Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/OUZA3mgj9mqL0O2DZ8SwfGhDEyI.roa
File: OUZA3mgj9mqL0O2DZ8SwfGhDEyI.roa (raw, json)
Hash identifier: MfBPskKEBlT9wqdWSUyDsBR8QjGxf8LLmevgQNHmqH0=
Subject key identifier: 39:46:40:DE:68:23:F6:6A:8B:D0:ED:83:67:C4:B0:7C:68:43:13:22
Certificate issuer: /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Certificate serial: 0999
Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/OUZA3mgj9mqL0O2DZ8SwfGhDEyI.roa
Signing time: Wed 29 Sep 2021 02:38:10 +0000
ROA not before: Wed 29 Sep 2021 02:38:10 +0000
ROA not after: Thu 29 Sep 2022 02:36:22 +0000
asID: 4782
IP address blocks: 163.29.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2457 (0x999)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Validity
Not Before: Sep 29 02:38:10 2021 GMT
Not After : Sep 29 02:36:22 2022 GMT
Subject: CN=394640DE6823F66A8BD0ED8367C4B07C68431322
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:32:8e:c6:9c:8e:91:ec:ee:de:e4:18:1d:c3:
11:7b:e7:12:b1:e1:b6:52:13:a5:93:e8:22:54:7a:
a2:6b:8e:1d:b3:c7:19:f9:c3:04:c7:29:6b:a6:3b:
3b:e8:42:fd:76:e4:c2:4b:bc:82:67:b8:18:b6:34:
53:34:8e:e2:7f:c6:82:2e:bf:91:9f:9a:82:c3:05:
0d:f7:fe:66:fc:41:57:99:37:d8:20:f5:c5:21:2d:
89:9e:2b:d6:f0:03:6c:6c:3b:82:a9:ba:c2:a8:cf:
b7:37:98:4c:3b:2c:b0:8a:87:26:6c:45:e4:20:78:
ad:6b:0e:70:c2:6d:12:1b:37:86:3b:0d:da:c3:a7:
41:da:fc:92:30:0e:d7:db:9e:5b:ed:17:62:d4:74:
f2:11:a2:f2:d8:bb:4b:ea:e4:96:bf:ed:db:51:ab:
d7:83:1c:bb:d3:4f:b7:41:2f:94:a7:79:9d:1b:58:
7a:01:08:da:20:f3:7a:e6:ef:04:a8:26:e5:0f:f0:
05:eb:57:74:25:2d:cc:e0:28:a2:ca:e3:50:3b:19:
70:58:9f:6c:3f:85:a5:77:99:ca:cc:64:59:5e:d5:
f7:24:6b:c5:0f:86:90:8d:36:ff:d6:cc:9b:57:33:
97:42:4c:29:44:54:f7:72:f8:0e:e8:c0:33:2b:d4:
34:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:46:40:DE:68:23:F6:6A:8B:D0:ED:83:67:C4:B0:7C:68:43:13:22
X509v3 Authority Key Identifier:
keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/OUZA3mgj9mqL0O2DZ8SwfGhDEyI.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
163.29.0.0/16
Signature Algorithm: sha256WithRSAEncryption
29:e9:a1:e2:99:41:99:16:31:5e:36:77:00:5c:87:f8:0d:1a:
e6:28:80:39:f2:25:ac:7f:8a:0e:d7:7a:67:6a:32:75:3a:a5:
6a:0c:c4:2a:b5:7a:c2:d5:e6:73:c9:6b:e4:63:77:2f:40:55:
dc:59:03:5f:ba:fc:1e:9d:35:a5:f7:de:f8:a1:c0:ef:22:a1:
cd:7a:a2:98:c7:69:d8:87:90:f3:9e:4c:f9:5c:bb:75:a8:e5:
cf:b6:e7:6b:62:1d:a0:70:0a:da:07:68:3c:de:4f:63:87:ea:
80:d5:8b:53:d6:b9:1d:fb:ae:e5:52:14:52:cd:c7:61:ab:6d:
a6:b2:53:88:15:84:78:fa:bb:aa:94:0d:d8:ce:a7:d9:30:c4:
7b:89:44:9a:05:83:08:b9:d3:a6:a3:1e:c5:48:9c:38:89:cf:
8d:9b:b2:10:4b:8c:43:cb:8c:5c:79:2f:3f:8d:e7:85:07:57:
8f:3e:db:f2:fb:49:dd:1e:3b:fc:88:71:1f:a9:ef:50:4f:52:
0b:82:1e:3c:41:37:21:46:b9:40:41:82:5b:bc:93:f7:f7:12:
8e:de:15:90:59:e7:ad:69:ae:63:ca:85:e2:c6:47:47:42:a7:
62:3b:a3:cd:3f:7d:6c:44:2f:4f:df:e7:64:9b:fa:91:69:9f:
f6:65:0e:b9
-----BEGIN CERTIFICATE-----
MIIEyzCCA7OgAwIBAgICCZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG
RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yMTA5Mjkw
MjM4MTBaFw0yMjA5MjkwMjM2MjJaMDMxMTAvBgNVBAMTKDM5NDY0MERFNjgyM0Y2
NkE4QkQwRUQ4MzY3QzRCMDdDNjg0MzEzMjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzMo7GnI6R7O7e5BgdwxF75xKx4bZSE6WT6CJUeqJrjh2zxxn5
wwTHKWumOzvoQv125MJLvIJnuBi2NFM0juJ/xoIuv5GfmoLDBQ33/mb8QVeZN9gg
9cUhLYmeK9bwA2xsO4KpusKoz7c3mEw7LLCKhyZsReQgeK1rDnDCbRIbN4Y7DdrD
p0Ha/JIwDtfbnlvtF2LUdPIRovLYu0vq5Ja/7dtRq9eDHLvTT7dBL5SneZ0bWHoB
CNog83rm7wSoJuUP8AXrV3QlLczgKKLK41A7GXBYn2w/haV3mcrMZFle1fcka8UP
hpCNNv/WzJtXM5dCTClEVPdy+A7owDMr1DQ9AgMBAAGjggHnMIIB4zAdBgNVHQ4E
FgQUOUZA3mgj9mqL0O2DZ8SwfGhDEyIwHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ
7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm
NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL09VWkEzbWdqOW1xTDBPMkRaOFN3Zkdo
REV5SS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwCjHTANBgkq
hkiG9w0BAQsFAAOCAQEAKemh4plBmRYxXjZ3AFyH+A0a5iiAOfIlrH+KDtd6Z2oy
dTqlagzEKrV6wtXmc8lr5GN3L0BV3FkDX7r8Hp01pffe+KHA7yKhzXqimMdp2IeQ
855M+Vy7dajlz7bna2IdoHAK2gdoPN5PY4fqgNWLU9a5Hfuu5VIUUs3HYattprJT
iBWEePq7qpQN2M6n2TDEe4lEmgWDCLnTpqMexUicOInPjZuyEEuMQ8uMXHkvP43n
hQdXjz7b8vtJ3R47/IhxH6nvUE9SC4IePEE3IUa5QEGCW7yT9/cSjt4VkFnnrWmu
Y8qF4sZHR0KnYjujzT99bEQvT9/nZJv6kWmf9mUOuQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 20:00:07 2024 by rpki-client on console-ams.rpki-client.org