Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/E2ftDvCypgMWbxX8P2eJ5IOc9cs.roa
File: E2ftDvCypgMWbxX8P2eJ5IOc9cs.roa (raw, json)
Hash identifier: tfjwyNDVAArRM4Iq8okX18a0OHiZitbWEUDPCIKI01k=
Subject key identifier: 13:67:ED:0E:F0:B2:A6:03:16:6F:15:FC:3F:67:89:E4:83:9C:F5:CB
Certificate issuer: /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Certificate serial: 0B88
Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/E2ftDvCypgMWbxX8P2eJ5IOc9cs.roa
Signing time: Fri 01 Sep 2023 08:54:46 +0000
ROA not before: Fri 01 Sep 2023 08:54:46 +0000
ROA not after: Sat 31 Aug 2024 03:10:53 +0000
asID: 4782
IP address blocks: 163.29.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2952 (0xb88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Validity
Not Before: Sep 1 08:54:46 2023 GMT
Not After : Aug 31 03:10:53 2024 GMT
Subject: CN=1367ED0EF0B2A603166F15FC3F6789E4839CF5CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:9a:fa:d9:cb:11:00:ee:02:8a:6d:7b:5d:9d:
ec:e4:29:f7:22:bc:c6:3b:42:d2:fe:45:35:18:62:
d9:1d:ce:3b:f2:4a:7e:5d:60:39:60:0d:a8:48:cb:
f5:70:97:0a:cd:1f:ba:e0:38:8a:80:b2:78:42:db:
8c:ed:5b:0f:f0:5e:a4:e7:2b:9a:f6:70:03:8d:6e:
04:5d:9d:27:13:f3:0d:88:a3:4f:07:3a:00:4e:14:
03:a6:4d:31:c8:f9:99:99:cd:fb:22:22:c8:da:bb:
79:02:57:ac:4a:a9:74:00:7b:45:d5:5c:01:b4:df:
1c:71:52:57:1e:c9:9d:bb:9f:4f:7b:58:64:45:4a:
98:a3:48:d4:1c:2a:a8:b6:c5:08:c3:43:d2:8a:2b:
cd:12:43:26:e1:2f:e0:f2:ba:8b:e2:a6:f2:14:8e:
39:84:bc:7b:91:4c:e9:e0:e8:2a:ce:58:8e:d7:c4:
e5:ae:21:95:e6:6f:2a:28:54:cb:05:9a:46:2d:78:
ae:36:b6:a8:6e:01:9f:83:a0:9e:8c:44:47:54:46:
f5:52:f1:4a:ed:02:eb:51:6b:7a:70:f2:92:d1:9e:
7b:c2:b9:83:7c:1a:3b:ad:f0:7c:69:8f:33:bc:f2:
e9:27:ab:a8:09:db:7d:ca:ed:6f:45:0c:b8:73:c2:
73:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:67:ED:0E:F0:B2:A6:03:16:6F:15:FC:3F:67:89:E4:83:9C:F5:CB
X509v3 Authority Key Identifier:
keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/E2ftDvCypgMWbxX8P2eJ5IOc9cs.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
163.29.0.0/16
Signature Algorithm: sha256WithRSAEncryption
71:56:7e:04:2b:e4:53:a5:c2:14:0e:9e:a1:5e:51:eb:97:2c:
81:15:0e:0a:08:e6:2e:86:e8:48:53:e2:3f:0a:d3:a3:57:98:
f4:29:24:81:3e:9c:79:da:a5:3b:53:64:8a:46:84:c3:88:cd:
dd:2f:2d:61:d2:1c:67:f3:2a:09:f0:90:33:0c:58:d4:ff:4e:
b4:89:ae:08:0f:12:2d:24:84:1c:78:3f:fd:3c:30:ab:79:7d:
6b:84:d4:6d:a0:d7:b8:3d:f0:58:9a:9b:14:46:b4:4e:2d:b4:
93:3c:aa:fa:61:3b:99:b9:e3:98:5c:e7:0e:1f:bb:af:ab:d9:
bf:2f:71:f6:7a:a2:40:bf:6a:44:97:66:21:7f:a4:06:bb:a6:
bc:0a:80:b4:f0:65:d5:32:6e:84:d1:0d:e5:77:f7:47:f5:4c:
c0:26:9f:a5:9e:1b:1e:94:29:e6:ca:d9:79:2f:e4:30:a8:51:
8d:88:30:95:6a:c2:fd:e1:8d:3b:9a:ba:08:64:8a:6f:fc:c6:
94:a1:2b:64:be:34:22:81:f3:12:d7:07:da:6f:05:ee:05:af:
b5:ec:d1:d1:ab:35:51:c4:5f:3b:ad:01:2b:61:82:50:5b:e1:
67:84:c5:4e:0a:17:5b:e9:c1:0a:ad:73:83:5c:0e:33:8d:0d:
5d:75:44:74
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICC4gwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG
RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yMzA5MDEw
ODU0NDZaFw0yNDA4MzEwMzEwNTNaMDMxMTAvBgNVBAMTKDEzNjdFRDBFRjBCMkE2
MDMxNjZGMTVGQzNGNjc4OUU0ODM5Q0Y1Q0IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5mvrZyxEA7gKKbXtdnezkKfcivMY7QtL+RTUYYtkdzjvySn5d
YDlgDahIy/VwlwrNH7rgOIqAsnhC24ztWw/wXqTnK5r2cAONbgRdnScT8w2Io08H
OgBOFAOmTTHI+ZmZzfsiIsjau3kCV6xKqXQAe0XVXAG03xxxUlceyZ27n097WGRF
SpijSNQcKqi2xQjDQ9KKK80SQybhL+DyuovipvIUjjmEvHuRTOng6CrOWI7XxOWu
IZXmbyooVMsFmkYteK42tqhuAZ+DoJ6MREdURvVS8UrtAutRa3pw8pLRnnvCuYN8
Gjut8HxpjzO88uknq6gJ233K7W9FDLhzwnNnAgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUE2ftDvCypgMWbxX8P2eJ5IOc9cswHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ
7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm
NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL0UyZnREdkN5cGdNV2J4WDhQMmVKNUlP
Yzljcy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwCjHTANBgkq
hkiG9w0BAQsFAAOCAQEAcVZ+BCvkU6XCFA6eoV5R65csgRUOCgjmLoboSFPiPwrT
o1eY9CkkgT6cedqlO1NkikaEw4jN3S8tYdIcZ/MqCfCQMwxY1P9OtImuCA8SLSSE
HHg//Twwq3l9a4TUbaDXuD3wWJqbFEa0Ti20kzyq+mE7mbnjmFznDh+7r6vZvy9x
9nqiQL9qRJdmIX+kBrumvAqAtPBl1TJuhNEN5Xf3R/VMwCafpZ4bHpQp5srZeS/k
MKhRjYgwlWrC/eGNO5q6CGSKb/zGlKErZL40IoHzEtcH2m8F7gWvtezR0as1UcRf
O60BK2GCUFvhZ4TFTgoXW+nBCq1zg1wOM40NXXVEdA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:33:55 2025 by rpki-client