f2:c0:b8:77:
02:7e:67:09:83:02:19:45:52:7d:86:98:3e:58:21:
c1:ab:2a:63:32:b2:ad:93:01:09:2e:44:2d:04:21:
63:b9:43:ae:ba:ed:ab:5e:2b:bb:84:19:1e:f6:bf:
f0:6c:3a:37:d1:7b:a1:0b:76:b9:ce:c6:ed:16:34:
87:a4:f4:41:59:6f:8d:ac:09:77:ee:35:51:25:4d:
8c:88:01:86:24:52:92:07:a1:94:81:f0:2f:3c:63:
62:1e:1f:ad:a4:89:09:ca:bb:45:83:b2:c6:6f:22:
ca:8b:ae:77:78:9f:59:09:81:28:94:8d:7c:ec:27:
d5:05:ca:6c:32:25:7d:5c:5b:a5:d3:95:bf:a4:8d:
12:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:DB:A8:9C:13:F9:37:12:59:48:71:2A:10:FC:B7:3A:3C:63:42:58
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nduonBP5NxJZSHEqEPy3OjxjQlg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
211.77.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:96:76:4d:10:c3:2c:97:48:09:b6:17:92:62:50:df:dc:43:
b9:6c:c4:31:4e:09:67:1d:d0:52:7d:d6:f5:75:6d:45:4c:1b:
66:f2:69:3a:b5:91:69:1a:62:f6:6e:73:e2:43:89:ff:be:10:
4a:ab:bc:a2:bf:31:d3:b0:fc:c7:91:80:4a:68:85:21:bf:cf:
10:11:e6:e4:ee:2e:d3:91:52:95:6c:ee:de:f2:10:d3:48:f7:
8f:d1:4e:32:90:d8:1e:5a:a3:6b:35:24:cd:90:93:e2:57:83:
9e:4c:2d:00:e0:7d:04:1a:ea:87:d9:da:30:2f:5c:a6:9d:d2:
11:74:f4:0e:4e:a2:a8:f0:7b:c2:23:4c:6a:00:16:5b:6c:5d:
8c:56:c8:a7:c3:95:72:68:c5:43:68:5b:ad:43:dc:25:9d:df:
ff:19:13:ec:18:c2:3e:67:6f:cc:0b:34:a0:1b:cc:36:4b:11:
36:d0:7c:db:0d:3d:03:92:1f:1a:d2:19:d2:91:fd:48:0a:a8:
30:5d:af:39:4d:a0:14:2b:b2:fe:d2:63:14:5c:97:65:2c:5a:
31:c2:0c:61:2d:98:73:25:0c:02:9c:17:3f:b4:d1:50:61:d7:
a5:46:4c:cb:7c:88:6f:8b:32:56:92:a9:90:fb:7c:08:90:27:
87:e5:94:11
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICCo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMjA5MTUw
MjQyMTRaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKDlEREJBODlDMTNGOTM3
MTI1OTQ4NzEyQTEwRkNCNzNBM0M2MzQyNTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDh6LEeF112Es4mlw+74sF+KdibzIwMuXQj+wg64MqzSAfAOkGf
TBdfVhYeR7mVYJa+kCM+pesqFFucKaXcE6CyGPEWZ4IfA2XbF5O1EajbWAm2tuJQ
iPGD3diuAyxooHinUkRj1eAcnFxGqtyGoWvddSAZ8sC4dwJ+ZwmDAhlFUn2GmD5Y
IcGrKmMysq2TAQkuRC0EIWO5Q6667ateK7uEGR72v/BsOjfRe6ELdrnOxu0WNIek
9EFZb42sCXfuNVElTYyIAYYkUpIHoZSB8C88Y2IeH62kiQnKu0WDssZvIsqLrnd4
n1kJgSiUjXzsJ9UFymwyJX1cW6XTlb+kjRInAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUnduonBP5NxJZSHEqEPy3OjxjQlgwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL25kdW9uQlA1TnhKWlNIRXFFUHkzT2p4
alFsZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwDTTTANBgkq
hkiG9w0BAQsFAAOCAQEAoZZ2TRDDLJdICbYXkmJQ39xDuWzEMU4JZx3QUn3W9XVt
RUwbZvJpOrWRaRpi9m5z4kOJ/74QSqu8or8x07D8x5GASmiFIb/PEBHm5O4u05FS
lWzu3vIQ00j3j9FOMpDYHlqjazUkzZCT4leDnkwtAOB9BBrqh9naMC9cpp3SEXT0
Dk6iqPB7wiNMagAWW2xdjFbIp8OVcmjFQ2hbrUPcJZ3f/xkT7BjCPmdvzAs0oBvM
NksRNtB82w09A5IfGtIZ0pH9SAqoMF2vOU2gFCuy/tJjFFyXZSxaMcIMYS2YcyUM
ApwXP7TRUGHXpUZMy3yIb4syVpKpkPt8CJAnh+WUEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org