Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/nvoJofLN_OJqVHLcK-SO5lq-X8k.roa
File: nvoJofLN_OJqVHLcK-SO5lq-X8k.roa (raw, json)
Hash identifier: /vha5elEgrPYZNCINDUGQVNmSW1Qgt27pg96ma92xs0=
Subject key identifier: 9E:FA:09:A1:F2:CD:FC:E2:6A:54:72:DC:2B:E4:8E:E6:5A:BE:5F:C9
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0D48
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nvoJofLN_OJqVHLcK-SO5lq-X8k.roa
Signing time: Mon 15 Jan 2024 21:25:43 +0000
ROA not before: Mon 15 Jan 2024 21:25:43 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 17709
IP address blocks: 210.203.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3400 (0xd48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Jan 15 21:25:43 2024 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=9EFA09A1F2CDFCE26A5472DC2BE48EE65ABE5FC9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b3:33:68:1d:cd:d9:aa:c3:6c:01:7d:f1:15:
62:cd:e5:b7:d2:00:d6:a4:f5:a5:5e:9c:37:b4:da:
ed:7e:71:b8:43:d9:57:b1:b8:4a:9f:0f:31:a5:a6:
3a:37:bc:0e:12:b7:87:ac:3f:9d:2f:23:0c:72:25:
87:cc:1a:c5:84:79:ab:0d:29:04:0b:87:37:b7:e6:
47:68:a2:6b:71:fd:d2:d5:4e:6b:4d:3a:13:43:fb:
44:fd:44:91:8f:de:a7:17:5f:b6:e2:94:c6:ae:74:
14:62:51:e3:88:4a:ca:f4:09:26:52:eb:e6:c5:21:
df:c7:f1:47:89:dd:f1:72:ad:3d:c7:94:dd:1c:ab:
24:18:3e:c7:0b:58:04:14:10:5c:cd:46:d2:e6:2b:
1d:bb:66:40:ca:8c:b2:7a:91:35:d4:30:3b:54:a5:
43:22:4b:11:1e:e6:27:d6:f8:7a:c3:a7:76:be:ca:
5e:6f:95:b1:ef:c7:a9:9e:75:51:31:53:e4:ae:51:
ab:c0:ec:b8:44:42:b1:d6:e1:f1:d1:46:11:db:a9:
73:43:f2:68:f2:a4:d3:c9:29:96:6b:48:24:e9:bf:
81:2c:78:9d:9f:9f:75:60:7e:a4:f1:bf:b0:65:75:
10:46:43:ca:2f:62:a0:a9:1f:49:e2:5f:52:01:6c:
57:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:FA:09:A1:F2:CD:FC:E2:6A:54:72:DC:2B:E4:8E:E6:5A:BE:5F:C9
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/nvoJofLN_OJqVHLcK-SO5lq-X8k.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
210.203.0.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:34:93:9b:56:e0:dd:cf:3e:7b:58:aa:82:a5:5f:bb:f9:be:
f8:13:ac:43:54:98:87:06:d2:11:1b:b9:35:37:67:a9:9b:d1:
9f:8d:16:0c:29:fd:66:d7:85:97:16:2a:41:3f:54:5c:53:10:
e2:a3:79:fd:50:2d:02:6d:63:bb:55:32:ae:8c:12:3f:c3:8d:
67:17:0b:1d:f4:8d:aa:7c:f4:44:c6:8f:6e:f3:04:f3:63:66:
b9:20:da:b6:63:dc:77:0f:91:a8:e5:1b:77:f4:75:ef:8e:4b:
53:3b:69:8e:b5:63:f3:22:34:ec:49:e2:7d:6b:5c:ac:1a:8e:
3b:59:1b:37:da:24:b8:df:ab:a0:ba:e6:fa:66:d3:ca:c8:f5:
62:13:03:c0:46:65:99:6c:77:16:6e:f8:35:bb:15:32:61:d7:
ac:6a:7f:6b:3d:db:20:f0:9a:fd:c3:17:cc:8f:d4:d4:49:05:
f5:e8:9e:0a:37:6c:d5:42:06:c9:48:9f:d4:0f:8d:57:1b:8d:
c3:63:9c:a3:90:52:65:53:7f:15:a8:9c:00:65:b5:ff:c0:3a:
1c:6f:c4:14:c0:c3:69:2f:cd:3f:2a:3c:f0:28:ad:83:62:e7:
0a:03:f3:f8:65:63:5c:29:7a:d0:ab:1b:95:c1:9a:cf:d2:37:
8c:1d:41:08
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICDUgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yNDAxMTUy
MTI1NDNaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDlFRkEwOUExRjJDREZD
RTI2QTU0NzJEQzJCRTQ4RUU2NUFCRTVGQzkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC8szNoHc3ZqsNsAX3xFWLN5bfSANak9aVenDe02u1+cbhD2Vex
uEqfDzGlpjo3vA4St4esP50vIwxyJYfMGsWEeasNKQQLhze35kdoomtx/dLVTmtN
OhND+0T9RJGP3qcXX7bilMaudBRiUeOISsr0CSZS6+bFId/H8UeJ3fFyrT3HlN0c
qyQYPscLWAQUEFzNRtLmKx27ZkDKjLJ6kTXUMDtUpUMiSxEe5ifW+HrDp3a+yl5v
lbHvx6medVExU+SuUavA7LhEQrHW4fHRRhHbqXND8mjypNPJKZZrSCTpv4EseJ2f
n3VgfqTxv7BldRBGQ8ovYqCpH0niX1IBbFfTAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUnvoJofLN/OJqVHLcK+SO5lq+X8kwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL252b0pvZkxOX09KcVZITGNLLVNPNWxx
LVg4ay5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADSywAwDQYJ
KoZIhvcNAQELBQADggEBAH40k5tW4N3PPntYqoKlX7v5vvgTrENUmIcG0hEbuTU3
Z6mb0Z+NFgwp/WbXhZcWKkE/VFxTEOKjef1QLQJtY7tVMq6MEj/DjWcXCx30jap8
9ETGj27zBPNjZrkg2rZj3HcPkajlG3f0de+OS1M7aY61Y/MiNOxJ4n1rXKwajjtZ
GzfaJLjfq6C65vpm08rI9WITA8BGZZlsdxZu+DW7FTJh16xqf2s92yDwmv3DF8yP
1NRJBfXongo3bNVCBslIn9QPjVcbjcNjnKOQUmVTfxWonABltf/AOhxvxBTAw2kv
zT8qPPAorYNi5woD8/hlY1wpetCrG5XBms/SN4wdQQg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:39:18 2025 by rpki-client