Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/tGLGCLBUCpR-vjbCj-AN-d136NA.roa
File: tGLGCLBUCpR-vjbCj-AN-d136NA.roa (raw, json)
Hash identifier: zrjgJFfdrPU1KdRMw6HMlI1MWWZnwEyNB0XPNicoM0s=
Subject key identifier: B4:62:C6:08:B0:54:0A:94:7E:BE:36:C2:8F:E0:0D:F9:DD:77:E8:D0
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0995
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/tGLGCLBUCpR-vjbCj-AN-d136NA.roa
Signing time: Wed 29 Sep 2021 02:42:30 +0000
ROA not before: Wed 29 Sep 2021 02:42:30 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 9674
IP address blocks: 39.8.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2453 (0x995)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Sep 29 02:42:30 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=B462C608B0540A947EBE36C28FE00DF9DD77E8D0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:da:83:2a:0b:f4:79:50:27:42:64:87:65:
ad:d9:a4:15:22:d2:24:e9:bb:9d:4a:76:fd:42:e0:
7b:79:b1:86:50:0a:e3:6b:04:34:06:e9:b2:cf:44:
41:a2:c5:5b:74:b5:1a:87:b5:e6:94:15:d5:76:74:
a2:0b:32:43:66:ad:75:90:4f:cf:50:d1:00:b2:31:
d1:57:48:fd:ef:74:a7:b0:4c:69:78:5f:25:19:76:
19:27:64:f6:8a:74:7e:36:2e:66:b0:42:dd:3b:61:
49:fe:bc:a9:2c:67:9c:d6:c4:7b:c2:38:00:df:a9:
2a:0e:d6:8f:81:63:cb:07:df:fc:38:4d:b3:da:f2:
e7:a0:99:10:47:06:a3:b4:0d:ea:1f:a1:12:84:b5:
c9:cf:76:27:bb:7d:6a:3a:c5:14:63:1b:a9:ae:d1:
7a:29:8e:0d:ea:63:56:fa:57:9b:62:e7:81:ea:d5:
61:cf:5a:0b:c5:24:bc:6e:d9:36:8a:5b:ab:e4:91:
76:cc:8c:83:86:51:02:8e:71:8a:4e:0a:b2:8e:a8:
a1:a1:ed:ef:64:e6:50:db:a1:20:9a:80:1d:7c:97:
49:eb:d3:76:17:81:ea:91:08:d8:ef:48:98:e5:ea:
2f:d2:43:90:b6:d0:c8:04:f6:91:6a:ad:8c:43:be:
ee:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:62:C6:08:B0:54:0A:94:7E:BE:36:C2:8F:E0:0D:F9:DD:77:E8:D0
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/tGLGCLBUCpR-vjbCj-AN-d136NA.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
39.8.0.0/14
Signature Algorithm: sha256WithRSAEncryption
1c:d0:41:25:53:ae:0d:54:6d:96:05:13:fd:ef:b4:b6:5b:00:
2f:53:96:73:d8:c9:bf:4e:c0:78:8d:b6:b0:2c:23:76:a9:22:
f1:28:d5:33:a1:39:48:56:29:0b:35:8b:c4:93:88:9b:be:b3:
4f:8b:b4:18:00:c7:20:92:1d:bd:c0:83:91:04:f7:3c:2d:19:
f5:9a:b1:9d:61:a3:63:64:be:88:67:70:c4:84:b1:63:79:00:
49:92:27:c2:93:b5:44:8f:45:71:d9:24:86:af:58:14:26:2a:
c6:9f:10:28:7b:e0:46:63:36:42:34:cd:90:84:ae:be:0a:52:
d0:e6:ef:92:12:2a:fd:94:38:01:70:5c:10:3e:2d:d9:ab:a0:
1c:a7:cc:52:f1:42:96:f4:99:a5:df:44:3b:51:2b:d2:d4:6d:
ab:42:6b:57:a1:92:d1:33:52:97:a2:93:99:77:de:1b:f6:fd:
b6:20:bf:ca:f7:00:eb:f3:62:25:48:cb:26:91:56:f9:65:86:
18:64:38:b6:a0:f0:05:5c:72:0e:e6:50:02:d4:18:b3:23:86:
4d:e9:0f:4d:6f:c1:63:49:ed:47:b0:bd:05:00:d0:da:91:b9:
57:88:1f:7f:9e:ab:51:6c:75:7d:a0:80:39:f6:22:d0:3f:ed:
64:5c:99:34
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICCZUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMTA5Mjkw
MjQyMzBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKEI0NjJDNjA4QjA1NDBB
OTQ3RUJFMzZDMjhGRTAwREY5REQ3N0U4RDAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCoA9qDKgv0eVAnQmSHZa3ZpBUi0iTpu51Kdv1C4Ht5sYZQCuNr
BDQG6bLPREGixVt0tRqHteaUFdV2dKILMkNmrXWQT89Q0QCyMdFXSP3vdKewTGl4
XyUZdhknZPaKdH42LmawQt07YUn+vKksZ5zWxHvCOADfqSoO1o+BY8sH3/w4TbPa
8uegmRBHBqO0DeofoRKEtcnPdie7fWo6xRRjG6mu0Xopjg3qY1b6V5ti54Hq1WHP
WgvFJLxu2TaKW6vkkXbMjIOGUQKOcYpOCrKOqKGh7e9k5lDboSCagB18l0nr03YX
geqRCNjvSJjl6i/SQ5C20MgE9pFqrYxDvu45AgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUtGLGCLBUCpR+vjbCj+AN+d136NAwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3RHTEdDTEJVQ3BSLXZqYkNqLUFOLWQx
MzZOQS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwInCDANBgkq
hkiG9w0BAQsFAAOCAQEAHNBBJVOuDVRtlgUT/e+0tlsAL1OWc9jJv07AeI22sCwj
dqki8SjVM6E5SFYpCzWLxJOIm76zT4u0GADHIJIdvcCDkQT3PC0Z9ZqxnWGjY2S+
iGdwxISxY3kASZInwpO1RI9Fcdkkhq9YFCYqxp8QKHvgRmM2QjTNkISuvgpS0Obv
khIq/ZQ4AXBcED4t2augHKfMUvFClvSZpd9EO1Er0tRtq0JrV6GS0TNSl6KTmXfe
G/b9tiC/yvcA6/NiJUjLJpFW+WWGGGQ4tqDwBVxyDuZQAtQYsyOGTekPTW/BY0nt
R7C9BQDQ2pG5V4gff56rUWx1faCAOfYi0D/tZFyZNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:36 2024 by rpki-client on console-fra.rpki-client.org