Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/FET/xQ3XriAEsaSWu81vncErIdAfdpM.roa
File: xQ3XriAEsaSWu81vncErIdAfdpM.roa (raw, json)
Hash identifier: kN5mHN4ayg7p48NtH1rgxop/v44xmmIySocI9e/D1ek=
Subject key identifier: C5:0D:D7:AE:20:04:B1:A4:96:BB:CD:6F:9D:C1:2B:21:D0:1F:76:93
Certificate issuer: /CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Certificate serial: 08DC
Authority key identifier: 3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/xQ3XriAEsaSWu81vncErIdAfdpM.roa
Signing time: Sun 07 Feb 2021 05:54:01 +0000
ROA not before: Sun 07 Feb 2021 05:54:01 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 9674
IP address blocks: 114.140.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2268 (0x8dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3E63A587D5E71FBBD8C81EC34FE5366AC691AB51
Validity
Not Before: Feb 7 05:54:01 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=C50DD7AE2004B1A496BBCD6F9DC12B21D01F7693
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d8:12:20:51:0b:29:67:0b:92:f7:db:ac:7d:
d3:50:19:96:e0:25:8d:dd:13:0d:ff:82:1c:52:58:
cf:91:4b:4d:7a:cc:00:dc:cb:5a:36:63:22:9f:90:
8b:6d:fd:2b:b8:e5:ce:53:27:88:37:d7:f5:c8:4f:
77:c2:1d:48:dd:0a:96:9c:2c:01:07:fa:85:2f:48:
4c:ac:66:08:7b:d8:89:1e:60:55:69:34:5e:b2:14:
49:f7:cd:6b:87:3d:ab:89:17:4f:ea:b0:3b:81:93:
89:04:91:a0:07:b7:08:80:fb:58:a3:3a:51:01:e0:
9f:6f:9a:9d:7f:2a:c0:c8:c6:c4:bc:bb:09:49:99:
f5:8a:33:ff:53:5b:6a:6e:73:59:af:80:35:86:1d:
2a:e3:39:f5:f9:9c:d4:a1:3d:2c:56:bf:05:cf:67:
60:5a:d9:8b:bf:87:f8:b3:e3:64:0e:47:f7:18:1b:
95:4c:ae:9d:91:ac:e5:fa:7e:19:9b:49:91:f0:d5:
70:9b:c5:58:ef:de:fd:22:ed:9c:d6:42:28:0d:0c:
66:cc:db:7a:5b:6a:ae:aa:05:98:1e:57:bd:58:4e:
2e:6c:01:e2:39:0f:c3:21:ce:f4:fa:9a:ec:79:d1:
cf:bf:d2:12:40:99:77:09:a2:57:8e:f3:55:cd:88:
eb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:0D:D7:AE:20:04:B1:A4:96:BB:CD:6F:9D:C1:2B:21:D0:1F:76:93
X509v3 Authority Key Identifier:
keyid:3E:63:A5:87:D5:E7:1F:BB:D8:C8:1E:C3:4F:E5:36:6A:C6:91:AB:51
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/PmOlh9XnH7vYyB7DT-U2asaRq1E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/PmOlh9XnH7vYyB7DT-U2asaRq1E.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/FET/xQ3XriAEsaSWu81vncErIdAfdpM.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
114.140.0.0/16
Signature Algorithm: sha256WithRSAEncryption
68:65:45:47:ee:d5:71:19:81:f2:6a:39:a2:49:ab:16:09:ec:
62:96:29:4f:9e:6b:4f:f8:16:d8:d2:cb:3f:1d:0e:18:91:65:
4a:20:67:02:3a:81:fb:70:ff:32:40:12:34:48:7f:81:83:04:
c1:81:71:a7:1f:b7:2d:2a:c7:df:bf:cd:40:4b:7c:68:08:4f:
90:ec:5d:d6:b8:02:38:f9:3d:ed:45:e3:c3:6d:8a:aa:b8:32:
e8:33:22:2b:90:90:e7:8e:40:ff:6d:3a:4c:0d:06:a0:61:7e:
18:32:47:0d:81:a6:fd:32:26:98:ab:eb:f5:cc:f6:51:3c:3c:
42:cf:a0:72:bc:5f:56:96:49:d0:07:d4:8d:4c:17:8c:4f:e3:
a1:72:2c:b3:5c:b2:d2:c8:09:de:26:64:22:6f:5f:f0:0c:e3:
34:37:95:a5:6c:a1:da:4b:c2:3d:4b:3b:03:56:be:42:69:f1:
1d:57:64:42:ea:60:57:c6:12:11:de:0e:30:1d:ee:b4:94:ec:
3c:0a:2d:6d:8f:b3:cf:93:a8:ef:ef:18:ee:63:2d:75:e9:e2:
77:e5:eb:31:65:0a:ab:87:cd:e8:04:c1:41:c7:c8:00:20:3c:
ba:91:ad:2b:69:71:53:6a:37:aa:b1:41:c0:31:dc:00:b6:0c:
db:20:06:dd
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICCNwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoM0U2
M0E1ODdENUU3MUZCQkQ4QzgxRUMzNEZFNTM2NkFDNjkxQUI1MTAeFw0yMTAyMDcw
NTU0MDFaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKEM1MEREN0FFMjAwNEIx
QTQ5NkJCQ0Q2RjlEQzEyQjIxRDAxRjc2OTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDc2BIgUQspZwuS99usfdNQGZbgJY3dEw3/ghxSWM+RS016zADc
y1o2YyKfkItt/Su45c5TJ4g31/XIT3fCHUjdCpacLAEH+oUvSEysZgh72IkeYFVp
NF6yFEn3zWuHPauJF0/qsDuBk4kEkaAHtwiA+1ijOlEB4J9vmp1/KsDIxsS8uwlJ
mfWKM/9TW2puc1mvgDWGHSrjOfX5nNShPSxWvwXPZ2Ba2Yu/h/iz42QOR/cYG5VM
rp2RrOX6fhmbSZHw1XCbxVjv3v0i7ZzWQigNDGbM23pbaq6qBZgeV71YTi5sAeI5
D8MhzvT6mux50c+/0hJAmXcJoleO81XNiOt3AgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUxQ3XriAEsaSWu81vncErIdAfdpMwHwYDVR0jBBgwFoAUPmOlh9XnH7vYyB7D
T+U2asaRq1EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL1Bt
T2xoOVhuSDd2WXlCN0RULVUyYXNhUnExRS5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
UG1PbGg5WG5IN3ZZeUI3RFQtVTJhc2FScTFFLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvRkVUL3hRM1hyaUFFc2FTV3U4MXZuY0VySWRB
ZmRwTS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwByjDANBgkq
hkiG9w0BAQsFAAOCAQEAaGVFR+7VcRmB8mo5okmrFgnsYpYpT55rT/gW2NLLPx0O
GJFlSiBnAjqB+3D/MkASNEh/gYMEwYFxpx+3LSrH37/NQEt8aAhPkOxd1rgCOPk9
7UXjw22Kqrgy6DMiK5CQ545A/206TA0GoGF+GDJHDYGm/TImmKvr9cz2UTw8Qs+g
crxfVpZJ0AfUjUwXjE/joXIss1yy0sgJ3iZkIm9f8AzjNDeVpWyh2kvCPUs7A1a+
QmnxHVdkQupgV8YSEd4OMB3utJTsPAotbY+zz5Oo7+8Y7mMtdenid+XrMWUKq4fN
6ATBQcfIACA8upGtK2lxU2o3qrFBwDHcALYM2yAG3Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org