Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/ALpJvwsoOIrid0d1lASC6GYb7PY.roa
File: ALpJvwsoOIrid0d1lASC6GYb7PY.roa (raw, json)
Hash identifier: JjKcHrO4TnmMwtjiTOfjuy14DrtCNjFmlgyKPAw6Cuk=
Subject key identifier: 00:BA:49:BF:0B:28:38:8A:E2:77:47:75:94:04:82:E8:66:1B:EC:F6
Certificate issuer: /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Certificate serial: 08E0
Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/ALpJvwsoOIrid0d1lASC6GYb7PY.roa
Signing time: Sun 07 Feb 2021 11:53:33 +0000
ROA not before: Sun 07 Feb 2021 11:53:33 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4782
IP address blocks: 124.199.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2272 (0x8e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Validity
Not Before: Feb 7 11:53:33 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=00BA49BF0B28388AE2774775940482E8661BECF6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:73:db:0d:cf:78:0a:29:08:c7:d5:f1:22:0c:
0c:23:d8:0a:0d:e4:55:90:59:27:e4:12:95:ff:b1:
06:bd:c6:9e:7a:a4:0f:54:fd:86:f9:b0:19:27:70:
93:33:76:d6:c0:1b:ec:2d:ee:28:ec:c5:15:5c:d5:
65:97:92:2f:2c:a1:59:b7:17:2a:e8:02:5f:cf:4d:
b0:c8:46:3f:53:6e:77:06:38:f0:1b:0a:b4:f3:c0:
96:b4:c2:8a:d7:f0:67:23:08:8f:21:84:39:18:42:
57:f7:89:e1:4b:ab:cc:ea:6d:8e:29:2e:fa:30:30:
4d:af:b1:e1:48:40:ba:54:01:d4:4d:42:ef:46:60:
09:68:83:58:be:d0:07:47:02:4d:72:65:60:87:bb:
ae:c3:a9:f8:be:2f:23:ea:fd:9a:e3:48:63:65:99:
27:77:08:d3:c9:d2:aa:bf:a9:7f:27:28:2c:36:21:
bc:42:b5:ef:bf:77:82:2b:9a:1f:fc:54:7d:f9:99:
7e:ef:66:6c:8c:50:11:46:60:11:f8:54:f2:6a:e3:
79:1e:27:03:96:a7:7d:31:a0:f1:48:4c:9c:e1:66:
b5:9a:6f:e7:6e:ca:15:92:c2:8d:67:d6:66:26:48:
e1:9d:ee:57:35:03:0e:a3:a4:55:e7:2b:47:ee:1f:
ec:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:BA:49:BF:0B:28:38:8A:E2:77:47:75:94:04:82:E8:66:1B:EC:F6
X509v3 Authority Key Identifier:
keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/ALpJvwsoOIrid0d1lASC6GYb7PY.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.199.96.0/20
Signature Algorithm: sha256WithRSAEncryption
7d:2d:75:00:1a:2d:81:1b:a1:7d:41:af:c8:ca:64:ae:d8:2a:
d5:79:12:96:66:41:80:be:aa:8e:2b:4f:df:b6:08:20:0b:04:
e7:7c:43:b9:29:25:60:c9:24:cf:79:7d:58:02:57:a0:33:99:
60:83:16:a0:6a:47:2b:5d:31:13:7d:d4:d6:12:56:b0:62:15:
7a:d1:dc:cf:a0:77:55:83:19:7d:57:0c:4c:8f:d2:ae:8a:eb:
35:7b:b1:ff:43:79:e3:78:3d:05:ad:e3:fe:a2:7c:69:a4:f3:
2c:4e:08:48:9e:cd:a7:97:08:37:b5:bb:5e:7f:9c:5c:ac:0c:
b2:e5:73:25:03:fb:d9:5f:6c:37:8a:dc:de:21:44:1d:16:9b:
f3:24:e3:c4:5b:45:44:4a:a3:b7:a1:09:e3:f9:a9:2a:95:60:
93:60:dd:ad:6d:7b:cc:58:29:54:37:ff:95:46:eb:86:83:4a:
fe:7b:b2:ae:40:b5:88:da:af:c2:8b:95:fc:e9:da:b8:73:6b:
f0:56:bb:a5:1c:61:dd:2b:7f:2f:b3:01:dd:ea:9b:b5:b4:17:
d3:58:3c:60:5b:42:6e:e8:b9:1d:eb:3b:7b:b5:1c:a1:83:53:
44:55:0f:1a:01:4a:c3:81:3b:64:d4:a2:2d:9f:b2:1c:48:a4:
f7:ab:94:20
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCOAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG
RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yMTAyMDcx
MTUzMzNaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDAwQkE0OUJGMEIyODM4
OEFFMjc3NDc3NTk0MDQ4MkU4NjYxQkVDRjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGc9sNz3gKKQjH1fEiDAwj2AoN5FWQWSfkEpX/sQa9xp56pA9U
/Yb5sBkncJMzdtbAG+wt7ijsxRVc1WWXki8soVm3FyroAl/PTbDIRj9TbncGOPAb
CrTzwJa0worX8GcjCI8hhDkYQlf3ieFLq8zqbY4pLvowME2vseFIQLpUAdRNQu9G
YAlog1i+0AdHAk1yZWCHu67Dqfi+LyPq/ZrjSGNlmSd3CNPJ0qq/qX8nKCw2IbxC
te+/d4Irmh/8VH35mX7vZmyMUBFGYBH4VPJq43keJwOWp30xoPFITJzhZrWab+du
yhWSwo1n1mYmSOGd7lc1Aw6jpFXnK0fuH+ztAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUALpJvwsoOIrid0d1lASC6GYb7PYwHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ
7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm
NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL0FMcEp2d3NvT0lyaWQwZDFsQVNDNkdZ
YjdQWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAR8x2AwDQYJ
KoZIhvcNAQELBQADggEBAH0tdQAaLYEboX1Br8jKZK7YKtV5EpZmQYC+qo4rT9+2
CCALBOd8Q7kpJWDJJM95fVgCV6AzmWCDFqBqRytdMRN91NYSVrBiFXrR3M+gd1WD
GX1XDEyP0q6K6zV7sf9DeeN4PQWt4/6ifGmk8yxOCEiezaeXCDe1u15/nFysDLLl
cyUD+9lfbDeK3N4hRB0Wm/Mk48RbRURKo7ehCeP5qSqVYJNg3a1te8xYKVQ3/5VG
64aDSv57sq5AtYjar8KLlfzp2rhza/BWu6UcYd0rfy+zAd3qm7W0F9NYPGBbQm7o
uR3rO3u1HKGDU0RVDxoBSsOBO2TUoi2fshxIpPerlCA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:02 2023 by rpki-client on console-fra.rpki-client.org