Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/vlD88JKfjubvrfJixkkO8qOXw1Q.roa
File: vlD88JKfjubvrfJixkkO8qOXw1Q.roa (raw, json)
Hash identifier: WI9mcJpCdmueJ+R847XTMf8cxmi65g6pXvd6C+3w0yE=
Subject key identifier: BE:50:FC:F0:92:9F:8E:E6:EF:AD:F2:62:C6:49:0E:F2:A3:97:C3:54
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 0A8F
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/vlD88JKfjubvrfJixkkO8qOXw1Q.roa
Signing time: Thu 15 Sep 2022 02:42:12 +0000
ROA not before: Thu 15 Sep 2022 02:42:12 +0000
ROA not after: Wed 06 Sep 2023 03:00:35 +0000
asID: 9674
IP address blocks: 61.20.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2703 (0xa8f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Sep 15 02:42:12 2022 GMT
Not After : Sep 6 03:00:35 2023 GMT
Subject: CN=BE50FCF0929F8EE6EFADF262C6490EF2A397C354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e7:b3:14:8d:43:19:7f:58:32:14:c8:99:94:
20:1c:0e:cf:1b:99:84:7b:86:c6:8d:4d:d1:b6:98:
28:ab:f1:32:a1:b7:69:53:bf:97:99:ee:69:81:35:
b1:6e:2a:e3:3b:bb:86:7f:91:2c:b6:9c:77:8c:9a:
08:0c:a4:86:da:5d:04:da:c2:6a:3d:b0:d9:67:02:
ef:14:28:b3:8d:f2:0f:d2:9a:43:9f:5f:1c:cb:27:
60:9f:39:6d:6f:18:61:b8:27:db:3e:b7:20:3d:91:
69:b9:88:50:bc:b6:18:ed:1f:21:d3:e7:60:62:c7:
a9:45:04:09:a3:92:a5:f7:e3:d9:77:e8:78:7a:43:
23:88:8f:ff:b4:33:e7:b9:69:c8:e6:1c:dc:e5:4d:
f9:50:b2:bb:66:14:53:5e:87:e8:15:2e:78:2a:b4:
e1:f6:35:fa:ca:ad:ac:69:f2:17:a3:b3:d6:01:09:
6d:6d:65:d6:d9:b9:9b:6d:9b:a4:93:56:ea:95:9c:
a6:23:a1:80:95:80:cb:3d:92:14:d3:7c:43:1e:6f:
ec:8a:c4:16:47:70:a5:22:31:02:4a:28:5c:d2:bd:
86:c1:43:db:4f:5e:d8:11:8b:99:c7:01:42:5b:57:
3b:ed:a3:f4:ba:22:f4:d3:ba:e7:04:16:8e:ec:9a:
d2:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:50:FC:F0:92:9F:8E:E6:EF:AD:F2:62:C6:49:0E:F2:A3:97:C3:54
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/vlD88JKfjubvrfJixkkO8qOXw1Q.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
61.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
12:1a:08:ea:8b:43:6f:93:9f:96:00:e0:b9:a8:b3:a9:9b:10:
5b:6e:ff:f3:d9:4f:11:83:dc:79:af:d0:1e:31:a4:90:bf:d4:
fb:c7:f7:12:f9:1d:dd:d9:8c:f2:67:af:d7:d7:ce:d9:72:2d:
ae:3a:4f:d5:62:2e:36:32:90:c0:d0:ba:22:66:0e:2d:14:cd:
66:d0:f2:c7:ab:00:d6:af:1c:17:28:12:06:df:84:68:14:f6:
64:fe:76:04:cc:a4:d2:6c:de:93:16:16:20:31:bc:92:df:96:
8e:e4:85:87:a1:d7:a0:c6:5a:a6:44:50:cb:1c:6c:db:84:8b:
b5:3e:8a:45:45:34:ba:07:94:bb:7a:e6:55:68:52:a2:68:29:
47:59:c4:e0:62:37:27:12:4f:b2:25:85:a8:5d:c6:1e:58:53:
74:a5:41:ef:e0:f8:61:83:71:c3:86:d2:36:6a:48:5a:d9:26:
7d:2b:4c:fe:44:b7:89:bc:94:8e:bb:c6:65:bd:06:6e:cb:32:
66:84:71:09:99:9b:34:69:29:3c:e2:d5:98:01:b9:62:4f:63:
08:79:17:f6:1c:a0:bb:46:a8:e2:75:41:51:db:a6:60:05:dc:
5e:ed:6e:df:45:83:a4:96:1a:94:b1:e3:e7:37:62:08:b4:29:
81:db:c1:e8
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICCo8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMjA5MTUw
MjQyMTJaFw0yMzA5MDYwMzAwMzVaMDMxMTAvBgNVBAMTKEJFNTBGQ0YwOTI5RjhF
RTZFRkFERjI2MkM2NDkwRUYyQTM5N0MzNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj57MUjUMZf1gyFMiZlCAcDs8bmYR7hsaNTdG2mCir8TKht2lT
v5eZ7mmBNbFuKuM7u4Z/kSy2nHeMmggMpIbaXQTawmo9sNlnAu8UKLON8g/SmkOf
XxzLJ2CfOW1vGGG4J9s+tyA9kWm5iFC8thjtHyHT52Bix6lFBAmjkqX349l36Hh6
QyOIj/+0M+e5acjmHNzlTflQsrtmFFNeh+gVLngqtOH2NfrKraxp8hejs9YBCW1t
ZdbZuZttm6STVuqVnKYjoYCVgMs9khTTfEMeb+yKxBZHcKUiMQJKKFzSvYbBQ9tP
XtgRi5nHAUJbVzvto/S6IvTTuucEFo7smtJVAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUvlD88JKfjubvrfJixkkO8qOXw1QwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3ZsRDg4SktmanVidnJmSml4a2tPOHFP
WHcxUS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwA9FDANBgkq
hkiG9w0BAQsFAAOCAQEAEhoI6otDb5OflgDguaizqZsQW27/89lPEYPcea/QHjGk
kL/U+8f3Evkd3dmM8mev19fO2XItrjpP1WIuNjKQwNC6ImYOLRTNZtDyx6sA1q8c
FygSBt+EaBT2ZP52BMyk0mzekxYWIDG8kt+WjuSFh6HXoMZapkRQyxxs24SLtT6K
RUU0ugeUu3rmVWhSomgpR1nE4GI3JxJPsiWFqF3GHlhTdKVB7+D4YYNxw4bSNmpI
WtkmfStM/kS3ibyUjrvGZb0GbssyZoRxCZmbNGkpPOLVmAG5Yk9jCHkX9hygu0ao
4nVBUdumYAXcXu1u30WDpJYalLHj5zdiCLQpgdvB6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org