Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/GSN/khzWXEdDnsCO9-erdXrsgvZZhRg.roa
File: khzWXEdDnsCO9-erdXrsgvZZhRg.roa (raw, json)
Hash identifier: 7IYUqM2LW1LyfbU6v1m68m76KCyXbHU1KIDcd97aR5Q=
Subject key identifier: 92:1C:D6:5C:47:43:9E:C0:8E:F7:E7:AB:75:7A:EC:82:F6:59:85:18
Certificate issuer: /CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Certificate serial: 08DE
Authority key identifier: 75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/khzWXEdDnsCO9-erdXrsgvZZhRg.roa
Signing time: Sun 07 Feb 2021 11:53:32 +0000
ROA not before: Sun 07 Feb 2021 11:53:32 +0000
ROA not after: Wed 29 Sep 2021 09:51:23 +0000
asID: 4782
IP address blocks: 124.199.64.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2270 (0x8de)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75FE53C611B4FD56B3F68319EECA6289F3F0F2A9
Validity
Not Before: Feb 7 11:53:32 2021 GMT
Not After : Sep 29 09:51:23 2021 GMT
Subject: CN=921CD65C47439EC08EF7E7AB757AEC82F6598518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:74:a3:12:cb:dc:ca:c6:c5:86:2f:61:69:56:
f9:c3:54:3c:e5:50:5b:7a:ee:48:c2:6d:de:ca:a0:
73:f8:a2:0f:bb:80:39:62:e8:f1:58:e2:b2:e5:e5:
74:6c:ca:e2:a5:f9:6c:63:0d:a7:b2:6f:7a:03:57:
f6:20:2e:dc:65:eb:20:67:b3:53:10:89:ee:25:6d:
63:a8:71:76:29:9d:5e:71:48:da:34:52:95:6a:84:
b0:29:6d:83:bd:93:0b:a7:7e:31:44:b8:fa:c6:71:
da:b8:2b:c2:5f:6c:94:d3:e4:b2:0f:65:71:60:b4:
1d:86:82:0d:b1:93:dc:f6:7c:c4:c0:ef:1d:32:e2:
d6:87:db:b3:13:f6:2f:83:3b:2c:75:4e:9b:23:23:
7f:e3:39:d2:a2:e5:ed:8b:73:b0:54:50:da:b9:6c:
f5:f2:02:f7:95:30:03:52:41:0d:e3:86:c8:46:18:
15:a2:8a:55:4d:b9:d9:30:dd:b6:d0:5a:ed:64:70:
3b:b2:a1:6c:66:6b:14:99:a8:28:88:a1:ff:e1:89:
b9:78:e9:05:78:c3:0c:b0:72:59:43:13:2a:ea:7a:
be:25:e4:a9:7a:9f:15:d3:7d:91:6f:d0:b9:4c:2c:
87:30:67:39:de:97:c4:5f:9e:ba:ef:d6:35:de:1b:
c2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1C:D6:5C:47:43:9E:C0:8E:F7:E7:AB:75:7A:EC:82:F6:59:85:18
X509v3 Authority Key Identifier:
keyid:75:FE:53:C6:11:B4:FD:56:B3:F6:83:19:EE:CA:62:89:F3:F0:F2:A9
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/df5TxhG0_Vaz9oMZ7spiifPw8qk.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/df5TxhG0_Vaz9oMZ7spiifPw8qk.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/GSN/khzWXEdDnsCO9-erdXrsgvZZhRg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
124.199.64.0/19
Signature Algorithm: sha256WithRSAEncryption
6e:44:20:3d:32:3d:45:30:30:35:1a:f1:5f:c7:99:ac:f0:b0:
f6:83:27:ad:d5:b0:77:a9:ec:8d:5f:32:50:e6:62:a1:82:7c:
1b:13:79:e8:f6:11:c5:c9:14:99:6c:26:d8:54:dd:61:28:56:
74:15:00:5c:f4:a4:29:9f:0d:02:91:89:1e:f4:38:e1:a6:92:
a5:86:e0:4f:53:89:14:af:cf:60:d4:c7:d4:54:6a:53:28:b7:
3f:cd:f4:bd:9c:79:2d:6b:a0:95:36:76:a2:7c:5e:58:3c:62:
16:3a:10:5f:24:2a:b9:02:c2:f1:fc:85:75:d4:ca:11:70:17:
c3:19:72:ef:c0:fa:31:1c:33:4b:f6:57:ac:90:cd:06:6e:6c:
59:b8:e2:bc:34:37:e0:9e:d1:34:70:cd:52:03:6d:f6:b6:cf:
4e:43:64:0e:59:32:8e:8d:c3:81:ed:3c:3b:f7:77:bf:66:f1:
48:f7:71:b1:33:27:52:bb:0e:88:52:e6:c2:df:ee:c8:0c:71:
9e:ca:18:8d:33:22:0a:d1:3a:c4:09:21:d9:27:0d:56:a8:e9:
58:c7:11:6c:2e:e3:51:ac:e2:49:a5:42:03:af:04:78:bd:b1:
0c:95:53:64:5d:28:4c:0c:c9:f5:a4:15:ff:9b:dd:6a:af:de:
2e:9e:99:43
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgICCN4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNzVG
RTUzQzYxMUI0RkQ1NkIzRjY4MzE5RUVDQTYyODlGM0YwRjJBOTAeFw0yMTAyMDcx
MTUzMzJaFw0yMTA5MjkwOTUxMjNaMDMxMTAvBgNVBAMTKDkyMUNENjVDNDc0MzlF
QzA4RUY3RTdBQjc1N0FFQzgyRjY1OTg1MTgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDGdKMSy9zKxsWGL2FpVvnDVDzlUFt67kjCbd7KoHP4og+7gDli
6PFY4rLl5XRsyuKl+WxjDaeyb3oDV/YgLtxl6yBns1MQie4lbWOocXYpnV5xSNo0
UpVqhLApbYO9kwunfjFEuPrGcdq4K8JfbJTT5LIPZXFgtB2Ggg2xk9z2fMTA7x0y
4taH27MT9i+DOyx1TpsjI3/jOdKi5e2Lc7BUUNq5bPXyAveVMANSQQ3jhshGGBWi
ilVNudkw3bbQWu1kcDuyoWxmaxSZqCiIof/hibl46QV4wwywcllDEyrqer4l5Kl6
nxXTfZFv0LlMLIcwZznel8Rfnrrv1jXeG8JhAgMBAAGjggHoMIIB5DAdBgNVHQ4E
FgQUkhzWXEdDnsCO9+erdXrsgvZZhRgwHwYDVR0jBBgwFoAUdf5TxhG0/Vaz9oMZ
7spiifPw8qkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZBgNVHR8EUjBQME6g
TKBKhkhyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2Rm
NVR4aEcwX1ZhejlvTVo3c3BpaWZQdzhxay5jcmwwYAYIKwYBBQUHAQEEVDBSMFAG
CCsGAQUFBzAChkRyc3luYzovL3Jwa2ljYS50d25pYy50dy9ycGtpL1RXTklDQ0Ev
ZGY1VHhoRzBfVmF6OW9NWjdzcGlpZlB3OHFrLmNlcjAOBgNVHQ8BAf8EBAMCB4Aw
gZkGCCsGAQUFBwELBIGMMIGJMFQGCCsGAQUFBzALhkhyc3luYzovL3Jwa2ljYS50
d25pYy50dy9ycGtpL1RXTklDQ0EvR1NOL2toeldYRWREbnNDTzktZXJkWHJzZ3Za
WmhSZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9ycmRw
L25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAV8x0AwDQYJ
KoZIhvcNAQELBQADggEBAG5EID0yPUUwMDUa8V/HmazwsPaDJ63VsHep7I1fMlDm
YqGCfBsTeej2EcXJFJlsJthU3WEoVnQVAFz0pCmfDQKRiR70OOGmkqWG4E9TiRSv
z2DUx9RUalMotz/N9L2ceS1roJU2dqJ8Xlg8YhY6EF8kKrkCwvH8hXXUyhFwF8MZ
cu/A+jEcM0v2V6yQzQZubFm44rw0N+Ce0TRwzVIDbfa2z05DZA5ZMo6Nw4HtPDv3
d79m8Uj3cbEzJ1K7DohS5sLf7sgMcZ7KGI0zIgrROsQJIdknDVao6VjHEWwu41Gs
4kmlQgOvBHi9sQyVU2RdKEwMyfWkFf+b3Wqv3i6emUM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:43 2025 by rpki-client